urlscan.io logo urlscan.io
SecurityTrails logo

www.thecanary.co Open in urlscan Pro
2606:4700:30::681b:835a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thecanary.co/
Effective URL: https://www.thecanary.co/
Submission: On March 23 via automatic, source alexatop100k
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 8 countries across 61 domains to perform 232 HTTP transactions. The main IP is 2606:4700:30::681b:835a, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.thecanary.co.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 9th 2019. Valid for: 6 months.
This is the only time www.thecanary.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 44 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.37.115.103 16276 (OVH)
1 13.35.253.50 16509 (AMAZON-02)
2 2600:9000:204... 16509 (AMAZON-02)
1 35.190.72.53 15169 (GOOGLE)
8 2.18.232.7 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 52.212.164.235 16509 (AMAZON-02)
3 18.130.30.105 16509 (AMAZON-02)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.174 15133 (EDGECAST)
3 54.194.88.117 16509 (AMAZON-02)
2 151.101.2.217 54113 (FASTLY)
2 35.190.63.234 15169 (GOOGLE)
1 13.35.253.116 16509 (AMAZON-02)
3 35.158.215.78 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.35.253.113 16509 (AMAZON-02)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 2600:9000:204... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.130 44788 (ASN-CRITE...)
1 91.228.74.188 27281 (QUANTCAST)
1 13.35.253.57 16509 (AMAZON-02)
2 151.101.121.108 54113 (FASTLY)
3 178.32.127.114 16276 (OVH)
1 178.33.104.182 16276 (OVH)
18 54.229.254.12 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 172.217.16.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.18.15.238 16509 (AMAZON-02)
2 4 104.111.214.103 16625 (AKAMAI-AS)
1 2600:9000:204... 16509 (AMAZON-02)
4 4 185.64.189.110 ()
8 10 172.217.16.162 15169 (GOOGLE)
3 3 46.228.164.13 ()
4 4 52.210.60.105 ()
2 2 185.33.223.208 ()
3 3 185.33.223.210 ()
2 9 34.249.56.252 16509 (AMAZON-02)
1 178.250.2.89 44788 (ASN-CRITE...)
3 213.19.162.71 26667 (RUBICONPR...)
1 178.162.133.150 60781 (LEASEWEB-...)
2 35.203.66.107 15169 (GOOGLE)
1 2.18.234.21 16625 (AKAMAI-AS)
1 2 185.33.223.80 29990 (ASN-APPNEXUS)
1 173.241.240.220 36089 (OPENX-AS1)
1 13.35.253.63 16509 (AMAZON-02)
1 91.228.74.213 27281 (QUANTCAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 104.111.241.32 16625 (AKAMAI-AS)
2 2 34.192.130.172 ()
3 13 2.18.233.201 16625 (AKAMAI-AS)
2 2 52.211.27.134 ()
2 3 18.195.52.121 16509 (AMAZON-02)
1 34.251.129.195 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 185.29.135.48 30419 (MEDIAMATH...)
2 213.19.162.77 26667 (RUBICONPR...)
2 136.243.44.166 24940 (HETZNER-AS)
2 185.29.133.199 30419 (MEDIAMATH...)
2 2 185.29.135.181 ()
1 52.31.110.40 16509 (AMAZON-02)
1 8 52.48.121.18 16509 (AMAZON-02)
2 4 173.241.240.151 36089 (OPENX-AS1)
1 2 173.241.240.143 36089 (OPENX-AS1)
2 2 37.157.4.25 ()
2 2 52.18.226.220 ()
1 3 136.243.45.142 24940 (HETZNER-AS)
1 2 195.216.249.67 47268 (ZANOX)
1 1 85.10.231.199 ()
2 46.18.188.30 60220 (AFFILI)
2 2 104.155.76.175 ()
1 2.16.186.48 20940 (AKAMAI-ASN1)
3 104.111.230.142 16625 (AKAMAI-AS)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 136.243.51.211 24940 (HETZNER-AS)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
6 46.236.13.147 24931 (DEDIPOWER)
1 85.214.124.106 6724 (STRATO ST...)
3 6 172.217.22.6 15169 (GOOGLE)
1 2600:9000:204... ()
3 46.236.12.250 ()
4 2a00:1450:400... ()
1 54.76.113.123 ()
1 1 46.228.164.11 ()
4 52.49.254.226 ()
1 1 85.114.159.93 ()
2 2 18.153.11.25 ()
2 2 18.196.37.19 ()
1 51.77.128.18 ()
1 1 54.246.129.36 ()
1 2a00:1450:400... ()
232 83
44    2606:4700:30::681b:835a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
thecanary.co
www.thecanary.co
1    2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    54.37.115.103 (Woodbridge, United States)

ASN16276 (OVH, FR)
PTR: fo-api-fra01.omnitagjs.com
fo-api.omnitagjs.com
1    13.35.253.50 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-50.fra6.r.cloudfront.net
js.gumgum.com
2    2600:9000:2043:3200:1b:9b08:7f00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.rhombusads.com
1    35.190.72.53 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 53.72.190.35.bc.googleusercontent.com
static.apester.com
8    2.18.232.7 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
t.teads.tv
1    2606:4700:10::6814:a25 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
sac.ayads.co
2    52.212.164.235 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-164-235.eu-west-1.compute.amazonaws.com
uk.ads.justpremium.com
3    18.130.30.105 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-130-30-105.eu-west-2.compute.amazonaws.com
ads.counciladvertising.net
4    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
4    2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    152.199.19.174 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
fo-static.omnitagjs.com
3    54.194.88.117 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-88-117.eu-west-1.compute.amazonaws.com
antenna.ayads.co
2    151.101.2.217 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
display.apester.com
2    35.190.63.234 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 234.63.190.35.bc.googleusercontent.com
events.apester.com
1    13.35.253.116 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-116.fra6.r.cloudfront.net
cdn-cf.justpremium.com
3    35.158.215.78 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-215-78.eu-central-1.compute.amazonaws.com
emea-v3.tracking.justpremium.com
2    2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:400c:c08::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    13.35.253.113 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-113.fra6.r.cloudfront.net
tag.getdrip.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2600:9000:2043:b800:e:c158:8400:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
assets.counciladvertising.net
4    2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    91.228.74.188 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    13.35.253.57 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-57.fra6.r.cloudfront.net
p.cpx.to
2    151.101.121.108 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
3    178.32.127.114 (France)

ASN16276 (OVH, FR)
PTR: tracking-fra01.omnitagjs.com
tracking.omnitagjs.com
1    178.33.104.182 (France)

ASN16276 (OVH, FR)
PTR: ssp-fra01.omnitagjs.com
fo-ssp.omnitagjs.com
18    54.229.254.12 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
7    172.217.16.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:80b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    3.18.15.238 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-18-15-238.us-east-2.compute.amazonaws.com
api.rhombusads.com
4    104.111.214.103 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2600:9000:2043:be00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
4    185.64.189.110 (United Kingdom)

ASN- ()
image2.pubmatic.com
10    172.217.16.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f162.1e100.net
cm.g.doubleclick.net
3    46.228.164.13 (United Kingdom)

ASN- ()
d.turn.com
4    52.210.60.105 (Dublin, Ireland)

ASN- ()
ads.avocet.io
2    185.33.223.208 (European Union)

ASN- ()
secure.adnxs.com
3    185.33.223.210 (European Union)

ASN- ()
secure.adnxs.com
9    34.249.56.252 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
ml314.com
1    178.250.2.89 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    213.19.162.71 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    35.203.66.107 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 107.66.203.35.bc.googleusercontent.com
dmx.districtm.io
1    2.18.234.21 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
2    185.33.223.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org
can-digital-d.openx.net
1    13.35.253.63 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-63.fra6.r.cloudfront.net
api.getdrip.com
1    91.228.74.213 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
1    2606:4700:10::6814:b25 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gkng.ayads.co
3    104.111.241.32 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
2    34.192.130.172 (Ashburn, United States)

ASN- ()
idsync.rlcdn.com
13    2.18.233.201 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    52.211.27.134 (Dublin, Ireland)

ASN- ()
sync.crwdcntrl.net
3    18.195.52.121 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-52-121.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    34.251.129.195 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-129-195.eu-west-1.compute.amazonaws.com
optchk.ayads.co
1    2a00:1450:4001:820::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
2    185.29.135.48 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
tags.mathtag.com
2    213.19.162.77 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu-ams3.rubiconproject.com
2    136.243.44.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.166.44.243.136.clients.your-server.de
hal9000.redintelligence.net
2    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
tags.mathtag.com
2    185.29.135.181 (United Kingdom)

ASN- ()
sync.mathtag.com
1    52.31.110.40 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-110-40.eu-west-1.compute.amazonaws.com
pre.ads.justpremium.com
8    52.48.121.18 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    173.241.240.151 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-151.xa.dc.openx.org
ox-d.justpremium.com
2    173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
u.openx.net
eu-u.openx.net
2    37.157.4.25 (Denmark)

ASN- ()
track.adform.net
2    52.18.226.220 (Dublin, Ireland)

ASN- ()
match.adsrvr.org
3    136.243.45.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.45.243.136.clients.your-server.de
hal900025.redintelligence.net
2    195.216.249.67 (France)

ASN47268 (ZANOX, FR)
ad.zanox.com
1    85.10.231.199 (Germany)

ASN- ()
pb.media01.eu
2    46.18.188.30 (Germany)

ASN60220 (AFFILI, DE)
banners.webmasterplan.com
2    104.155.76.175 (Mountain View, United States)

ASN- ()
ads.creative-serving.com
1    2.16.186.48 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-48.deploy.static.akamaitechnologies.com
creative-a.akamaihd.net
3    104.111.230.142 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2606:4700:30::681c:13e8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.districtm.io
2    136.243.51.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.51.243.136.clients.your-server.de
hal900010.redintelligence.net
1    2a0b:4d07:101::1 (Germany)

ASN44239 (PROINITY PROINITY, DE)
adv.office-partner.de
6    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    85.214.124.106 (Berlin, Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: h2491987.stratoserver.net
banner.congstar.de
6    172.217.22.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net
ad.doubleclick.net
5994599.fls.doubleclick.net
1    2600:9000:2043:a800:9:352d:a240:93a1 (United States)

ASN- ()
analytics.webgains.io
3    46.236.12.250 (United Kingdom)

ASN- ()
PTR: 46-236-12-250.servers.dedipower.net
diapi.webgains.com
4    2a00:1450:4001:819::2013 (Ireland)

ASN- ()
w-it.m-t.io
1    54.76.113.123 (Dublin, Ireland)

ASN- ()
PTR: ec2-54-76-113-123.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    46.228.164.11 (United Kingdom)

ASN- ()
ad.turn.com
4    52.49.254.226 (Dublin, Ireland)

ASN- ()
ad.360yield.com
1    85.114.159.93 (Germany)

ASN- ()
dsp.adfarm1.adition.com
2    18.153.11.25 (Cambridge, United States)

ASN- ()
PTR: ec2-18-153-11-25.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.196.37.19 (Cambridge, United States)

ASN- ()
rtb.mfadsrvr.com
1    51.77.128.18 (United Kingdom)

ASN- ()
gu.dyntrk.com
1    54.246.129.36 (Dublin, Ireland)

ASN- ()
sync.widespace.com
1    2a00:1450:4001:814::2002 (Ireland)

ASN- ()
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
44 thecanary.co
thecanary.co
www.thecanary.co
1 MB
25 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
5994599.fls.doubleclick.net
91 KB
19 mathtag.com
pixel.mathtag.com
tags.mathtag.com
sync.mathtag.com
13 KB
19 cpx.to
p.cpx.to
s.cpx.to
15 KB
13 360yield.com
ad.360yield.com
14 KB
11 justpremium.com
uk.ads.justpremium.com
cdn-cf.justpremium.com
emea-v3.tracking.justpremium.com
pre.ads.justpremium.com
ox-d.justpremium.com
69 KB
9 webgains.com
track.webgains.com
diapi.webgains.com
45 KB
9 ml314.com
ml314.com
16 KB
9 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
38 KB
8 rubiconproject.com
fastlane.rubiconproject.com
beacon-eu-ams3.rubiconproject.com
eus.rubiconproject.com
9 KB
8 teads.tv
a.teads.tv
sync.teads.tv
t.teads.tv
186 KB
7 redintelligence.net
hal9000.redintelligence.net
hal900025.redintelligence.net
hal900010.redintelligence.net
11 KB
6 ayads.co
sac.ayads.co
antenna.ayads.co
gkng.ayads.co
optchk.ayads.co
77 KB
6 omnitagjs.com
fo-api.omnitagjs.com
fo-static.omnitagjs.com
tracking.omnitagjs.com
fo-ssp.omnitagjs.com
68 KB
5 apester.com
static.apester.com
display.apester.com
events.apester.com
39 KB
4 m-t.io
w-it.m-t.io
361 B
4 avocet.io
ads.avocet.io
2 KB
4 turn.com
d.turn.com
ad.turn.com
2 KB
4 pubmatic.com
image2.pubmatic.com
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com
2 KB
4 googletagservices.com
www.googletagservices.com
98 KB
4 facebook.com
www.facebook.com
393 B
4 google-analytics.com
www.google-analytics.com
19 KB
4 facebook.net
connect.facebook.net
114 KB
4 counciladvertising.net
ads.counciladvertising.net
assets.counciladvertising.net
98 KB
4 rhombusads.com
cdn.rhombusads.com
api.rhombusads.com
74 KB
3 eyeota.net
ps.eyeota.net
875 B
3 bluekai.com
tags.bluekai.com
stags.bluekai.com
2 KB
3 openx.net
can-digital-d.openx.net
u.openx.net
eu-u.openx.net
1 KB
3 districtm.io
dmx.districtm.io
cdn.districtm.io
526 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 bidswitch.net
x.bidswitch.net
1013 B
2 creative-serving.com
ads.creative-serving.com
2 KB
2 webmasterplan.com
banners.webmasterplan.com
1 KB
2 zanox.com
ad.zanox.com
1 KB
2 adsrvr.org
match.adsrvr.org
1010 B
2 adform.net
track.adform.net
639 B
2 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
118 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 rlcdn.com
idsync.rlcdn.com
854 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
6 KB
2 getdrip.com
tag.getdrip.com
api.getdrip.com
20 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
9 KB
1 widespace.com
sync.widespace.com
528 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 adition.com
dsp.adfarm1.adition.com
575 B
1 webgains.io
analytics.webgains.io
50 KB
1 congstar.de
banner.congstar.de
1 office-partner.de
adv.office-partner.de
1 akamaihd.net
creative-a.akamaihd.net
305 B
1 media01.eu
pb.media01.eu
1012 B
1 casalemedia.com
as-sec.casalemedia.com
906 B
1 sonobi.com
apex.go.sonobi.com
716 B
1 criteo.com
bidder.criteo.com
214 B
1 quantcount.com
rules.quantcount.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
24 KB
1 google.com
adservice.google.com
171 B
1 google.de
adservice.google.de
171 B
1 criteo.net
static.criteo.net
13 KB
1 gumgum.com
js.gumgum.com
34 KB
232 61
Domain Requested by
43 www.thecanary.co www.thecanary.co
18 s.cpx.to p.cpx.to
www.thecanary.co
13 ad.360yield.com 1 redirects www.thecanary.co
cdn-cf.justpremium.com
13 pixel.mathtag.com 3 redirects tags.mathtag.com
www.thecanary.co
pixel.mathtag.com
10 cm.g.doubleclick.net 8 redirects www.thecanary.co
9 ml314.com 2 redirects ads.counciladvertising.net
ml314.com
www.thecanary.co
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.thecanary.co
6 track.webgains.com www.thecanary.co
5 secure.adnxs.com 5 redirects
4 w-it.m-t.io analytics.webgains.io
4 5994599.fls.doubleclick.net 2 redirects www.thecanary.co
4 ox-d.justpremium.com 2 redirects www.thecanary.co
cdn-cf.justpremium.com
4 tags.mathtag.com www.thecanary.co
tags.mathtag.com
4 ads.avocet.io 4 redirects
4 image2.pubmatic.com 4 redirects
4 t.teads.tv www.thecanary.co
4 sb.scorecardresearch.com 2 redirects www.thecanary.co
4 www.googletagservices.com ads.counciladvertising.net
securepubads.g.doubleclick.net
4 www.facebook.com www.thecanary.co
connect.facebook.net
4 www.google-analytics.com 2 redirects www.thecanary.co
www.google-analytics.com
4 connect.facebook.net www.thecanary.co
connect.facebook.net
3 diapi.webgains.com track.webgains.com
3 eus.rubiconproject.com assets.counciladvertising.net
www.thecanary.co
3 hal900025.redintelligence.net 1 redirects www.thecanary.co
3 ps.eyeota.net 2 redirects www.thecanary.co
3 fastlane.rubiconproject.com assets.counciladvertising.net
3 d.turn.com 3 redirects
3 tracking.omnitagjs.com www.thecanary.co
3 emea-v3.tracking.justpremium.com www.thecanary.co
3 antenna.ayads.co www.thecanary.co
3 ads.counciladvertising.net www.thecanary.co
2 rtb.mfadsrvr.com 2 redirects
2 x.bidswitch.net 2 redirects
2 ad.doubleclick.net 1 redirects www.thecanary.co
2 hal900010.redintelligence.net hal9000.redintelligence.net
www.thecanary.co
2 ads.creative-serving.com 2 redirects
2 banners.webmasterplan.com hal900025.redintelligence.net
banners.webmasterplan.com
2 ad.zanox.com 1 redirects hal900025.redintelligence.net
2 match.adsrvr.org 2 redirects
2 track.adform.net 2 redirects
2 stags.bluekai.com tags.mathtag.com
2 sync.mathtag.com 2 redirects
2 hal9000.redintelligence.net www.thecanary.co
2 beacon-eu-ams3.rubiconproject.com www.thecanary.co
2 sync.crwdcntrl.net 2 redirects
2 idsync.rlcdn.com 2 redirects
2 ib.adnxs.com 1 redirects assets.counciladvertising.net
2 dmx.districtm.io assets.counciladvertising.net
www.thecanary.co
2 sync.teads.tv a.teads.tv
2 api.rhombusads.com cdn.rhombusads.com
www.thecanary.co
2 acdn.adnxs.com uk.ads.justpremium.com
assets.counciladvertising.net
2 stats.g.doubleclick.net www.thecanary.co
2 fonts.gstatic.com www.thecanary.co
2 events.apester.com static.apester.com
www.thecanary.co
2 display.apester.com static.apester.com
www.thecanary.co
2 uk.ads.justpremium.com www.thecanary.co
uk.ads.justpremium.com
2 a.teads.tv www.thecanary.co
a.teads.tv
2 cdn.rhombusads.com www.thecanary.co
cdn.rhombusads.com
1 pagead2.googlesyndication.com
1 sync.widespace.com 1 redirects
1 gu.dyntrk.com www.thecanary.co
1 dsp.adfarm1.adition.com 1 redirects
1 ad.turn.com 1 redirects
1 analytics.webgains.io track.webgains.com
1 banner.congstar.de banners.webmasterplan.com
1 adv.office-partner.de hal900010.redintelligence.net
1 eu-u.openx.net assets.counciladvertising.net
1 cdn.districtm.io assets.counciladvertising.net
1 creative-a.akamaihd.net www.thecanary.co
1 pb.media01.eu 1 redirects
1 u.openx.net 1 redirects
1 pre.ads.justpremium.com cdn-cf.justpremium.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 optchk.ayads.co sac.ayads.co
1 tags.bluekai.com 1 redirects
1 gkng.ayads.co sac.ayads.co
1 pixel.quantserve.com www.thecanary.co
1 api.getdrip.com tag.getdrip.com
1 can-digital-d.openx.net assets.counciladvertising.net
1 as-sec.casalemedia.com assets.counciladvertising.net
1 apex.go.sonobi.com assets.counciladvertising.net
1 bidder.criteo.com assets.counciladvertising.net
1 rules.quantcount.com secure.quantserve.com
1 www.googletagmanager.com cdn.rhombusads.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 fo-ssp.omnitagjs.com fo-static.omnitagjs.com
1 p.cpx.to ads.counciladvertising.net
1 secure.quantserve.com ads.counciladvertising.net
1 static.criteo.net ads.counciladvertising.net
1 assets.counciladvertising.net ads.counciladvertising.net
1 tag.getdrip.com www.thecanary.co
1 cdn-cf.justpremium.com uk.ads.justpremium.com
1 fo-static.omnitagjs.com fo-api.omnitagjs.com
1 sac.ayads.co www.thecanary.co
1 static.apester.com www.thecanary.co
1 js.gumgum.com www.thecanary.co
1 fo-api.omnitagjs.com www.thecanary.co
1 fonts.googleapis.com www.thecanary.co
1 ajax.googleapis.com www.thecanary.co
1 thecanary.co 1 redirects
232 101

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.docandtee.com
krystal.co.uk
Subject Issuer Validity Valid
sni193626.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-09 -
2019-09-15		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
omnitagjs.com
COMODO RSA Organization Validation Secure Server CA		 2018-04-17 -
2019-04-17		 a year crt.sh
*.gumgum.com
Amazon		 2019-01-09 -
2020-02-09		 a year crt.sh
*.rhombusads.com
Amazon		 2019-01-07 -
2020-02-07		 a year crt.sh
static.apester.com
Let's Encrypt Authority X3		 2019-02-24 -
2019-05-25		 3 months crt.sh
teads.tv
Let's Encrypt Authority X3		 2019-03-11 -
2019-06-09		 3 months crt.sh
*.ayads.co
DigiCert SHA2 Secure Server CA		 2018-06-15 -
2020-06-30		 2 years crt.sh
tracking.justpremium.com
Amazon		 2018-06-21 -
2019-07-21		 a year crt.sh
*.counciladvertising.net
Amazon		 2018-11-05 -
2019-12-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-03-08 -
2019-06-06		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
t2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-03-14 -
2020-02-16		 a year crt.sh
events.apester.com
Let's Encrypt Authority X3		 2019-02-08 -
2019-05-09		 3 months crt.sh
justpremium.com
Amazon		 2018-06-29 -
2019-07-29		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.getdrip.com
Go Daddy Secure Certificate Authority - G2		 2017-04-16 -
2019-05-16		 2 years crt.sh
assets.counciladvertising.net
Amazon		 2018-09-27 -
2019-10-27		 a year crt.sh
*.criteo.net
DigiCert SHA2 Secure Server CA		 2018-11-08 -
2019-12-19		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
p.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-07-13 -
2019-06-07		 a year crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.ml314.com
Amazon		 2019-03-16 -
2020-04-16		 a year crt.sh
*.criteo.com
DigiCert SHA2 Secure Server CA		 2018-11-05 -
2020-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2019-02-01 -
2021-02-04		 2 years crt.sh
dmx.districtm.io
Let's Encrypt Authority X3		 2019-02-05 -
2019-05-06		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-01-09 -
2020-03-09		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.openx.net
DigiCert ECC Secure Server CA		 2019-02-08 -
2020-05-12		 a year crt.sh
www.eyeota.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-12 -
2021-02-11		 3 years crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2018-01-26 -
2020-04-16		 2 years crt.sh
*.redintelligence.net
Go Daddy Secure Certificate Authority - G2		 2019-03-22 -
2020-03-22		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-04-25		 a year crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-12-10 -
2020-03-10		 a year crt.sh
ads.justpremium.com
Amazon		 2019-03-22 -
2020-04-22		 a year crt.sh
*.360yield.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-12 -
2020-03-11		 2 years crt.sh
ox-d.justpremium.com
GeoTrust RSA CA 2018		 2018-03-05 -
2020-03-04		 2 years crt.sh
ad.zanox.com
Thawte RSA CA 2018		 2018-01-03 -
2019-06-26		 a year crt.sh
banners.webmasterplan.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-02-21 -
2020-02-22		 2 years crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA		 2018-10-18 -
2019-10-18		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2018-04-26 -
2019-04-26		 a year crt.sh
adv.office-partner.de
Let's Encrypt Authority X3		 2019-01-26 -
2019-04-26		 3 months crt.sh
*.webgains.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-18 -
2019-06-09		 a year crt.sh
*.congstar.de
COMODO RSA Organization Validation Secure Server CA		 2017-10-24 -
2021-01-21		 3 years crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.webgains.io
Amazon		 2018-06-06 -
2019-07-06		 a year crt.sh
w-it.m-t.io
Let's Encrypt Authority X3		 2019-02-12 -
2019-05-13		 3 months crt.sh
bko.dynadmic.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-06-01 -
2019-08-23		 a year crt.sh

This page contains 26 frames:

Primary Page: https://www.thecanary.co/
Frame ID: E8C2D9D8FCC3DF429920EDA95C612BE1
Requests: 154 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 65994B174D283E831C0C6B771E5CE762
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 5D1C0DBB53BD198F5094DB554E7D5240
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 34E7C194F1DA5C6EA0E290AE9D58BEB9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 88D1B53114820A8E91C3B9D078DC5582
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rhombusads.com/rhr.html?rq=undefined
Frame ID: 5D2049446B072ADBE4819351857C8AA8
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvWVdGa01HUXhNV1V0T0RjelpTMWtZbUl6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyMzQwNDk3NjQwMTM0MDkzNTMvNjYyMjQ3Mi80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3WXRMeDlQNTRxT0VIeWwtTGxqRl8tWS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQyMzQwNDk3NjQwMTM0MDkzNTMvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/VUlTqRectZwgemJUvkBC0QdW9KI&nodeid=1259&auctionid=4234049764013409353&exch=ruc&sid=4562355&cid=6622472&price=2397CD7734278496&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F
Frame ID: D57BA0DFCEDEEDB165A90A525CD581BF
Requests: 17 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvTUdSbFl6UTBaV010WmpJd05pMHhaVFU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwODg5NDA0NDg2MDA1ODkzODUvNjYyMjQ3OC80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3VVhOSTRobU1TWEI4OGQ3c2NVcDBySS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwODg5NDA0NDg2MDA1ODkzODUvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/1FYlE5AJSNmskBwNuaTEZR3UBns&nodeid=1362&auctionid=6088940448600589385&exch=ruc&sid=4562355&cid=6622478&price=D2CD3B6BAC6A6B6D&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F
Frame ID: 42E156DD701D723249807A17812E02DD
Requests: 29 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync
Frame ID: 3BF2DA344C32BC54AB4D8DCFBB91D133
Requests: 1 HTTP requests in this frame

Frame: https://emea-v3.tracking.justpremium.com/tracking.gif?rid=54b51c0d-bb8a-d5b9-9b0a-ab2a8877afb0-1553317705141&sid=56354041-4e00-a9ce-f0bb-a2623cb7fdb3-1553317705141&uid=a3cac8a9-f75e-02ba-6cdd-4279b45346d7-1553317705141&vr=v2.12.276&ru=https%3A%2F%2Fwww.thecanary.co%2F&tt=1553317707225&siw=1300&sh=1200&sw=1600&wh=1200&ww=1600&an=i-0bc78bd7bf50c0626&vn=eu-west-1&sd=uk&_c=aer1f5m1553317707225&et=&aid=279745,279745&said=500603,500604&ei=540658600%2C13319643&fc=wp,wp&sp=22,1&at=adserver&cid=&ist=0,0&mg=&dl=&dlt=&ev=&vt=&zid=68302&dr=56&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A3309%7D&ty=ex
Frame ID: 6097220164AE5B9709A41DC488F20E66
Requests: 12 HTTP requests in this frame

Frame: https://ad.zanox.com/ppv/images/onepixel.gif?foo=32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200&dyn_id=
Frame ID: 093614A07F4F8C4E19DB999D697BB66D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 36F0F103C1F4127F305B3512B97B81E6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 5A7DB01CD73EEB63B21F62CA45CA7314
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=afafcdbf-19cb-4df7-b383-5a67acd26166&gdpr=1
Frame ID: E8B027D88D6675D45DAB66FF33D94A9E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D2AA489D5BDEC8F869A58A6A511A03CE
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 547C854FDCE590D8A40375A25B4A7675
Requests: 1 HTTP requests in this frame

Frame: https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=53267200015864000951457010811025&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Frame ID: 61A6C043421937F3329DB613D44D4A67
Requests: 1 HTTP requests in this frame

Frame: https://banner.congstar.de/cookie?afid=203506-53267200015864000951457010811025&affmt=1&affmn=1249
Frame ID: 0303ABDC2A3ACD2C43107EF65890F4D3
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJqKi7S_l-ECFdFx4Aod3zIEdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943
Frame ID: 619213E76CEC2D4C465C9D461A5ED8A4
Requests: 1 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=53267200015864000951457010811025&a=97cd374c
Frame ID: C0D84B39B8829F696B3BBED74A9F3464
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: B46F77B7AC2DA570CF2CA335EDC7903E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e1a05c95-b045-4700-8365-f8ff9a31b311&no_iframe=1&mt_lim=5
Frame ID: 794C635CBB8A4FFA79B5692D49422FFC
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIrbg7W_l-ECFYaxewodcfEBkQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848
Frame ID: 03C4D0FA7E3438ACF500A126C74EB0A5
Requests: 1 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=10716700012730300951453010811010&a=094b2b2c
Frame ID: C93F6DC13CE978180CB6156E88E645D5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0D0B78BA2A86FE4C29F9B3DD1534D447
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e1a05c95-b045-4700-8365-f8ff9a31b311&no_iframe=1&mt_lim=5
Frame ID: 54AE8502853F354D690F9B3452B83640
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://thecanary.co/ HTTP 301
    https://www.thecanary.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • env /pbjs/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • env /^criteo/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

232
Requests

100 %
HTTPS

23 %
IPv6

61
Domains

101
Subdomains

83
IPs

8
Countries

2554 kB
Transfer

5751 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thecanary.co/ HTTP 301
    https://www.thecanary.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=396584839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thecanary.co%2F&ul=en-us&de=UTF-8&dt=Independent%20Media%20%7C%20Campaigning%20Journalism%20%7C%20The%20Canary&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAEIh~&jid=653106315&gjid=588228066&cid=1402858781.1553317705&tid=UA-68308001-1&_gid=122916402.1553317705&_r=1&z=1876435920 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68308001-1&cid=1402858781.1553317705&jid=653106315&_gid=122916402.1553317705&gjid=588228066&_v=j73&z=1876435920
Request Chain 75
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705701&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95809808&cs_ucfr=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705701&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95809808&cs_ucfr=1
Request Chain 79
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705724&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=17279951&cs_ucfr=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705724&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=17279951&cs_ucfr=1
Request Chain 84
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D6052EAE-1FCE-470C-BA43-31C7AF910474&fid=d111b945-c376-4a87-89d3-03f2f489da00
Request Chain 85
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
Request Chain 86
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=d111b945-c376-4a87-89d3-03f2f489da00
Request Chain 87
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=d111b945-c376-4a87-89d3-03f2f489da00
Request Chain 88
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12187%26ref%3D%26hn_ver%3D10%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12187%2526ref%253D%2526hn_ver%253D10%2526fid%253Dd111b945-c376-4a87-89d3-03f2f489da00 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=d111b945-c376-4a87-89d3-03f2f489da00
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a&google_gid=CAESEN7j_S3mlb1ovCB1svVbqSg&google_cver=1
Request Chain 90
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12187%26ref%3D%26hn_ver%3D10%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12187%2526ref%253D%2526hn_ver%253D10%2526fid%253Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Request Chain 91
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Request Chain 92
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a HTTP 302
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Request Chain 93
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a HTTP 302
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Request Chain 94
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862 HTTP 302
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Request Chain 95
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Request Chain 96
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862 HTTP 302
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b0cc16fb-c566-43d1-92de-1c50cb979862 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=b0cc16fb-c566-43d1-92de-1c50cb979862&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
Request Chain 98
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12187%26ref%3D%26hn_ver%3D10%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Request Chain 99
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=396584839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thecanary.co%2F&ul=en-us&de=UTF-8&dt=Independent%20Media%20%7C%20Campaigning%20Journalism%20%7C%20The%20Canary&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGDAAUIh~&jid=1608503514&gjid=2045989648&cid=1402858781.1553317705&tid=UA-129593788-1&_gid=122916402.1553317705&_r=1&gtm=2ou3b2&z=108195611 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129593788-1&cid=1402858781.1553317705&jid=1608503514&_gid=122916402.1553317705&gjid=2045989648&_v=j73&z=108195611
Request Chain 130
  • https://tags.bluekai.com/site/20486?limit=0&id=5978151465932972828&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151465932972828%26eid=50056 HTTP 302
  • https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465932972828&eid=50056
Request Chain 131
  • https://idsync.rlcdn.com/395886.gif?partner_uid=5978151465932972828 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2NTkzMjk3MjgyOBAAGg0Iyv7W5AUSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=e4a0aa035b3f25267a627f6b887e175fa3e979b4eb3afb9634a8750ffbfdeb38f4cb09cee1a4f8eb&person_id=5978151465932972828&eid=50082
Request Chain 132
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465932972828%26eid=50220 HTTP 302
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465932972828%26eid=50220&mm_bnc&mm_bct HTTP 302
  • https://ml314.com/csync.ashx?fp=e1a05c95-b045-4700-8365-f8ff9a31b311&person_id=5978151465932972828&eid=50220
Request Chain 133
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465932972828 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465932972828 HTTP 302
  • https://ml314.com/csync.ashx?fp=45d34f48e2781555e49bfbed4999d5e0&eid=50146&person_id=5978151465932972828
Request Chain 134
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2-FVvxXMYxwdHix8mLzsD1wZZoiF5fF36ccgxsWroxwU&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
  • https://ml314.com/csync.ashx?fp=2-FVvxXMYxwdHix8mLzsD1wZZoiF5fF36ccgxsWroxwU&person_id=5978151465932972828&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=YWFkMGQxMWUtODczZS1kYmIzLTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEMM8FoVNv9KaDqu_AfLv4mE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MGRlYzQ0ZWMtZjIwNi0xZTU4LTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEMM8FoVNv9KaDqu_AfLv4mE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
Request Chain 168
  • https://ad.360yield.com/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%22imp%22%3A%5B%7B%22id%22%3A500604%2C%22pid%22%3A13319643%2C%22banner%22%3A%7B%7D%2C%22kvw%22%3A%7B%22kv%22%3A%5B%22hb%22%5D%7D%7D%5D%2C%22debug%22%3A1%2C%22gdpr%22%3A1%7D%7D HTTP 302
  • https://ad.360yield.com/ul_cb/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%22imp%22%3A%5B%7B%22id%22%3A500604%2C%22pid%22%3A13319643%2C%22banner%22%3A%7B%7D%2C%22kvw%22%3A%7B%22kv%22%3A%5B%22hb%22%5D%7D%7D%5D%2C%22debug%22%3A1%2C%22gdpr%22%3A1%7D%7D
Request Chain 169
  • https://ox-d.justpremium.com/w/1.0/arj?url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317707234_3954_callback HTTP 302
  • https://ox-d.justpremium.com/w/1.0/arj?cc=1&url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317707234_3954_callback HTTP 302
  • https://u.openx.net/w/1.0/sc?r=https%3A%2F%2Fox-d.justpremium.com%2Fw%2F1.0%2Farj%3Fcc%3D1%26url%3Dhttps%253A%252F%252Fwww.thecanary.co%26auid%3D540658600%26gdpr%3D1%26gdpr_consent%3D1%26callback%3Djpx_1553317707234_3954_callback HTTP 302
  • https://ox-d.justpremium.com/w/1.0/arj?mi=4b7ea539-8700-013d-27ef-72b55f875772&ma=1553317705&mr=1554527307&mn=0&mc=1&cc=1&url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317707234_3954_callback
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&external_user_id=CAESEBfcOyL4VSYcJ9TXy4ktj9M&google_cver=1
Request Chain 173
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=42&Expiration=1554527308&external_user_id=7875025431771816756
Request Chain 174
  • https://ib.adnxs.com/getuid?https://ad.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA HTTP 302
  • https://ad.360yield.com/match?external_user_id=5030808967751963453&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Request Chain 175
  • https://pixel.mathtag.com/sync/img?sync=auto&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=5&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=e1a05c95-b045-4700-8365-f8ff9a31b311
Request Chain 176
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d44a5725-33e7-4670-ab55-4889c7121f35
Request Chain 177
  • https://hal900025.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4234049764013409353%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=8573941518655&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900025.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4234049764013409353%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=8573941518655&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 178
  • https://ad.zanox.com/tpv/?32561673C2004579202T&zpar0=53267200015864000951457010811025 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200&dt_subid2=&actionid=282955&produktid=&dt_url=https%3A%2F%2Fad.zanox.com%2Fppv%2Fimages%2Fonepixel.gif%3Ffoo%3D32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200 HTTP 301
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200&dyn_id=
Request Chain 180
  • https://ads.creative-serving.com/tr/adpepperc.2/3031103;sz=1x1;cmp=2304671;cr=986894 HTTP 302
  • https://ads.creative-serving.com/tr/adpepperc.2/3031103;sz=1x1;cmp=2304671;cr=986894;fl_inst=0;ul_cb=1 HTTP 302
  • https://creative-a.akamaihd.net/newui_adpepper/2019-01-04/1x1_-_kopie.gif
Request Chain 190
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=; HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CO-H9bK_l-ECFQShewodmZsNZA;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
Request Chain 191
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJqKi7S_l-ECFdFx4Aod3zIEdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943
Request Chain 205
  • https://ad.turn.com/r/cs?pid=15&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=4&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=3565448589264417009&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Request Chain 206
  • https://dsp.adfarm1.adition.com/cookie/?ssp=4&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=105&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=105&external_user_id=6671448777634019477&Expiration=1553922513&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Request Chain 207
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=improve&bsw_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=improve&bsw_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3ca26be2-1fb8-4f4f-8326-6f6dbd67abd9&ssp=improve HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530
Request Chain 209
  • https://sync.widespace.com/map/ext/api/trackingcallback/v1?accessToken=impdig-user-sync&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=305&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=305&external_user_id=a63ddbcb-5bff-46bd-902f-1f0671717e39&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Request Chain 217
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIrbg7W_l-ECFYaxewodcfEBkQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848

232 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thecanary.co/
Redirect Chain
  • https://thecanary.co/
  • https://www.thecanary.co/
129 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b74467b3bbcbe64fe3c111f9b1ef48b5fdf40b20ab82ec87804d84cfa92b32

Request headers

:method
GET
:authority
www.thecanary.co
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 23 Mar 2019 05:08:24 GMT
content-type
text/html; charset=UTF-8
vary
Cookie,User-Agent,Accept-Encoding
last-modified
Fri, 22 Mar 2019 20:11:52 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Mon, 29 Oct 1923 20:30:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4bbde3276cfebec1-FRA
content-encoding
br

Redirect headers

status
301
date
Sat, 23 Mar 2019 05:08:24 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; expires=Sun, 22-Mar-20 05:08:24 GMT; path=/; domain=.thecanary.co; HttpOnly PHPSESSID=4cdbe0dpga0oop4n2lvkpqar10; path=/
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
x-redirect-by
WordPress
last-modified
Sat, 23 Mar 2019 05:08:23 GMT
location
https://www.thecanary.co/
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4bbde323da9ebec1-FRA
4f4g5.css
www.thecanary.co/wp-content/cache/wpfc-minified/9jfxvjk4/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/9jfxvjk4/4f4g5.css
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be780fa3161746c0257f843dc2ebdad4a0e76f5ae8f6166381831c65515fb677

Request headers

:path
/wp-content/cache/wpfc-minified/9jfxvjk4/4f4g5.css
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:47:19 GMT
server
cloudflare
cf-polished
origSize=6531
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3281db1bec1-FRA
expires
Sat, 23 Mar 2019 09:08:24 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css?ver=94bcf25de4b7d97565d34d6f7e9abfc7
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 10:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
759448
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8060
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Mar 2020 10:10:56 GMT
a1h0x.css
www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/ 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1504ee536c63f8811a317a9f48dc68c0acfda15d6d4e49d1aacb447c299b3bd9

Request headers

:path
/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2019 10:10:41 GMT
server
cloudflare
cf-polished
origSize=340060
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3281db2bec1-FRA
expires
Sat, 23 Mar 2019 09:08:24 GMT
4f4g5.js
www.thecanary.co/wp-content/cache/wpfc-minified/eru88qqk/ 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/eru88qqk/4f4g5.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d50550399003bd564fe95850381abce45c4ad32336a253d6329d51b01e53f4e

Request headers

:path
/wp-content/cache/wpfc-minified/eru88qqk/4f4g5.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:47:19 GMT
server
cloudflare
cf-polished
origSize=126375
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3281db6bec1-FRA
expires
Sat, 23 Mar 2019 09:08:24 GMT
wp-emoji-release.min.js
www.thecanary.co/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-includes/js/wp-emoji-release.min.js?ver=94bcf25de4b7d97565d34d6f7e9abfc7
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=94bcf25de4b7d97565d34d6f7e9abfc7
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2019 10:10:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4bbde3283dcabec1-FRA
expires
Sat, 23 Mar 2019 09:08:24 GMT
4f4g5.js
www.thecanary.co/wp-content/cache/wpfc-minified/8uuzcnfd/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/8uuzcnfd/4f4g5.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d752964121e476d92b610b60f38a9e33c44fbde1e4232af4bbed5913896cdb6f

Request headers

:path
/wp-content/cache/wpfc-minified/8uuzcnfd/4f4g5.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:47:19 GMT
server
cloudflare
cf-polished
origSize=46320
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3284dd2bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
4f4g5.js
www.thecanary.co/wp-content/cache/wpfc-minified/esyppzww/ 		51 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/esyppzww/4f4g5.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa9e3c9594362658c239c24ff580e5c737c930966d9efa5cd893c94da4fb41a

Request headers

:path
/wp-content/cache/wpfc-minified/esyppzww/4f4g5.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:47:19 GMT
server
cloudflare
cf-polished
origSize=86156
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3284dd4bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
4f4g5.js
www.thecanary.co/wp-content/cache/wpfc-minified/det2k7cc/ 		782 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/det2k7cc/4f4g5.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06825cf2cb9ec6784f3790af0eb35ac5a76945dead1b408da9f80c8f9832d548

Request headers

:path
/wp-content/cache/wpfc-minified/det2k7cc/4f4g5.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:47:19 GMT
server
cloudflare
cf-polished
origSize=1235
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3284dd5bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
4f4g5.js
www.thecanary.co/wp-content/cache/wpfc-minified/5dsv82s/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/5dsv82s/4f4g5.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07da870e1c62f31014cf51ef324fa877948514142030fa2b32e125c11c2fe252

Request headers

:path
/wp-content/cache/wpfc-minified/5dsv82s/4f4g5.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:47:19 GMT
server
cloudflare
cf-polished
origSize=5863
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3284dd6bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
4f4g5.js
www.thecanary.co/wp-content/cache/wpfc-minified/f2v90pd1/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/cache/wpfc-minified/f2v90pd1/4f4g5.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0b28a2c45eeb44937e789c97bda7d1b1430ab16c2f2ebeca7342299a3e0479

Request headers

:path
/wp-content/cache/wpfc-minified/f2v90pd1/4f4g5.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:47:19 GMT
server
cloudflare
cf-polished
origSize=16463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3284dd7bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
css
fonts.googleapis.com/ 		5 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,400i,600,600i
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
de47cf5862e032983d1560f248f4182a58e0e3dbd222c680163ba1c64b246c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 23 Mar 2019 05:08:25 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 23 Mar 2019 05:08:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:25 GMT
ot.js
fo-api.omnitagjs.com/fo-api/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-api.omnitagjs.com/fo-api/ot.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.37.115.103 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
fo-api-fra01.omnitagjs.com
Software
/
Resource Hash
7b572a875e53f3e6f31ef3c09cbc35682032a86ec142a49a7984df4bf62e7b91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Access-Control-Allow-Methods
OPTIONS, GET
P3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Headers
Accept-Encoding
Content-Length
1988
Expires
0
services.js
js.gumgum.com/ 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b45fb938bb5340de483f10f9e295125e69ae9b17ec09f8122b413f60149bc6ff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 01:27:44 GMT
content-encoding
gzip
age
4775
x-cache
Hit from cloudfront
status
200
x-amz-meta-version
3.7.4
x-amz-meta-timing-allow-origin
*
x-amz-meta-access-control-allow-origin
*
last-modified
Fri, 22 Mar 2019 23:01:48 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-version-id
sXbd_VulZf5LSVJHQVPCh1sV74HyHHzf
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cache-control
max-age=7200
content-type
application/javascript
x-amz-cf-id
91Y8MKyWEOR1Adhcnwjig_ZNb7HTp24Bh4ITRtXt9IPge-Tw6K-jmg==
rh.min.js
cdn.rhombusads.com/js/ 		72 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rhombusads.com/js/rh.min.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:3200:1b:9b08:7f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.12.1 / Express
Resource Hash
336d5f64673ed2f825a3161ed2ec4c6c2156bd58f9d1427e0749678c0a1b87c3

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
etag
W/"11ebc-1699db53b70"
last-modified
Thu, 21 Mar 2019 00:44:54 GMT
server
nginx/1.12.1
access-control-allow-origin
*
x-powered-by
Express
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
content-length
73404
x-amz-cf-id
SGNfGp8oW1ArT4kvrzBx7MkJ36kxrqfEzYVfJBj10nZQOpAz53TMBA==
apester-javascript-sdk.min.js
static.apester.com/js/sdk/v2.0/ 		118 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.apester.com/js/sdk/v2.0/apester-javascript-sdk.min.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.53 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
53.72.190.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
935d47a6a799f751d422685ab9a58af1c6bfa9dfbe5ceb2ceb780591b28c411c

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:00:40 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 08:59:04 GMT
server
nginx/1.15.9
age
465
etag
W/"5c935258-1d607"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public,s-maxage=900,max-age=300
alt-svc
clear
content-length
38506
via
1.1 google
tag
a.teads.tv/page/47764/ 		995 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/47764/tag
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc6901e93504800cd062a7854df5666149adefb98e9a84416f2a69391b820ead

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
510
expires
Sat, 23 Mar 2019 06:08:25 GMT
22001
sac.ayads.co/sublime/ 		318 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sac.ayads.co/sublime/22001
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1ce7ce343107c60e5f5519f3e32cc6701518951e17619c5d0f320ebf9992a4

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=3600
cf-ray
4bbde328981ac2bf-FRA
expires
Sat, 23 Mar 2019 06:08:25 GMT
js.php
uk.ads.justpremium.com/adserve/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk.ads.justpremium.com/adserve/js.php?zone=68302
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.164.235 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-164-235.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
33723fdf1e2471e94de6864e250f7c9f33c56490cc852010d8b7a8806cd1f41a

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
Server
nginx
vary
origin,accept-encoding
Content-Type
text/javascript; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache, no-store, no-cache="set-cookie"
transfer-encoding
chunked
Connection
keep-alive
the-canary-logo.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/the-canary-logo.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de85f4555c9373b9ec00e19df62005762465715e7992774aca48845549369fa9

Request headers

:path
/wp-content/themes/canary-2018/dist/images/the-canary-logo.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde3293eb2bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
arrow-yellow-right.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		432 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/arrow-yellow-right.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16997e58f34f00fbf4ebc47f0d93c367b67a8d0c2f19aa9765f304bcd9f8f04

Request headers

:path
/wp-content/themes/canary-2018/dist/images/arrow-yellow-right.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde3295ed3bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
arrow-yellow-left.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		436 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/arrow-yellow-left.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c8d3a5de768f2792f5c679aab8c64498a298c75b6aa37e09c60d6dd990ed855

Request headers

:path
/wp-content/themes/canary-2018/dist/images/arrow-yellow-left.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde3295ed4bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
signup-bg.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		2 KB
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/signup-bg.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d00ff9d21728e2f1171b90e3ac2ab097ebf5cdca6b99ff99645c1c78e302f8

Request headers

:path
/wp-content/themes/canary-2018/dist/images/signup-bg.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde3295ed5bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
public
ads.counciladvertising.net/code/canary/leaderboard/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.counciladvertising.net/code/canary/leaderboard/public
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.30.105 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-130-30-105.eu-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
62d201d14e49ed43ffba15107a7042ed7c56998242b8bc049df844f1d2cfb198

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
7031
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
public
ads.counciladvertising.net/code/canary/mpu/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.counciladvertising.net/code/canary/mpu/public
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.30.105 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-130-30-105.eu-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4902b57a6e401f284b033b2e6b4dd0bf0e9c7862d0260f12648778999a0468fa

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
6832
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
public
ads.counciladvertising.net/code/canary/doublempu/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.counciladvertising.net/code/canary/doublempu/public
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.30.105 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-130-30-105.eu-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0d1d96c4d55dac9a62469ebaf1f8be226607a76ea930d990578228b26c28ba7d

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
6953
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
email-decode.min.js
www.thecanary.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 19 Mar 2019 11:30:49 GMT
server
cloudflare
etag
W/"5c90d2e9-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800 public
cf-ray
4bbde3285df0bec1-FRA
expires
Mon, 25 Mar 2019 05:08:25 GMT
register-sw.js
www.thecanary.co/wp-content/plugins/super-progressive-web-apps/public/js/ 		298 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4934a60ed35b2c0e6525bd9bb8a16b95f3ed3c6cf98c4767508a9bb2d93f2e

Request headers

:path
/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Jan 2019 08:41:09 GMT
server
cloudflare
cf-polished
origSize=331
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde3287e0cbec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
ajax.js
www.thecanary.co/wp-content/plugins/zeno-report-comments/js/ 		560 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/plugins/zeno-report-comments/js/ajax.js?ver=1.2.3
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f368010c7b010fa6ca384325e23c731b0a70503b3d1f03b35de85257cf1fe2

Request headers

:path
/wp-content/plugins/zeno-report-comments/js/ajax.js?ver=1.2.3
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Nov 2018 10:03:40 GMT
server
cloudflare
cf-polished
origSize=744
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde328ae22bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
main-2980900c74.js
www.thecanary.co/wp-content/themes/canary-2018/dist/scripts/ 		171 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/scripts/main-2980900c74.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f077d0ea865d33591c32c4e52891a2fd24b7137d512109b9ef1564d076903c

Request headers

:path
/wp-content/themes/canary-2018/dist/scripts/main-2980900c74.js
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:24 GMT
server
cloudflare
cf-polished
origSize=175289
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-bgj
minify
cf-ray
4bbde328ce61bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
wp-embed.min.js
www.thecanary.co/wp-includes/js/ 		1 KB
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-includes/js/wp-embed.min.js?ver=94bcf25de4b7d97565d34d6f7e9abfc7
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=94bcf25de4b7d97565d34d6f7e9abfc7
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Dec 2018 03:43:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4bbde328ee7abec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
fbevents.js
connect.facebook.net/en_US/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15216
x-xss-protection
0
pragma
public
x-fb-debug
025hu9qbja3X/NWn3fXePv4pX2+V1zMkenkBL4AhGkNCOyVLDHPpx29s9kXwBBmzveppyRNUTzH991yB17sDqA==
date
Sat, 23 Mar 2019 05:08:25 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
4889
date
Sat, 23 Mar 2019 03:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Sat, 23 Mar 2019 05:46:56 GMT
ot_multi_template.js
fo-static.omnitagjs.com/ 		262 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-static.omnitagjs.com/ot_multi_template.js
Requested by
Host: fo-api.omnitagjs.com
URL: https://fo-api.omnitagjs.com/fo-api/ot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.174 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F0C) /
Resource Hash
1ccc94b0a4d1c0a8111ad88310e5c4d4176c48eb8ba37e3847fe62b8616f870b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
status
200
access-control-max-age
86400
content-length
65443
last-modified
Fri, 22 Mar 2019 19:53:19 GMT
server
ECAcc (frc/8F0C)
etag
"5c953d2f-419a1+gzip"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 23 Mar 2019 05:38:25 GMT
/
antenna.ayads.co/ 		43 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?t=1553317704245&z=22001&device=d&puid=p7802470593318649000&suid=s1850285523836010200&gc=0&gm=0&ga=1&gs=0&e=l&et=879&tfz=14&bw=1600&bh=1200
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.88.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
session
display.apester.com/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.apester.com/session
Requested by
Host: static.apester.com
URL: https://static.apester.com/js/sdk/v2.0/apester-javascript-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.thecanary.co
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
via
1.1 google, 1.1 varnish
x-powered-by
Express
x-cache
MISS
status
204
access-control-max-age
-1
x-served-by
cache-fra19142-FRA
x-timer
S1553317705.210359,VS0,VE107
vary
Origin, Access-Control-Request-Headers
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.thecanary.co
x-cloud-trace-context
69c37f0bc828870c4a2e0d9b73f2537b/7873251913562491920;o=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
x-cache-hits
0
event
events.apester.com/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.apester.com/event
Requested by
Host: static.apester.com
URL: https://static.apester.com/js/sdk/v2.0/apester-javascript-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
234.63.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.thecanary.co
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
via
1.1 google
alt-svc
clear
access-control-allow-origin
https://www.thecanary.co
access-control-max-age
86400
access-control-allow-methods
OPTIONS, POST
status
204
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
jpx.js
cdn-cf.justpremium.com/js/v2.12.276/ 		255 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js
Requested by
Host: uk.ads.justpremium.com
URL: https://uk.ads.justpremium.com/adserve/js.php?zone=68302
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.116 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-116.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
773594e803657386146504107d17bebbe29b75004fb8da815a09897eb2167a1e

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 11:54:47 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 11:54:41 GMT
server
AmazonS3
age
148419
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
public, max-age=2592000, s-maxage=2592000
x-amz-cf-id
PP4kRalkCOBzkLc-wddRGBYZzxOxs157oXnwBVYqdwaE7RB8DYwvWQ==
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
tracking.gif
emea-v3.tracking.justpremium.com/ 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emea-v3.tracking.justpremium.com/tracking.gif?rid=54b51c0d-bb8a-d5b9-9b0a-ab2a8877afb0-1553317705141&sid=56354041-4e00-a9ce-f0bb-a2623cb7fdb3-1553317705141&uid=a3cac8a9-f75e-02ba-6cdd-4279b45346d7-1553317705141&vr=2.12.276&ru=https%3A%2F%2Fwww.thecanary.co%2F&tt=1553317705168&siw=0&sh=1200&sw=1600&wh=1200&ww=1600&an=i-0bc78bd7bf50c0626&vn=eu-west-1&sd=uk&_c=2259045856&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=0&ist=&mg=&dl=&dlt=&ev=&vt=&zid=68302&dr=0&di=&pr=&cw=&ch=&nt=&st=&jp=&ty=ta
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.215.78 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-215-78.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Last-Modified
Mon, 11 Mar 2019 10:37:28 GMT
Server
nginx
ETag
"5c863a68-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
search-icon.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		338 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/search-icon.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
219d1004a4c3f8190477628a8dad0cbe36fe48ef368647799852cf1a86ec36f1

Request headers

:path
/wp-content/themes/canary-2018/dist/images/search-icon.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
:scheme
https
:method
GET
Referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde3297eecbec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
join-bg-header.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		514 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/join-bg-header.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
adabd868f7815d13793816e31efb54b88fbc88d819b3e18952af20483af86a60

Request headers

:path
/wp-content/themes/canary-2018/dist/images/join-bg-header.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
:scheme
https
:method
GET
Referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde3298ef6bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v6/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:400,400i,600,600i
Origin
https://www.thecanary.co

Response headers

date
Sat, 09 Mar 2019 03:03:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:28:27 GMT
server
sffe
age
1217097
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7836
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:03:28 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v6/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:400,400i,600,600i
Origin
https://www.thecanary.co

Response headers

date
Sat, 09 Mar 2019 00:02:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:26:34 GMT
server
sffe
age
1227973
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7968
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 00:02:12 GMT
fa-solid-900.woff2
www.thecanary.co/wp-content/themes/canary-2018/dist/fonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/fonts/fa-solid-900.woff2
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

:path
/wp-content/themes/canary-2018/dist/fonts/fa-solid-900.woff2
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
origin
https://www.thecanary.co
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
Origin
https://www.thecanary.co

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde3297ee8bec1-FRA
content-length
67400
expires
Sat, 23 Mar 2019 09:08:25 GMT
fa-brands-400.woff2
www.thecanary.co/wp-content/themes/canary-2018/dist/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/fonts/fa-brands-400.woff2
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

:path
/wp-content/themes/canary-2018/dist/fonts/fa-brands-400.woff2
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
origin
https://www.thecanary.co
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
Origin
https://www.thecanary.co

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Feb 2019 11:35:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde3297eebbec1-FRA
content-length
65316
expires
Sat, 23 Mar 2019 09:08:25 GMT
join-bg-sidebar.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		438 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/join-bg-sidebar.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee1edbf554fb4c57cd32e114b8f8385982ab7acf64443796446271fe2630d82

Request headers

:path
/wp-content/themes/canary-2018/dist/images/join-bg-sidebar.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
:scheme
https
:method
GET
Referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde329cf2dbec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 04:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
3114
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
856
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:16:31 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		696 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/47764/tag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ada912436d3960d00f91d763dc77593b9f1d3c956e5a97864d5a60637377bbc6

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2019 10:31:36 GMT
x-amz-request-id
18B98271DDB7CB87
etag
"bf36e8a9c1e5a18f69e1e9ddaaf4c1f0"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=600
x-bucket
a
accept-ranges
bytes
content-length
187923
x-amz-id-2
OdvqzDlm28uV6jn7XP3o4TcqlL51WAF2zlBRbV5jjY/4DzSZGU9t+Ke+6O+k34ufl4yOdTFQmbM=
expires
Sat, 23 Mar 2019 05:18:25 GMT
identity.js
connect.facebook.net/signals/plugins/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.8.42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
4a320c52c63a44c676ba2c6d00c5ab74fc031b16d768c1933cbfd27c20c2b4c4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
8245
x-xss-protection
0
pragma
public
x-fb-debug
rhgE1bCzEQyENKLo0+VOo2pa+7QofQz2UAbXqnUd3AzIy3EWSO7diHEujinamOAuZQbsuOxw6XxQQMBmro9XWg==
date
Sat, 23 Mar 2019 05:08:25 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
519297795243472
connect.facebook.net/signals/config/ 		186 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/519297795243472?v=2.8.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
46aef23a440301a7d2e1e07a75b0fcf6f24fb4a8ddf3297bcbcedea1accfdce6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
46032
x-xss-protection
0
pragma
public
x-fb-debug
M+QdlwzORwkJnTbK7PlTdJOsZ2M5//9krNqZlYrFCws+GZsKvsrDYVkifz7NHj+64+6rD6KMRKZsLbLJsLr/rQ==
date
Sat, 23 Mar 2019 05:08:25 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
join-bg-sidebar-footer.svg
www.thecanary.co/wp-content/themes/canary-2018/dist/images/ 		477 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/themes/canary-2018/dist/images/join-bg-sidebar-footer.svg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b384c0456559e1c9517ce2148fe4119a665f62dbe4754f479d03f751ec486aee

Request headers

:path
/wp-content/themes/canary-2018/dist/images/join-bg-sidebar-footer.svg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
:scheme
https
:method
GET
Referer
https://www.thecanary.co/wp-content/cache/wpfc-minified/3128wdw7/a1h0x.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Feb 2019 11:35:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4bbde32a1f61bec1-FRA
expires
Sat, 23 Mar 2019 09:08:25 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=396584839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thecanary.co%2F&ul=en-us&de=UTF-8&dt=Independent%20Media%20%7C%20Campaigning%20Journalism%20%7...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68308001-1&cid=1402858781.1553317705&jid=653106315&_gid=122916402.1553317705&gjid=588228066&_v=j73&z=1876435920
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68308001-1&cid=1402858781.1553317705&jid=653106315&_gid=122916402.1553317705&gjid=588228066&_v=j73&z=1876435920
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sat, 23 Mar 2019 05:08:25 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68308001-1&cid=1402858781.1553317705&jid=653106315&_gid=122916402.1553317705&gjid=588228066&_v=j73&z=1876435920
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
2269267.js
tag.getdrip.com/ 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.getdrip.com/2269267.js
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-113.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e70152caf0c63098993fdc6e65b93159777e460f450074062f94cf0adf0050c

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
gzip
last-modified
Sat, 23 Mar 2019 05:07:59 GMT
server
AmazonS3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
FUPuGONXUxjfsZtz8ORH7iFuV0D056pSZgN-bj0gVZaUjkn9uE1flw==
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
session
display.apester.com/ 		72 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.apester.com/session
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/ Express
Resource Hash
55a2e1db5589696af71d0748e966c84027afb5bf954334190baa594725d3a149

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
via
1.1 google, 1.1 varnish
age
0, 0
x-powered-by
Express
x-cache
MISS
status
200
content-length
72
x-served-by
cache-fra19160-FRA
x-timer
S1553317705.407418,VS0,VE108
etag
W/"48-+9vLkNrOIa5lPQ4DWpmx7k1niII"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecanary.co
x-cloud-trace-context
0723e288128055b5c6dd1c9b2227e9d6/15199121148600268429;o=0
cache-control
no-cache, no-store, must-revalidate, private
access-control-allow-credentials
true
accept-ranges
bytes, bytes
x-cache-hits
0
event
events.apester.com/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.apester.com/event
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.63.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
234.63.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
date
Sat, 23 Mar 2019 05:08:25 GMT
status
202
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.thecanary.co
access-control-allow-credentials
true
alt-svc
clear
content-length
0
1540040066007433
connect.facebook.net/signals/config/ 		186 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1540040066007433?v=2.8.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
03b62a9131d730caf783ca627d47973d6e9ef6131a33b8ed47f61f445a0f4ae8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
45966
x-xss-protection
0
pragma
public
x-fb-debug
r5J2yqmuGP/p1OIVMzU2IJ3bsFV9dABNvtHZxTdon/lJcMMZkg//3KPlhMXxVwllOjpTCrYtb6R5BcXFudMa4g==
date
Sat, 23 Mar 2019 05:08:25 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=519297795243472&ev=PageView&dl=https%3A%2F%2Fwww.thecanary.co%2F&rl=&if=false&ts=1553317705382&sw=1600&sh=1200&v=2.8.42&r=stable&a=wordpress-5.1.1-1.7.25&ec=0&o=30&fbp=fb.1.1553317705381.177370755&it=1553317705277&coo=false&rqm=GET
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sat, 23 Mar 2019 05:08:25 GMT
1551190897.js
assets.counciladvertising.net/v3/prebid/ 		239 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.counciladvertising.net/v3/prebid/1551190897.js
Requested by
Host: ads.counciladvertising.net
URL: https://ads.counciladvertising.net/code/canary/doublempu/public
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b800:e:c158:8400:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ab4194d799d00086501641f760a2f14bab16efac18f3a755ae17ebf269e55db

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 27 Feb 2019 10:19:48 GMT
content-encoding
gzip
last-modified
Tue, 26 Feb 2019 14:22:35 GMT
server
AmazonS3
age
2054918
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-id
uPFrjsDW3HDnxH7WCgPVJBEDYKrXTXdJzeMvzwowMoDGLIWVPGdRsw==
via
1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.counciladvertising.net
URL: https://ads.counciladvertising.net/code/canary/doublempu/public
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
72441f0d1ab491d6e4258caa4c5fb2bd4898ca2e7a2cef2736eddddf63195990
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"114 / 231 of 1000 / last-modified: 1553297005"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10789
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:25 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: ads.counciladvertising.net
URL: https://ads.counciladvertising.net/code/canary/doublempu/public
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b9e18a4b833d5c0b464a8e868f333dbefba58b690fb00d90e7aad180e6e847

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 13:26:35 GMT
Server
nginx
ETag
W/"5c811c0b-9ab2"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Sun, 24 Mar 2019 05:08:25 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.counciladvertising.net
URL: https://ads.counciladvertising.net/code/canary/doublempu/public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.188 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23-Mar-2019 05:08:25 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Sat, 30 Mar 2019 05:08:25 GMT
px.js
p.cpx.to/p/12187/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12187/px.js
Requested by
Host: ads.counciladvertising.net
URL: https://ads.counciladvertising.net/code/canary/doublempu/public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-57.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55f4e5fa4fc8d5275cab225c5efd3128687fda5680b664af378dce7321969d28

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 17:51:11 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 10 Oct 2018 10:51:41 GMT
Server
AmazonS3
Age
40635
ETag
"980f4193e88f892bcc6b97e262c83bd8"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
Bd-4v-rgs_J39md084SdKGPGBoFUsnNt1jsLtzLzIngMU6sxTj__pg==
ast.js
acdn.adnxs.com/ast/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: uk.ads.justpremium.com
URL: https://uk.ads.justpremium.com/adserve/js.php?zone=68302
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
29fe06bb2e99792d95a10cc599d53241dffa8ebb049529463d1377b3853ca18c

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Age
34070
X-Cache
HIT, HIT
X-Cache-Hits
5, 48941
Connection
keep-alive
Content-Length
30640
Via
1.1 varnish, 1.1 varnish
X-Served-By
cache-jfk8123-JFK, cache-cdg20754-CDG
Last-Modified
Wed, 20 Feb 2019 19:39:29 GMT
Server
nginx/1.13.10
Cache-Control
max-age=86402
X-Timer
S1553317705.469545,VS0,VE0
ETag
W/"5c6dacf1-15a62"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
b26d66ba869a0f8398713a42ad1d25566d792eec90f58d95ed2ad78cf8eb037b
Accept-Ranges
bytes
Expires
Thu, 21 Feb 2019 19:39:37 GMT
pixel
tracking.omnitagjs.com/tracking/ 		49 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.omnitagjs.com/tracking/pixel?event_kind=PLACEMENT_MATCH_BROWSER&attempt=0342062a8f59ebc806ffd987a58393b4
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.32.127.114 , France, ASN16276 (OVH, FR),
Reverse DNS
tracking-fra01.omnitagjs.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
73
Expires
0
pixel
tracking.omnitagjs.com/tracking/ 		49 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.omnitagjs.com/tracking/pixel?event_kind=AVAIL&attempt=0342062a8f59ebc806ffd987a58393b4
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.32.127.114 , France, ASN16276 (OVH, FR),
Reverse DNS
tracking-fra01.omnitagjs.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
73
Expires
0
marketplace
fo-ssp.omnitagjs.com/fo-ssp/ 		12 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fo-ssp.omnitagjs.com/fo-ssp/marketplace?Attempt=0342062a8f59ebc806ffd987a58393b4&Campaign=e2a82912438eaa7d2f234f778f82c274&CanonicalUrl=https%3A%2F%2Fwww.thecanary.co%2F&Isolated=false&Origin=https%3A%2F%2Fwww.thecanary.co&Source=SSP&Url=https%3A%2F%2Fwww.thecanary.co%2F&_=1553317705458
Requested by
Host: fo-static.omnitagjs.com
URL: https://fo-static.omnitagjs.com/ot_multi_template.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.104.182 , France, ASN16276 (OVH, FR),
Reverse DNS
ssp-fra01.omnitagjs.com
Software
/
Resource Hash
218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Access-Control-Allow-Methods
OPTIONS, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thecanary.co
Access-Control-Max-Age
3600
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept-Encoding, Content-Type
Content-Length
50
Expires
0
fire.js
s.cpx.to/ 		897 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12187&ref=&hn_ver=10&fid=d111b945-c376-4a87-89d3-03f2f489da00
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12187/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
5a039cae5785b5d0bc43fa4b49df29c9ebe1db05ebd1a8ebbdcdfed121fee04d

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
897
Expires
Fri, 01 Feb 2019 11:57:51 GMT
fire.js
s.cpx.to/ 		897 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12187&ref=&hn_ver=10&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12187/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bfb266946d335ff1d5f25a72f8fc4fe7eace89eeb82fdee60201f6e2f077d695

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
897
Expires
Fri, 01 Feb 2019 12:15:02 GMT
fire.js
s.cpx.to/ 		897 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12187&ref=&hn_ver=10&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12187/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
28652aa49303dcd3487901a41c92afeab79c82f29cf7c04045a610cc59849659

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
897
Expires
Fri, 01 Feb 2019 11:57:51 GMT
/
www.facebook.com/tr/ 		44 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1540040066007433&ev=PageView&dl=https%3A%2F%2Fwww.thecanary.co%2F&rl=&if=false&ts=1553317705492&sw=1600&sh=1200&v=2.8.42&r=stable&ec=0&o=30&fbp=fb.1.1553317705381.177370755&it=1553317705277&coo=false&rqm=GET
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sat, 23 Mar 2019 05:08:25 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.thecanary.co
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thecanary.co
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_319.js
securepubads.g.doubleclick.net/gpt/ 		160 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Mar 2019 16:13:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
58724
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:25 GMT
js
www.googletagmanager.com/gtag/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129593788-1
Requested by
Host: cdn.rhombusads.com
URL: https://cdn.rhombusads.com/js/rh.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
cabf156cbc0dfe5ffbb762c8d1035ef90a5071d3d2c76332eef1f7fe24beb208
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
br
last-modified
Fri, 22 Mar 2019 23:15:01 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24362
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:25 GMT
request
api.rhombusads.com/v1/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rhombusads.com/v1/request
Requested by
Host: cdn.rhombusads.com
URL: https://cdn.rhombusads.com/js/rh.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.15.238 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-18-15-238.us-east-2.compute.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.thecanary.co
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
nginx/1.12.1
X-Powered-By
Express
Vary
Access-Control-Request-Headers
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
wigo-no-slot
sync.teads.tv/ Frame 6599 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/wigo-no-slot
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
cookie
tt_viewer=a6a5c146-2b90-4c69-b4f7-7e892759aa4d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
325
expires
Sat, 23 Mar 2019 05:08:25 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705701&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705701&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705701&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95809808&cs_ucfr=1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705701&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95809808&cs_ucfr=1
Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&pageId=47764&pid=52940&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1553317705699&fv=2.21.54
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 23 Mar 2019 05:08:25 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&pageId=47764&pid=52940&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1553317705699&fv=2.21.54
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 23 Mar 2019 05:08:25 GMT
wigo-no-slot
sync.teads.tv/ Frame 5D1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/wigo-no-slot
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
cookie
tt_viewer=a6a5c146-2b90-4c69-b4f7-7e892759aa4d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
325
expires
Sat, 23 Mar 2019 05:08:25 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705724&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705724&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705724&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=17279951&cs_ucfr=1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553317705724&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=17279951&cs_ucfr=1
Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&pageId=47764&pid=85227&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1553317705722&fv=2.21.54
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 23 Mar 2019 05:08:25 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&pageId=47764&pid=85227&gid=[insertionId]&slot=native&env=js-web&pfid=[pfid]&f=1&ts=1553317705722&fv=2.21.54
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 23 Mar 2019 05:08:25 GMT
rules-p-mjq2rgU4Jj7VF.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mjq2rgU4Jj7VF.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:be00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fe94746b2830ec4085ebca187c68a84811f1302224f08680966f5ac54914741

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 04:24:01 GMT
content-encoding
gzip
last-modified
Wed, 04 Apr 2018 09:44:14 GMT
server
AmazonS3
age
2671
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
TzQLsq5UVe-MjbA8edQkeD9l-3yi53Mv5BzvBruIHlgndRXIcQRzLA==
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
pixel
tracking.omnitagjs.com/tracking/ 		49 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.omnitagjs.com/tracking/pixel?event_kind=INVENTORY&attempt=0342062a8f59ebc806ffd987a58393b4
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.32.127.114 , France, ASN16276 (OVH, FR),
Reverse DNS
tracking-fra01.omnitagjs.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
73
Expires
0
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D6052EAE-1FCE-470C-BA43-31C7AF910474&fid=d111b945-c376-4a87-89d3-03f2f489da00
95 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D6052EAE-1FCE-470C-BA43-31C7AF910474&fid=d111b945-c376-4a87-89d3-03f2f489da00
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:25 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D6052EAE-1FCE-470C-BA43-31C7AF910474&fid=d111b945-c376-4a87-89d3-03f2f489da00
Date
Sat, 23 Mar 2019 05:08:25 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
95 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
Connection
keep-alive
Content-Length
95
Content-Type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
server
HTTP server (unknown)
location
https://s.cpx.to/ca.png?dsp=dbm&fid=d111b945-c376-4a87-89d3-03f2f489da00&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
334
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=d111b945-c376-4a87-89d3-03f2f489da00
95 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=d111b945-c376-4a87-89d3-03f2f489da00
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:25 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=d111b945-c376-4a87-89d3-03f2f489da00
Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
s.cpx.to/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=d111b945-c376-4a87-89d3-03f2f489da00
95 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=d111b945-c376-4a87-89d3-03f2f489da00
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=d111b945-c376-4a87-89d3-03f2f489da00
Date
Sat, 23 Mar 2019 05:08:25 GMT
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
149
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12187%26ref%3D%26hn_ver%3D10%26fid%3Dd111b945-c376-4a87-89d3-03f2f489da00
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12187%2526ref%253D%2526hn_ver%253D10%2526fid%253Dd111b945-c376-4a87-8...
  • https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=d111b945-c376-4a87-89d3-03f2f489da00
95 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=d111b945-c376-4a87-89d3-03f2f489da00
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:25 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:27 GMT
AN-X-Request-Uuid
99c76ea1-a26e-49ba-a272-e16450720500
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=d111b945-c376-4a87-89d3-03f2f489da00
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.236; 37.58.58.236; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.8:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a&google_gid=CAESEN7j_S3mlb1ovCB1svVbqSg&google_cver=1
95 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a&google_gid=CAESEN7j_S3mlb1ovCB1svVbqSg&google_cver=1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
Connection
keep-alive
Content-Length
95
Content-Type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
server
HTTP server (unknown)
location
https://s.cpx.to/ca.png?dsp=dbm&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a&google_gid=CAESEN7j_S3mlb1ovCB1svVbqSg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
334
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12187%26ref%3D%26hn_ver%3D10%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12187%2526ref%253D%2526hn_ver%253D10%2526fid%253Df63e1ad5-85b2-4dff-8...
  • https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
95 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:27 GMT
AN-X-Request-Uuid
60f96758-76ec-48ac-9bea-332e3102279d
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.236; 37.58.58.236; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.14:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
95 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:25 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Date
Sat, 23 Mar 2019 05:08:25 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
sync
s.cpx.to/
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
95 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
s.cpx.to/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Df63e1ad5-85b2-4dff-8ac5-d089fa53da5a
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
95 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=f63e1ad5-85b2-4dff-8ac5-d089fa53da5a
Date
Sat, 23 Mar 2019 05:08:25 GMT
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
149
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
s.cpx.to/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
95 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=avocet&dsp_uid=50ad01c4-8a1b-4341-8363-6b41c8afe115&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Date
Sat, 23 Mar 2019 05:08:26 GMT
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
149
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
95 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7AE49A14-1F22-4A30-BD73-125A860CBD8B&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Date
Sat, 23 Mar 2019 05:08:26 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
sync
s.cpx.to/
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
95 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3565448589264417009&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
  • https://s.cpx.to/ca.png?dsp=dbm&fid=b0cc16fb-c566-43d1-92de-1c50cb979862&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
95 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=b0cc16fb-c566-43d1-92de-1c50cb979862&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
Connection
keep-alive
Content-Length
95
Content-Type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:26 GMT
server
HTTP server (unknown)
location
https://s.cpx.to/ca.png?dsp=dbm&fid=b0cc16fb-c566-43d1-92de-1c50cb979862&google_gid=CAESECon8NRo232sNqVInyHB7b0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
334
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12187%26ref%3D%26hn_ver%3D10%26fid%3Db0cc16fb-c566-43d1-92de-1c50cb979862
  • https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
95 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Mar 2019 05:08:26 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:27 GMT
AN-X-Request-Uuid
cfc5fc94-abb6-401a-b920-bf33bfff7ed4
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://s.cpx.to/an_fire?app_nexus_uid=2806950470609833046&pid=12187&ref=&hn_ver=10&fid=b0cc16fb-c566-43d1-92de-1c50cb979862
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.236; 37.58.58.236; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.10:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=396584839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thecanary.co%2F&ul=en-us&de=UTF-8&dt=Independent%20Media%20%7C%20Campaigning%20Journalism%20%7...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129593788-1&cid=1402858781.1553317705&jid=1608503514&_gid=122916402.1553317705&gjid=2045989648&_v=j73&z=108195611
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129593788-1&cid=1402858781.1553317705&jid=1608503514&_gid=122916402.1553317705&gjid=2045989648&_v=j73&z=108195611
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sat, 23 Mar 2019 05:08:26 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129593788-1&cid=1402858781.1553317705&jid=1608503514&_gid=122916402.1553317705&gjid=2045989648&_v=j73&z=108195611
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.aspx
ml314.com/ 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?232
Requested by
Host: ads.counciladvertising.net
URL: https://ads.counciladvertising.net/code/canary/doublempu/public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3273dce4deb1a87d9c6b75ce1b9305872ee56ad6da2ab873858d9d20d1ff3a8

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 11:12:50 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=21864
Connection
keep-alive
Content-Length
11908
Expires
Sat, 23 Mar 2019 11:12:50 GMT
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=65&profileId=185&av=16&wv=2.3.0&cb=52691651981
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.2.89 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.thecanary.co
Date
Sat, 23 Mar 2019 05:08:25 GMT
Access-Control-Allow-Credentials
true
Server
Finatra
Timing-Allow-Origin
*
Vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13950&site_id=208448&zone_id=1026088&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.thecanary.co%2F&tk_flint=pbjs_lite_v2.3.0&x_source.tid=a75d51cb-d04f-48aa-b40f-e3850c1766e3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.21457629881041873
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
166e3be50d8b26e7180ebb75974095081887c492ed42ccbd2ebe7c3c545aea0f

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=10
Content-Length
2099
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13950&site_id=208448&zone_id=1026088&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwww.thecanary.co%2F&tk_flint=pbjs_lite_v2.3.0&x_source.tid=a77ef3ed-52c2-4603-a94a-948624bb881b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.47069427764889715
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
19dfa394e17544214c912ade5dc9f3ce7af1472607c57dbb081cbb1afee7e3e3

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=9
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13950&site_id=208448&zone_id=1026088&size_id=2&p_pos=atf&rf=https%3A%2F%2Fwww.thecanary.co%2F&tk_flint=pbjs_lite_v2.3.0&x_source.tid=0d3b535d-d53b-4f65-9f71-5547ce14cfc3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8171158580802644
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7a75f41c9f9289bc82c7765195a6351a0fcfccbec594498947ce13b1cfe212e9

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=10
Content-Length
2074
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		161 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F31781941%2Fss_thecanary%7C110483a08c8f67e%22%3A%22300x600%2C300x250%22%2C%22%2F31781941%2Fss_thecanary%7C12f85e18a03058%22%3A%22300x250%22%2C%22%2F31781941%2Fss_thecanary%7C13399f858a8487e%22%3A%22728x90%22%7D&ref=https%3A%2F%2Fwww.thecanary.co%2F&s=c04710a3-efa4-416a-9cd7-8400109cb7e6&pv=57f9046d-a6cd-4e6c-bd22-de61c5dd4d68&vp=desktop&lib_name=prebid&lib_v=2.3.0&us=5&
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
8092918bc58569ace4260784f60d4cabfe8f9294aea538ee57ac73aeb0a5eca5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:25 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
126
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.203.66.107 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
107.66.203.35.bc.googleusercontent.com
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.thecanary.co
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
server
nginx/1.13.12
access-control-allow-origin
https://www.thecanary.co
vary
origin
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
origin, content-type
cygnus
as-sec.casalemedia.com/ 		25 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=318289&v=7.2&r=%7B%22id%22%3A%221880800392a013d%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219638d7b49e47e4%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22318289%22%2C%22sid%22%3A%22hpu%22%7D%7D%2C%7B%22id%22%3A%2220359b41ad2c91d%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22318289%22%2C%22sid%22%3A%22mpu%22%7D%7D%2C%7B%22id%22%3A%222109c23cdf96159%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22318289%22%2C%22sid%22%3A%22mpu%22%7D%7D%2C%7B%22id%22%3A%2222ffa6685160793%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22318289%22%2C%22sid%22%3A%22leader%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thecanary.co%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec71665bc8431d253cf12b074733b319d7297b42e7ced71e7d46902b36450fff

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Sat, 23 Mar 2019 05:08:26 GMT
prebid
ib.adnxs.com/ut/v3/ 		378 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.80 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
6616f60f16e8d74ea13c245e503baf0fb32ee505ae67b2932f755e464ffe9833
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:28 GMT
X-Proxy-Origin
37.58.58.236; 37.58.58.236; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid
3c273d2b-f5ad-4381-af49-2d900d4f7311
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
378
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
can-digital-d.openx.net/w/1.0/ 		173 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://can-digital-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.thecanary.co%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=a75d51cb-d04f-48aa-b40f-e3850c1766e3%2Ca77ef3ed-52c2-4603-a94a-948624bb881b%2C0d3b535d-d53b-4f65-9f71-5547ce14cfc3&nocache=1553317705891&aus=300x600%2C300x250%7C300x250%7C728x90&divIds=div-gpt-ad-canary-doublempu-1%2Cdiv-gpt-ad-canary-mpu-1%2Cdiv-gpt-ad-canary-leaderboard-1&auid=539906504%2C539906503%2C539906502&
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.128.2 /
Resource Hash
02ae6fe1f615031919f4500aec54b079f76be8a27e4f719c047bcc0efe83395c

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:25 GMT
content-encoding
gzip
server
OXGW/16.128.2
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.thecanary.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ Frame 34E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
19797
pragma
no-cache
cache-control
no-cache
origin
https://www.thecanary.co
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
cookie
fr=0VKkDXbSGeRQVWOwF..Bclb9J...1.0.Bclb9J.
Origin
https://www.thecanary.co
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.thecanary.co
access-control-allow-credentials
true
content-length
0
server
proxygen-bolt
date
Sat, 23 Mar 2019 05:08:25 GMT
visit
api.getdrip.com/client/events/ 		84 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getdrip.com/client/events/visit?drip_account_id=2269267&referrer=&url=https%3A%2F%2Fwww.thecanary.co%2F&domain=www.thecanary.co&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_481121695
Requested by
Host: tag.getdrip.com
URL: https://tag.getdrip.com/2269267.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.63 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-63.fra6.r.cloudfront.net
Software
/
Resource Hash
507a61dc3a19f4f433d36188e25a0001a7618b987bc0501101c8539b8c69d7a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
84
x-amzn-remapped-date
Sat, 23 Mar 2019 05:08:26 GMT
x-amzn-requestid
b09da533-4d29-11e9-b4ff-838cefa6ae01
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=15552000
x-amz-apigw-id
W-rTnERWIAMFZSw=
content-length
84
x-xss-protection
1; mode=block
x-request-id
36e50e3d-bb5f-420c-92d9-6ba2f6a76e3f
x-amz-cf-id
C5gdX74CJO3_jZHg8PaExACE5R0KREyiS5FBMUHVQhHxWohmoOnlAw==
x-runtime
0.035670
etag
W/"507a61dc3a19f4f433d36188e25a0001"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-server
nginx
x-amzn-remapped-connection
keep-alive
Hunt.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/Hunt.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a34aec4b67f9eab386422b561504102c79a1411ebe15c69a2ce25f2b8228e6

Request headers

:path
/wp-content/uploads/2019/03/Hunt.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2019 15:02:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a8dbec1-FRA
content-length
135412
expires
Sat, 23 Mar 2019 09:08:26 GMT
Trump-and-Netanyahu.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/Trump-and-Netanyahu.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a0bd5a1565b8fc4d13a0e4521b08c3526fd5eba558ef23b0006849dac84fe

Request headers

:path
/wp-content/uploads/2019/03/Trump-and-Netanyahu.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2019 12:48:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a8abec1-FRA
content-length
73435
expires
Sat, 23 Mar 2019 09:08:26 GMT
BBC-150x150.jpg
www.thecanary.co/wp-content/uploads/2018/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2018/08/BBC-150x150.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
852a8a0281a1b6d7a24139fc66e7b45ed8cc4d6ae8333350282ad27a254dce41

Request headers

:path
/wp-content/uploads/2018/08/BBC-150x150.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Nov 2018 09:57:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a86bec1-FRA
content-length
4506
expires
Sat, 23 Mar 2019 09:08:26 GMT
Police-surveillance-770-x-403-min-150x150.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/Police-surveillance-770-x-403-min-150x150.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f206f2b99920299cec95522f63e9d5a0bc7a729eb814d11730b19d6fd5c848

Request headers

:path
/wp-content/uploads/2019/03/Police-surveillance-770-x-403-min-150x150.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2019 03:08:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a8ebec1-FRA
content-length
6892
expires
Sat, 23 Mar 2019 09:08:26 GMT
Fiona-Bruce-150x150.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/Fiona-Bruce-150x150.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe60d96fd5b658ba66d330ede0702b378c47aa432835f979806ab85be9b5c461

Request headers

:path
/wp-content/uploads/2019/03/Fiona-Bruce-150x150.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2019 10:33:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a89bec1-FRA
content-length
3900
expires
Sat, 23 Mar 2019 09:08:26 GMT
may-pmqs-resign-extention-min.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/may-pmqs-resign-extention-min.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7492af5130aa85f612d4a9a85c7d197518e13909179062ade82e07cd890262b2

Request headers

:path
/wp-content/uploads/2019/03/may-pmqs-resign-extention-min.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 20 Mar 2019 14:17:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a87bec1-FRA
content-length
47945
expires
Sat, 23 Mar 2019 09:08:26 GMT
CanaryTeam1_opt-291x403.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/CanaryTeam1_opt-291x403.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ab67ac714b51716aef733d23c66dd0431663645c526152d342ba0c29443edc

Request headers

:path
/wp-content/uploads/2019/03/CanaryTeam1_opt-291x403.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 16 Mar 2019 17:27:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a88bec1-FRA
content-length
29454
expires
Sat, 23 Mar 2019 09:08:26 GMT
UoM-Divest-From-Caterpllar.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/UoM-Divest-From-Caterpllar.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
239a6b4117c65d12031e7000564fb4513789562625596b6be74bda016474d1ed

Request headers

:path
/wp-content/uploads/2019/03/UoM-Divest-From-Caterpllar.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Mar 2019 17:03:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32efaecbec1-FRA
content-length
159583
expires
Sat, 23 Mar 2019 09:08:26 GMT
may-pmqs-resign-extention-min-150x150.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/may-pmqs-resign-extention-min-150x150.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1041dae3e51ef9d8fbf9eb274dcd1dcca7b3afae0c08f4b1d162d751f6adc00e

Request headers

:path
/wp-content/uploads/2019/03/may-pmqs-resign-extention-min-150x150.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2019 14:17:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a8bbec1-FRA
content-length
5662
expires
Sat, 23 Mar 2019 09:08:25 GMT
guardiancobyn-up-1552760434.jpg
www.thecanary.co/wp-content/uploads/2018/09/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2018/09/guardiancobyn-up-1552760434.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d96acefab272f544ccb86bde1504355af2f5c1d8979825729681fedd278a77

Request headers

:path
/wp-content/uploads/2018/09/guardiancobyn-up-1552760434.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:25 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Mar 2019 18:20:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32e7a8cbec1-FRA
content-length
34199
expires
Sat, 23 Mar 2019 09:08:25 GMT
/
www.facebook.com/tr/ Frame 88D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
20067
pragma
no-cache
cache-control
no-cache
origin
https://www.thecanary.co
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
cookie
fr=0VKkDXbSGeRQVWOwF..Bclb9J...1.0.Bclb9J.
Origin
https://www.thecanary.co
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.thecanary.co
access-control-allow-credentials
true
content-length
0
server
proxygen-bolt
date
Sat, 23 Mar 2019 05:08:26 GMT
pixel;r=708190731;labels=title.Independent%20Media%20%7C%20Campaigning%20Journalism%20%7C%20The%20Canary%2Ctitle.Independent%20Media%20%7C%20Campaigning%20Journalism%20%7C%20The%20Canary;rf=0;a=p-m...
pixel.quantserve.com/ 		35 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=708190731;labels=title.Independent%20Media%20%7C%20Campaigning%20Journalism%20%7C%20The%20Canary%2Ctitle.Independent%20Media%20%7C%20Campaigning%20Journalism%20%7C%20The%20Canary;rf=0;a=p-mjq2rgU4Jj7VF;url=https%3A%2F%2Fwww.thecanary.co%2F;fpan=1;fpa=P0-1243679268-1553317706037;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1553317706037;tzo=0;ogl=locale.en_GB%2Ctype.website%2Ctitle.Independent%20Media%20%7C%20Campaigning%20Journalism%20%7C%20The%20Canary%2Cdescription.Independent%20Media%20%7C%20Campaigning%20Journalism%20from%20The%20Canary%2Curl.https%3A%2F%2Fwww%252Ethecanary%252Eco%2F%2Csite_name.The%20Canary%2Cimage.https%3A%2F%2Fwww%252Ethecanary%252Eco%2Fwp-content%2Fuploads%2F2015%2F10%2FLogo1200x630%252Epng%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ethecanary%252Eco%2Fwp-content%2Fuploads%2F2015%2F10%2FLogo1200x630%252Epng%2Cimage%3Awidth.1024%2Cimage%3Aheight.538
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.213 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:29 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
/
gkng.ayads.co/ 		1 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gkng.ayads.co/
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/22001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b25 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
4bbde32f8c58c27e-FRA
content-length
1
BeFunky-collage-19-up-1552763789.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/BeFunky-collage-19-up-1552763789.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fb32f90c92ff4e640bda353d9724276dabfa873a35ac51532fc8a37aa95e18

Request headers

:path
/wp-content/uploads/2019/03/BeFunky-collage-19-up-1552763789.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Mar 2019 19:16:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32f5b34bec1-FRA
content-length
57155
expires
Sat, 23 Mar 2019 09:08:26 GMT
Tony-Blair-150x150.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/Tony-Blair-150x150.jpg
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9314d61b64ca216de28583d43a5994f5cca12fea3538192375bfaddd526c0dfd

Request headers

:path
/wp-content/uploads/2019/03/Tony-Blair-150x150.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2019 13:35:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde32f5b35bec1-FRA
content-length
4077
expires
Sat, 23 Mar 2019 09:08:26 GMT
request
api.rhombusads.com/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rhombusads.com/v1/request
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.15.238 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-18-15-238.us-east-2.compute.amazonaws.com
Software
nginx/1.12.1 / Express
Resource Hash
daa75acbf73c2f6c42ecbc6c501831ddb9e57cac406ffdba29f1cbf3dd820e0f

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/json

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Content-Encoding
gzip
ETag
W/"8d7-pEfydTaW+RallXeG2AsgxizavEU"
Server
nginx/1.12.1
X-Powered-By
Express
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
693
utsync.ashx
ml314.com/ 		793 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=66099&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.thecanary.co%2F&pv=1553317706165_0rw6l7b04&bl=en-us&cb=7401005&return=&ht=&d=&dc=&si=1553317706165_0rw6l7b04&cid=&s=1600x1200&rp=
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b4671cb9d4879a8c2937da394ef46f21d48bc1aa3da1052bddf27ecc3cdcf39

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
484
Expires
0
v1
dmx.districtm.io/b/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.203.66.107 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
107.66.203.35.bc.googleusercontent.com
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
server
nginx/1.13.12
status
204
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.thecanary.co
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
origin, content-type
csync.ashx
ml314.com/
Redirect Chain
  • https://tags.bluekai.com/site/20486?limit=0&id=5978151465932972828&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151465932972828%26eid=50056
  • https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465932972828&eid=50056
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465932972828&eid=50056
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Sun, 24 Mar 2019 01:08:26 GMT

Redirect headers

Location
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465932972828&eid=50056
Date
Sat, 23 Mar 2019 05:08:26 GMT
Connection
keep-alive
Content-Length
0
BK-Server
707e
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=5978151465932972828
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2NTkzMjk3MjgyOBAAGg0Iyv7W5AUSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=e4a0aa035b3f25267a627f6b887e175fa3e979b4eb3afb9634a8750ffbfdeb38f4cb09cee1a4f8eb&person_id=5978151465932972828&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=e4a0aa035b3f25267a627f6b887e175fa3e979b4eb3afb9634a8750ffbfdeb38f4cb09cee1a4f8eb&person_id=5978151465932972828&eid=50082
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:25 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Sun, 24 Mar 2019 01:08:26 GMT

Redirect headers

status
307
date
Sat, 23 Mar 2019 05:08:26 GMT
cache-control
no-cache, no-store
timing-allow-origin
*
content-length
0
location
https://ml314.com/csync.ashx?fp=e4a0aa035b3f25267a627f6b887e175fa3e979b4eb3afb9634a8750ffbfdeb38f4cb09cee1a4f8eb&person_id=5978151465932972828&eid=50082
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync.ashx
ml314.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465932972828%26eid=50220
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465932972828%26eid=50220&mm_bnc&mm_bct
  • https://ml314.com/csync.ashx?fp=e1a05c95-b045-4700-8365-f8ff9a31b311&person_id=5978151465932972828&eid=50220
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=e1a05c95-b045-4700-8365-f8ff9a31b311&person_id=5978151465932972828&eid=50220
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Sun, 24 Mar 2019 01:08:26 GMT

Redirect headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ml314.com/csync.ashx?fp=e1a05c95-b045-4700-8365-f8ff9a31b311&person_id=5978151465932972828&eid=50220
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sat, 23 Mar 2019 05:08:25 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465932972828
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465932972828
  • https://ml314.com/csync.ashx?fp=45d34f48e2781555e49bfbed4999d5e0&eid=50146&person_id=5978151465932972828
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=45d34f48e2781555e49bfbed4999d5e0&eid=50146&person_id=5978151465932972828
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:32 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Sun, 24 Mar 2019 01:08:33 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:33 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://ml314.com/csync.ashx?fp=45d34f48e2781555e49bfbed4999d5e0&eid=50146&person_id=5978151465932972828
Cache-Control
no-cache
X-Server
10.26.18.177
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2-FVvxXMYxwdHix8mLzsD1wZZoiF5fF36ccgxsWroxwU&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
  • https://ml314.com/csync.ashx?fp=2-FVvxXMYxwdHix8mLzsD1wZZoiF5fF36ccgxsWroxwU&person_id=5978151465932972828&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
70 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.195.52.121 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-52-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control
private
Connection
keep-alive
Content-Length
168
Expires
Sun, 24 Mar 2019 01:08:27 GMT
/
optchk.ayads.co/ 		25 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://optchk.ayads.co/?callback=sublimeCb1553317705113
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/22001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.129.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-251-129-195.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1eb84a8ca585986405cfc881af41cf5658752b32189bafda9c2093f4a559daba

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:26 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
25
Expires
Sun, 01 Jan 2014 00:00:00 GMT
/
antenna.ayads.co/ 		43 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?t=1553317704245&z=22001&device=d&puid=p7802470593318649000&suid=s1850285523836010200&gc=0&gm=0&ga=1&gs=2&e=p&gd&gdv&et=1977&tfz=1111
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.88.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/ 		43 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?t=1553317704245&z=22001&device=d&puid=p7802470593318649000&suid=s1850285523836010200&gc=0&gm=0&ga=1&gs=2&e=ipb&et=1978&tfz=1112
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.88.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rhr.html
cdn.rhombusads.com/ Frame 5D20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.rhombusads.com/rhr.html?rq=undefined
Requested by
Host: cdn.rhombusads.com
URL: https://cdn.rhombusads.com/js/rh.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:3200:1b:9b08:7f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.12.1 / Express
Resource Hash

Request headers

:method
GET
:authority
cdn.rhombusads.com
:scheme
https
:path
/rhr.html?rq=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
content-type
text/html; charset=UTF-8
content-length
631
accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=0
date
Sat, 23 Mar 2019 02:32:54 GMT
etag
W/"277-1699db53b70"
last-modified
Thu, 21 Mar 2019 00:44:54 GMT
server
nginx/1.12.1
x-powered-by
Express
x-cache
Hit from cloudfront
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
x-amz-cf-id
yAIIlwsW-oClrU9xqbaKyeCGigq3NHuLZ98sn2gmVxOjyuMmTWldvQ==
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2139385448019096&correlator=1310015341091566&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061743%2C21063016%2C21063066%2C53887177&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=31781941%2Css_thecanary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&prev_scp=hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.10%26hb_adid_rubicon%3D31e66473cd80dcc%26hb_bidder_rubicon%3Drubicon%26hb_auction_type%3Dinitial%26hb_ba%3D1.5%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.10%26hb_adid%3D31e66473cd80dcc%26hb_bidder%3Drubicon&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1553285512&dt=1553317706764&dlt=1553317704965&idt=893&frm=20&biw=1585&bih=1200&oid=3&adxs=1136&adys=1549&adks=126380742&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thecanary.co%2F&dssz=86&icsg=71090298683647&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&blev=1&bisch=1&ga_vid=1402858781.1553317705&ga_sid=1553317707&ga_hid=396584839&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
beeeff617dd06b444bbba41370eccd8939af423c349b0ed759f680bd65d52f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1937
x-xss-protection
1; mode=block
google-lineitem-id
4503150696
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138218280343
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.thecanary.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_319.js
securepubads.g.doubleclick.net/gpt/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Mar 2019 16:13:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25393
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:26 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		477 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2139385448019096&correlator=4200069776478208&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21061743%2C21063016%2C21063066%2C53887177&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=31781941%2Css_thecanary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1553285512&dt=1553317706786&dlt=1553317704965&idt=893&frm=20&biw=1585&bih=1200&oid=3&adxs=1136&adys=415&adks=2641242571&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thecanary.co%2F&dssz=87&icsg=71090298683647&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&blev=1&bisch=1&ga_vid=1402858781.1553317705&ga_sid=1553317707&ga_hid=396584839&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e48d831a86d664d6e58c4f853b56814e2c5e4997e5155347fdc6e876eaced26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
318
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.thecanary.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2139385448019096&correlator=3441568694982586&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fifs&adsid=NT&json_a=1&eid=21061743%2C21063016%2C21063066%2C53887177&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=31781941%2Css_thecanary&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.10%26hb_adid_rubicon%3D32e485761ec8cc7%26hb_bidder_rubicon%3Drubicon%26hb_auction_type%3Dinitial%26hb_ba%3D1.5%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D32e485761ec8cc7%26hb_bidder%3Drubicon&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1553285512&dt=1553317706795&dlt=1553317704965&idt=893&frm=20&biw=1585&bih=1200&oid=3&adxs=268&adys=1066&adks=2403599834&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thecanary.co%2F&dssz=87&icsg=71090298683647&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&blev=1&bisch=1&ga_vid=1402858781.1553317705&ga_sid=1553317707&ga_hid=396584839&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a35913ccdff6ca293da338e1018fb597b687f80b62d742d6d39411553fc8c019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1933
x-xss-protection
1; mode=block
google-lineitem-id
4503150696
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138218280343
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.thecanary.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
tags.mathtag.com/notify/ Frame D57B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvWVdGa01HUXhNV1V0T0RjelpTMWtZbUl6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyMzQwNDk3NjQwMTM0MDkzNTMvNjYyMjQ3Mi80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3WXRMeDlQNTRxT0VIeWwtTGxqRl8tWS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQyMzQwNDk3NjQwMTM0MDkzNTMvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/VUlTqRectZwgemJUvkBC0QdW9KI&nodeid=1259&auctionid=4234049764013409353&exch=ruc&sid=4562355&cid=6622472&price=2397CD7734278496&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.135.48 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.140.0 /
Resource Hash
cdad164f1f7c6a75820a7678fe0466f18df6993f69251f2e46b96640e82bc5fc

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Mar 2019 05:08:25 GMT
Server
MMBD/3.140.0
x-mm-latency
1 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
count
Cache-Control
no-cache
x-mm-host
cdg-router-x28, cdg-bidder-x103
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sat, 23 Mar 2019 05:08:25 GMT
fabc3c35-12fc-4480-a73c-c49a66491cb7
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame D57B 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu-ams3.rubiconproject.com/beacon/d/fabc3c35-12fc-4480-a73c-c49a66491cb7?oo=0&accountId=13950&siteId=208448&zoneId=1026088&sizeId=15&e=6A1E40E384DA563BE29FBC92DFB81D8A88A5E7EA4B90367EA4E2AE64415A15B580E7DC82BEC6FEFBBAD490DBC43D0AA3B8B520C6696685697FB0F1011A5D8C4CA004551282A9FD1B15C2664BD6C689CC6FD52A28A4E9B2FC72210FA4C7BE6297FE4C0AAFD0249E5995D7ED75ACA107F32500495CB7C8A3439D3089EB44808C3560A10B60C6A3BE583E9F599F7A24C1476F70C4991CE684DB808FB4D9A3F6DA498B970BF2A51D8D94516541E315AD6ED35C62F63B15845470B7A641323B3C2F897B36CA33AA862C943F8BFAFDB5B467D2D6653FCAFE28C1C71C9B7EC88D04D87308B5F5FC85CDD085183BE49CDA115426A834E5C0566BBF766AB9BA27ABD97E5F49963E25E29BE02D740F29E605FFF5B48A989DABF2FEA648FDF9F692C84E104E32C3F9AC40D601F74065180D8085CCB24F3DE63CB6F5BFE2FA4DDDB4FA6130165CFCE3AC9A1F3376396FF71B5F23E5B076F6282A7CD5C4EA808FB4D9A3F6DA496F70C4991CE684DB8AF7FA0DFA894E86D36AC1A27C27F4A7D3201714506A35D87B0DC6831E428D18808FB4D9A3F6DA49E40FB3896E81C6AC8D9CFBAB1D69B1A1B9D50EB8C5544E3B5C62F63B15845470B7A641323B3C2F897B36CA33AA862C9440D5250CBCAD59CB32C3F9AC40D601F7218F1376BE3565F9F33108F6CB051EE4B1B09867F38E36B2B93EAE91649C907BDCC85BD77470D76832F122FE47DE5EBD14CB2D0B124286002440D4F8E62EBC04842EA32356F33088EB4876B7BC8C03F9D9CC53C6CC3BAA9A01B161855D5543C4998234B169F03692B5882A266E2AF01BB290D3727B661DC96B5C3C36BCDEE6398DC30C6B814DA4B5D744C0E679E3BE28B18B7C9B1C6A10DD
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.77 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:27 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame D57B 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
60fdb35f6ad4bb9182219967e37128a310ac24a1ce67bc8cadb11ad956de8aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1553253327984164"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29871
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:26 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3da096eadec42f2ee70ba0d51e8a54704543b5b67a957732d8c244cd90b731ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1553253327984164"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29012
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D57B 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvj3NQn28iQaOC2oAyORU5W8YrRieDdWrSFvVwqoXAeIxJDC1aVePFSHPKZIvtr0ekm3VGcxcwpZA0CWQa80h2rqOj0s8QdcirhYMMRjlMYyN5T4FgPVyMtlgjD8TJdC987PA4j77haZuqB-Z87o2nPJC5xHDavpMaJNujyHcvBdD0u_Rc63_JGKU1boJpLayj-5LZI0uyA3PMJK71diUAmAHSjjBTN2txHGU6K8jdvb5jGP06nYvDSrTfTELBQr78ZTA&sai=AMfl-YSdWtCDMWvjw0ljvsGdzjbwvRvr26hpen_ZaGnU5_t2yAgXESOFjg3OvOqA05lOHcr5WsUWl08P-3NCsmZqnwaTX6aROvbZ4g8C8TX6kIY2xsn8ZaLvysgd26_O&sig=Cg0ArKJSzGDS83WjcH_IEAE&urlfix=1&adurl=
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
js
tags.mathtag.com/notify/ Frame 42E1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvTUdSbFl6UTBaV010WmpJd05pMHhaVFU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwODg5NDA0NDg2MDA1ODkzODUvNjYyMjQ3OC80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3VVhOSTRobU1TWEI4OGQ3c2NVcDBySS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwODg5NDA0NDg2MDA1ODkzODUvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/1FYlE5AJSNmskBwNuaTEZR3UBns&nodeid=1362&auctionid=6088940448600589385&exch=ruc&sid=4562355&cid=6622478&price=D2CD3B6BAC6A6B6D&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.135.48 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.140.0 /
Resource Hash
ec6121c882d4d3d1b21012619bf0f02e1d05863fd89f0fe8253ba708ba186585

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Mar 2019 05:08:25 GMT
Server
MMBD/3.140.0
x-mm-latency
2 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
count
Cache-Control
no-cache
x-mm-host
cdg-router-x53, cdg-bidder-x124
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sat, 23 Mar 2019 05:08:25 GMT
96273565-4ebf-4ced-8950-1abb0fc8cac5
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame 42E1 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu-ams3.rubiconproject.com/beacon/d/96273565-4ebf-4ced-8950-1abb0fc8cac5?oo=0&accountId=13950&siteId=208448&zoneId=1026088&sizeId=2&e=6A1E40E384DA563BE07035502784ECD3D98AF9005E2CF8AA8BC77694D0DD8B2F2683C6B5581AD9A6CDDC6E3477843787B8B520C6696685694AF4C52AE7429230A004551282A9FD1B15C2664BD6C689CC6FD52A28A4E9B2FC9C42D960FC219DAEFE4C0AAFD0249E597F7C0A98458F56DDEC675CD629F5D496FA7AD7DF03BC4979450314D27F96F4319ED516A7D3219F796F70C4991CE684DB808FB4D9A3F6DA498B970BF2A51D8D945D07C85CBAA431AA1D4DD74CFC7B4F9FBE2A9CEF9F55E224D9508B0B13A74B4A3F8BFAFDB5B467D20243D9EC4CF8FCA31C9B7EC88D04D87308B5F5FC85CDD085183BE49CDA115426A834E5C0566BBF767D9CE71FA756C6AD62571B7ECDB1BE7A48CB3E24B960B5B4849A9F1F2820802681C1BEC753807C1C32C3F9AC40D601F74065180D8085CCB24F3DE63CB6F5BFE2FA4DDDB4FA6130165CFCE3AC9A1F3376396FF71B5F23E5B076F6282A7CD5C4EA808FB4D9A3F6DA496F70C4991CE684DB8AF7FA0DFA894E86D36AC1A27C27F4A7D3201714506A35D87B0DC6831E428D18808FB4D9A3F6DA49E40FB3896E81C6AC8D9CFBAB1D69B1A1911C2C22AC04CBA31D4DD74CFC7B4F9FBE2A9CEF9F55E224D9508B0B13A74B4A40D5250CBCAD59CB32C3F9AC40D601F7218F1376BE3565F9F33108F6CB051EE4BB4FD347A4C45E4FB0AB65E3D85DC7B3519E350CFDDDD3AE62B3E59072F8C07214CB2D0B124286008ACC8EDEC974C646842EA32356F330882B9C8DA8D008D0189674115853034FD87E625848872D964AE88D14A8E282D0F9126CA80D8AB5A7363F9F1CDB2AB98675B52AD467DA131C3FB97A3694A6BA797EA0B5A2975B678582B691A6A99BE23ECF
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.77 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:27 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 42E1 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
60fdb35f6ad4bb9182219967e37128a310ac24a1ce67bc8cadb11ad956de8aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1553253327984164"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29871
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2019 05:08:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 42E1 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQqKSUbF6lxBC6xC_UYC3pEbNxmPEI2p9eeenan-9BAI5BbKReTPcxc0MFXx5f6nIkanmt3Vs99IXL69qz9lrAtU0_4TWO4d23IOxoj_J--ZSAYhurCFVwBc2olkYzadblYxLn9j_NeP6tCbLkZ_-SrMslwhWUPoqb8LMB88C8hauhE53w-AUFpi1yBr85MPMaGGGKYG0Z10zKp27t9HpiE_kwNQrZKyTWOPTjvsJsBV881xlE2xXHJMJpMZfVBTT7kA&sai=AMfl-YSqtZonfi4Gr-JEd3MvjrmNo2vaQ6-A1gw4JEO5HCF9Fhx-jfAqwSF44nKPeomyS0t5iwh1GEOLP3__RYpunZySv6EvEgxcjrhnqLoBTpzyCybrM6q-b59RcPNc&sig=Cg0ArKJSzKjwvtNt3mI4EAE&urlfix=1&adurl=
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
zrti13rjdl37
hal9000.redintelligence.net/zone/ Frame D57B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/zrti13rjdl37?subid=&rnd=4234049764013409353&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4234049764013409353%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F%26redirect%3D
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.44.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.44.243.136.clients.your-server.de
Software
Apache /
Resource Hash
1c48a99b42458acbc6b2de0a1b4b747524e7bb5dc54a4e79055045b5508ae31d

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2816
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame D57B 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=4234049764013409353&v3=651871&v4=4562355&v5=6622472&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvWVdGa01HUXhNV1V0T0RjelpTMWtZbUl6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyMzQwNDk3NjQwMTM0MDkzNTMvNjYyMjQ3Mi80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3WXRMeDlQNTRxT0VIeWwtTGxqRl8tWS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQyMzQwNDk3NjQwMTM0MDkzNTMvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/VUlTqRectZwgemJUvkBC0QdW9KI&nodeid=1259&auctionid=4234049764013409353&exch=ruc&sid=4562355&cid=6622472&price=2397CD7734278496&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x16 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x16
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Mar 2019 05:08:26 GMT
img
tags.mathtag.com/event/ Frame D57B 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=4234049764013409353&st=4562355&time=1553317706
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvWVdGa01HUXhNV1V0T0RjelpTMWtZbUl6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyMzQwNDk3NjQwMTM0MDkzNTMvNjYyMjQ3Mi80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3WXRMeDlQNTRxT0VIeWwtTGxqRl8tWS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQyMzQwNDk3NjQwMTM0MDkzNTMvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/VUlTqRectZwgemJUvkBC0QdW9KI&nodeid=1259&auctionid=4234049764013409353&exch=ruc&sid=4562355&cid=6622472&price=2397CD7734278496&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.141.3 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:28 GMT
Server
MMBD/3.141.3
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x30, zrh-bidder-x101
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 23 Mar 2019 05:08:27 GMT
js
pixel.mathtag.com/sync/ Frame D57B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvWVdGa01HUXhNV1V0T0RjelpTMWtZbUl6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyMzQwNDk3NjQwMTM0MDkzNTMvNjYyMjQ3Mi80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3WXRMeDlQNTRxT0VIeWwtTGxqRl8tWS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQyMzQwNDk3NjQwMTM0MDkzNTMvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/VUlTqRectZwgemJUvkBC0QdW9KI&nodeid=1259&auctionid=4234049764013409353&exch=ruc&sid=4562355&cid=6622472&price=2397CD7734278496&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x10 /
Resource Hash
015ecdec79939116c633481c3f591c1c945cd3d747740f5148e8346aeff929e7

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1572
Expires
Sat, 23 Mar 2019 05:08:26 GMT
pixel
cm.g.doubleclick.net/ Frame D57B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=YWFkMGQxMWUtODczZS1kYmIzLTAwMDAtMDAwMDAwMDAwMDAw
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEMM8FoVNv9KaDqu_AfLv4mE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
170 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/png
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
170
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 23 Mar 2019 05:08:26 GMT
4448
stags.bluekai.com/site/ Frame D57B 		62 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/4448?id=aad0d11e-873e-dbb3-0000-000000000000
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvWVdGa01HUXhNV1V0T0RjelpTMWtZbUl6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyMzQwNDk3NjQwMTM0MDkzNTMvNjYyMjQ3Mi80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3WXRMeDlQNTRxT0VIeWwtTGxqRl8tWS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQyMzQwNDk3NjQwMTM0MDkzNTMvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/VUlTqRectZwgemJUvkBC0QdW9KI&nodeid=1259&auctionid=4234049764013409353&exch=ruc&sid=4562355&cid=6622472&price=2397CD7734278496&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-241-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
366b
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
dap2i2xhbauc
hal9000.redintelligence.net/zone/ Frame 42E1 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/dap2i2xhbauc?subid=&rnd=6088940448600589385&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6088940448600589385%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F%26redirect%3D
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.44.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.44.243.136.clients.your-server.de
Software
Apache /
Resource Hash
0a9206827a793dff2e308219a14fba7fb5226f130ad61cf0525e7a6e94939fec

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2818
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 42E1 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=6088940448600589385&v3=651871&v4=4562355&v5=6622478&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvTUdSbFl6UTBaV010WmpJd05pMHhaVFU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwODg5NDA0NDg2MDA1ODkzODUvNjYyMjQ3OC80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3VVhOSTRobU1TWEI4OGQ3c2NVcDBySS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwODg5NDA0NDg2MDA1ODkzODUvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/1FYlE5AJSNmskBwNuaTEZR3UBns&nodeid=1362&auctionid=6088940448600589385&exch=ruc&sid=4562355&cid=6622478&price=D2CD3B6BAC6A6B6D&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x5 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Mar 2019 05:08:26 GMT
img
tags.mathtag.com/event/ Frame 42E1 		49 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=6088940448600589385&st=4562355&time=1553317706
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvTUdSbFl6UTBaV010WmpJd05pMHhaVFU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwODg5NDA0NDg2MDA1ODkzODUvNjYyMjQ3OC80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3VVhOSTRobU1TWEI4OGQ3c2NVcDBySS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwODg5NDA0NDg2MDA1ODkzODUvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/1FYlE5AJSNmskBwNuaTEZR3UBns&nodeid=1362&auctionid=6088940448600589385&exch=ruc&sid=4562355&cid=6622478&price=D2CD3B6BAC6A6B6D&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.141.3 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:28 GMT
Server
MMBD/3.141.3
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x24, zrh-bidder-x4
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 23 Mar 2019 05:08:27 GMT
js
pixel.mathtag.com/sync/ Frame 42E1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvTUdSbFl6UTBaV010WmpJd05pMHhaVFU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwODg5NDA0NDg2MDA1ODkzODUvNjYyMjQ3OC80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3VVhOSTRobU1TWEI4OGQ3c2NVcDBySS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwODg5NDA0NDg2MDA1ODkzODUvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/1FYlE5AJSNmskBwNuaTEZR3UBns&nodeid=1362&auctionid=6088940448600589385&exch=ruc&sid=4562355&cid=6622478&price=D2CD3B6BAC6A6B6D&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x2 /
Resource Hash
015ecdec79939116c633481c3f591c1c945cd3d747740f5148e8346aeff929e7

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1572
Expires
Sat, 23 Mar 2019 05:08:26 GMT
pixel
cm.g.doubleclick.net/ Frame 42E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MGRlYzQ0ZWMtZjIwNi0xZTU4LTAwMDAtMDAwMDAwMDAwMDAw
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEMM8FoVNv9KaDqu_AfLv4mE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
170 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/png
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
170
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4aBclbBFRwCDZfj_mjGzEQ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 23 Mar 2019 05:08:26 GMT
4448
stags.bluekai.com/site/ Frame 42E1 		62 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/4448?id=0dec44ec-f206-1e58-0000-000000000000
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE4LyAvTUdSbFl6UTBaV010WmpJd05pMHhaVFU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwODg5NDA0NDg2MDA1ODkzODUvNjYyMjQ3OC80NTYyMzU1LzkvWGFkSnZKaHQ1d18yRGhrTHRUeTN3VVhOSTRobU1TWEI4OGQ3c2NVcDBySS8xLzkvMC8wLzk1NjgwMy82MjQ1NzMxNjQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYwODg5NDA0NDg2MDA1ODkzODUvYW1zLzAvMC8wLzk5OS84LzM3LjU4LjU4LjAv/1FYlE5AJSNmskBwNuaTEZR3UBns&nodeid=1362&auctionid=6088940448600589385&exch=ruc&sid=4562355&cid=6622478&price=D2CD3B6BAC6A6B6D&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHw&group=eu&bp=a_bfbbbb&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-241-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
eec3
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
uk.ads.justpremium.com/adserve/client/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uk.ads.justpremium.com/adserve/client/?zone=68302&debug=1&ru=https%3A%2F%2Fwww.thecanary.co%2F&sw=1600&sh=1200&ww=1600&wh=1200&ui=a3cac8a9-f75e-02ba-6cdd-4279b45346d7-1553317705141&tt=1553317707169&rid=54b51c0d-bb8a-d5b9-9b0a-ab2a8877afb0-1553317705141&eu=1&cs=
Requested by
Host: uk.ads.justpremium.com
URL: https://uk.ads.justpremium.com/adserve/js.php?zone=68302
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.164.235 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-164-235.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
560bd31233423f2700dc9ffb6e3512aac8a8961ea8350823dd10fe9085a72c97

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
content-encoding
gzip
Server
nginx
vary
origin,accept-encoding
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecanary.co
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache, no-store
access-control-allow-credentials
true
Connection
keep-alive
transfer-encoding
chunked
Cookie set sync
pre.ads.justpremium.com/v/1.0/t/ Frame 3BF2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync
Requested by
Host: cdn-cf.justpremium.com
URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.110.40 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-110-40.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
pre.ads.justpremium.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
jpxsession=56354041-4e00-a9ce-f0bb-a2623cb7fdb3-1553317705141; jpxuuid=a3cac8a9-f75e-02ba-6cdd-4279b45346d7-1553317705141; jpxumaster=5845ac07-e043-a3c4-0cfd-e286b9e24531-1553317707189; 68302_279745=0_0_0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Cache-control
no-cache="set-cookie"
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
nginx
Set-Cookie
OX_u=; max-age=-1553317707.609; expires=Thu Jan 01 1970 00:00:00 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; jpxumaster=5845ac07-e043-a3c4-0cfd-e286b9e24531-1553317707189; max-age=2592000; expires=Mon Apr 22 2019 05:08:27 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; AWSELB=1F0B3B830607DD16DCAE556FE58E9ECE5A08087B28C9EBFEAB5FE0ED103B6833BB69F0FF6903D0A45660F17A10EB7D437831E7533B103F07CADF9F20DA2209CDC876AD73AF;PATH=/;MAX-AGE=604800
Content-Length
781
Connection
keep-alive
tracking.gif
emea-v3.tracking.justpremium.com/ Frame 6097 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emea-v3.tracking.justpremium.com/tracking.gif?rid=54b51c0d-bb8a-d5b9-9b0a-ab2a8877afb0-1553317705141&sid=56354041-4e00-a9ce-f0bb-a2623cb7fdb3-1553317705141&uid=a3cac8a9-f75e-02ba-6cdd-4279b45346d7-1553317705141&vr=v2.12.276&ru=https%3A%2F%2Fwww.thecanary.co%2F&tt=1553317707225&siw=1300&sh=1200&sw=1600&wh=1200&ww=1600&an=i-0bc78bd7bf50c0626&vn=eu-west-1&sd=uk&_c=aer1f5m1553317707225&et=&aid=279745,279745&said=500603,500604&ei=540658600%2C13319643&fc=wp,wp&sp=22,1&at=adserver&cid=&ist=0,0&mg=&dl=&dlt=&ev=&vt=&zid=68302&dr=56&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A3309%7D&ty=ex
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.215.78 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-215-78.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Last-Modified
Mon, 11 Mar 2019 10:37:28 GMT
Server
nginx
ETag
"5c863a68-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
hb
ad.360yield.com/ul_cb/
Redirect Chain
  • https://ad.360yield.com/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%...
  • https://ad.360yield.com/ul_cb/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/ul_cb/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%22imp%22%3A%5B%7B%22id%22%3A500604%2C%22pid%22%3A13319643%2C%22banner%22%3A%7B%7D%2C%22kvw%22%3A%7B%22kv%22%3A%5B%22hb%22%5D%7D%7D%5D%2C%22debug%22%3A1%2C%22gdpr%22%3A1%7D%7D
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.121.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
nginx
Location
https://ad.360yield.com/ul_cb/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%22imp%22%3A%5B%7B%22id%22%3A500604%2C%22pid%22%3A13319643%2C%22banner%22%3A%7B%7D%2C%22kvw%22%3A%7B%22kv%22%3A%5B%22hb%22%5D%7D%7D%5D%2C%22debug%22%3A1%2C%22gdpr%22%3A1%7D%7D
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.thecanary.co
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ad.360yield.com/ul_cb/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%22imp%22%3A%5B%7B%22id%22%3A500604%2C%22pid%22%3A13319643%2C%22banner%22%3A%7B%7D%2C%22kvw%22%3A%7B%22kv%22%3A%5B%22hb%22%5D%7D%7D%5D%2C%22debug%22%3A1%2C%22gdpr%22%3A1%7D%7D
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
arj
ox-d.justpremium.com/w/1.0/
Redirect Chain
  • https://ox-d.justpremium.com/w/1.0/arj?url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317707234_3954_callback
  • https://ox-d.justpremium.com/w/1.0/arj?cc=1&url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317707234_3954_callback
  • https://u.openx.net/w/1.0/sc?r=https%3A%2F%2Fox-d.justpremium.com%2Fw%2F1.0%2Farj%3Fcc%3D1%26url%3Dhttps%253A%252F%252Fwww.thecanary.co%26auid%3D540658600%26gdpr%3D1%26gdpr_consent%3D1%26callback%3...
  • https://ox-d.justpremium.com/w/1.0/arj?mi=4b7ea539-8700-013d-27ef-72b55f875772&ma=1553317705&mr=1554527307&mn=0&mc=1&cc=1&url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&cal...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ox-d.justpremium.com/w/1.0/arj?mi=4b7ea539-8700-013d-27ef-72b55f875772&ma=1553317705&mr=1554527307&mn=0&mc=1&cc=1&url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317707234_3954_callback
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, 3DES_EDE_CBC
Server
173.241.240.151 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-151.xa.dc.openx.org
Software
OXGW/16.128.2 /
Resource Hash
b671a39789caa3b23b6a07657d1201b871a22ea32129938bb4b8eb2b44e75aea

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:27 GMT
Content-Encoding
gzip
Server
OXGW/16.128.2
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Content-Type
application/json
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Sat, 23 Mar 2019 05:08:27 GMT
server
OXGW/16.128.2
content-length
0
location
https://ox-d.justpremium.com/w/1.0/arj?mi=4b7ea539-8700-013d-27ef-72b55f875772&ma=1553317705&mr=1554527307&mn=0&mc=1&cc=1&url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317707234_3954_callback
p3p
CP="CUR ADM OUR NOR STA NID"
tracking.gif
emea-v3.tracking.justpremium.com/ Frame 6097 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emea-v3.tracking.justpremium.com/tracking.gif?rid=54b51c0d-bb8a-d5b9-9b0a-ab2a8877afb0-1553317705141&sid=56354041-4e00-a9ce-f0bb-a2623cb7fdb3-1553317705141&uid=a3cac8a9-f75e-02ba-6cdd-4279b45346d7-1553317705141&vr=v2.12.276&ru=https%3A%2F%2Fwww.thecanary.co%2F&tt=1553317707288&siw=1300&sh=1200&sw=1600&wh=1200&ww=1600&an=i-0bc78bd7bf50c0626&vn=eu-west-1&sd=uk&_c=ahcb1ov1553317707288&et=&aid=279745,279745&said=500604,500603&ei=13319643%2C540658600&fc=wp,wp&sp=1,22&at=adserver&cid=&ist=0,0&mg=&dl=&dlt=&ev=&vt=&zid=68302&dr=119&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A3309%7D&ty=adr
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.215.78 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-215-78.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Last-Modified
Mon, 11 Mar 2019 10:37:28 GMT
Server
nginx
ETag
"5c863a68-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
hb
ad.360yield.com/ul_cb/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/ul_cb/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%22imp%22%3A%5B%7B%22id%22%3A500604%2C%22pid%22%3A13319643%2C%22banner%22%3A%7B%7D%2C%22kvw%22%3A%7B%22kv%22%3A%5B%22hb%22%5D%7D%7D%5D%2C%22debug%22%3A1%2C%22gdpr%22%3A1%7D%7D
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.121.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b8d4b0f3474c8647606c58c68dc9aa8c521972afce2790040da895803b36fa3c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Content-Encoding
gzip
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Content-Length
1677
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&external_user_id=CAESEBfcOyL4VSYcJ9TXy4ktj9M&google_cver=1
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&external_user_id=CAESEBfcOyL4VSYcJ9TXy4ktj9M&google_cver=1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.121.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:27 GMT
server
HTTP server (unknown)
location
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&external_user_id=CAESEBfcOyL4VSYcJ9TXy4ktj9M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
374
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAA...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJ...
  • https://ad.360yield.com/match?publisher_dsp_id=42&Expiration=1554527308&external_user_id=7875025431771816756
43 B
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&Expiration=1554527308&external_user_id=7875025431771816756
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.121.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:28 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:28 GMT
server
nginx
access-control-allow-origin
*
location
https://ad.360yield.com/match?publisher_dsp_id=42&Expiration=1554527308&external_user_id=7875025431771816756
status
302
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ad.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
  • https://ad.360yield.com/match?external_user_id=5030808967751963453&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
43 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?external_user_id=5030808967751963453&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.121.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:29 GMT
AN-X-Request-Uuid
cb91c075-d972-4b4c-b93c-613ce3778ea5
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://ad.360yield.com/match?external_user_id=5030808967751963453&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.236; 37.58.58.236; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.85:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://pixel.mathtag.com/sync/img?sync=auto&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=5&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkH...
  • https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=e1a05c95-b045-4700-8365-f8ff9a31b311
43 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=e1a05c95-b045-4700-8365-f8ff9a31b311
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.121.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x18
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=e1a05c95-b045-4700-8365-f8ff9a31b311
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sat, 23 Mar 2019 05:08:26 GMT
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d44a5725-33e7-4670-ab55-4889c7121f35
43 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d44a5725-33e7-4670-ab55-4889c7121f35
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.121.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-121-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:27 GMT
x-aspnet-version
4.0.30319
location
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d44a5725-33e7-4670-ab55-4889c7121f35
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
request.php
hal900025.redintelligence.net/ Frame D57B
Redirect Chain
  • https://hal900025.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900025.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4234049764013409353%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=8573941518655&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.45.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.45.243.136.clients.your-server.de
Software
Apache /
Resource Hash
a2ed8bddd789c1c3b72e597fcf5e263e704f78b36f52bfdb15eb5d99218896be

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:28 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
53267200015864000951457010811025
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1141
Expires
Sat, 23 Mar 2019 05:08:28 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:27 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4234049764013409353%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=8573941518655&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 23 Mar 2019 05:08:27 +0100
onepixel.gif
ad.zanox.com/ppv/images/ Frame 0936
Redirect Chain
  • https://ad.zanox.com/tpv/?32561673C2004579202T&zpar0=53267200015864000951457010811025
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200&dt_subid2=&actionid=282955&prod...
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200&dyn_id=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.zanox.com/ppv/images/onepixel.gif?foo=32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200&dyn_id=
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4234049764013409353%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=8573941518655&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host
ad.zanox.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
zttpvc=5C162486S2544402843138739200T0II5C34683S2544402843138739200T0II32561673C0SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200; zptpvc=5C162486S2544402843138739200T0II5C34683S2544402843138739200T0II32561673C0SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Content-Type
image/gif
Last-Modified
Thu, 04 May 2000 17:04:38 GMT
Accept-Ranges
bytes
ETag
"09764d4eab5bf1:0"
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Date
Sat, 23 Mar 2019 05:08:31 GMT
Content-Length
43
Via
10.30.0.116%1
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Sat, 23 Mar 2019 06:08:28 GMT
Location
https://ad.zanox.com/ppv/images/onepixel.gif?foo=32561673C2004579202SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200&dyn_id=
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=11f3otjhm4qtj4i4sik2sr4t; path=/; HttpOnly DTU=2DC6AA156FBF3921E39783538E135A9A; expires=Tue, 23-Mar-2021 05:08:28 GMT; path=/
P3P
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Sat, 23 Mar 2019 05:08:27 GMT
Content-Length
0
view.asp
banners.webmasterplan.com/ Frame D57B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=53267200015864000951457010811025&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=66d434eea8&subid=&uid=6bca1b923dd77682&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4234049764013409353%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffabc3c35-12fc-4480-a73c-c49a66491cb7%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=8573941518655&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5b7da6634a94fb46db26c168e89be19f4071c724b72b3050f0b4864abca74f13

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:30 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP="STP CUR OUR"
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
application/x-javascript; charset=utf-8
Content-Length
721
Expires
0
1x1_-_kopie.gif
creative-a.akamaihd.net/newui_adpepper/2019-01-04/ Frame D57B
Redirect Chain
  • https://ads.creative-serving.com/tr/adpepperc.2/3031103;sz=1x1;cmp=2304671;cr=986894
  • https://ads.creative-serving.com/tr/adpepperc.2/3031103;sz=1x1;cmp=2304671;cr=986894;fl_inst=0;ul_cb=1
  • https://creative-a.akamaihd.net/newui_adpepper/2019-01-04/1x1_-_kopie.gif
43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-a.akamaihd.net/newui_adpepper/2019-01-04/1x1_-_kopie.gif
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.48 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-48.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:29 GMT
Last-Modified
Fri, 04 Jan 2019 14:21:37 GMT
Server
Apache
ETag
"325472601571f31e1bf00674c368d335:1546611697"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Location
https://creative-a.akamaihd.net/newui_adpepper/2019-01-04/1x1_-_kopie.gif
Date
Sat, 23 Mar 2019 05:08:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync.html
eus.rubiconproject.com/ Frame 36F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=CsuDQynrr4UGH+X7ZlUOyK1kYqPdwgBpq9CFJE+mwSZDMNqaUnP9SJwOcY4+nMYzsrBOoh5zznynaY0sdoI/U5AZoa46KBSCasSm8Yq0ANwBD4By41q+DGoIlkdiqhWtTf7kV8VwDqdM5Unk4W3sn6mVUvzG; vis15=208448^1; ses15=208448^1; khaos=JTL198M8-S-HVWQ; ses2=208448^1; vis2=208448^1; audit=2Vi9kzRSXWJLONS8pSF+LZIG4EoDBvZKTrCdrZ7XNCmyMUWpB7JQIw5PXp7MiVykKpK2DXPC0jI9LQb+iSXr6j4wKm5rsXv3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding
gzip
Content-Length
7419
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=12959
Expires
Sat, 23 Mar 2019 08:44:28 GMT
Date
Sat, 23 Mar 2019 05:08:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 5A7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:13e8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
date
Sat, 23 Mar 2019 05:08:30 GMT
content-type
text/html
set-cookie
__cfduid=d1b2f201a2d1b3583f9a8bafc625d1ab31553317709; expires=Sun, 22-Mar-20 05:08:29 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4bbde346997697aa-FRA
content-encoding
br
pd
eu-u.openx.net/w/1.0/ Frame E8B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=afafcdbf-19cb-4df7-b383-5a67acd26166&gdpr=1
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.128.2 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=afafcdbf-19cb-4df7-b383-5a67acd26166&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
cookie
i=4b7ea539-8700-013d-27ef-72b55f875772|1553317705; pd=v2|1553317707|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
vary
Accept
set-cookie
i=4b7ea539-8700-013d-27ef-72b55f875772|1553317705; Version=1; Expires=Sun, 22-Mar-2020 05:08:29 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553317707.2|kimWfcgqiysLmOgun0gi.nwrsomgensoa; Version=1; Expires=Sun, 07-Apr-2019 05:08:29 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.128.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 23 Mar 2019 05:08:29 GMT
content-type
text/html
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D2AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: assets.counciladvertising.net
URL: https://assets.counciladvertising.net/v3/prebid/1551190897.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgI8dNWEAoYASABKAEwzP7W5AU4AUABSAEQzP7W5AUYAA..; uuid2=5030808967751963453
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sat, 23 Mar 2019 05:08:29 GMT
Age
19769195
Connection
keep-alive
X-Served-By
cache-jfk8146-JFK, cache-cdg20754-CDG
X-Cache
HIT, HIT
X-Cache-Hits
4857776, 1016086
X-Timer
S1553317710.834058,VS0,VE0
Vary
Accept-Encoding
request.php
hal900010.redintelligence.net/ Frame 42E1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=64f37d173a&subid=&uid=510e44d66d5511c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6088940448600589385%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=3911683845007&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/dap2i2xhbauc?subid=&rnd=6088940448600589385&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6088940448600589385%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.51.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.211.51.243.136.clients.your-server.de
Software
Apache /
Resource Hash
e884c907c3503f6d73dcab5774183c17d757a675da3ea13b74d1a50da3935367

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:30 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
10716700012730300951453010811010
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1197
Expires
Sat, 23 Mar 2019 05:08:30 +0100
/
adv.office-partner.de/ Frame 547C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=64f37d173a&subid=&uid=510e44d66d5511c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6088940448600589385%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3De1a05c95-b045-4700-8365-f8ff9a31b311%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F96273565-4ebf-4ced-8950-1abb0fc8cac5%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thecanary.co%2F&ancestorOrigins=https%3A%2F%2Fwww.thecanary.co&random=3911683845007&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash

Request headers

:method
GET
:authority
adv.office-partner.de
:scheme
https
:path
/?utm_source=webgains&utm_campaign=webgains
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
server
keycdn-engine
date
Sat, 23 Mar 2019 05:08:30 GMT
content-type
text/html
content-length
836
vary
Accept-Encoding
last-modified
Fri, 20 Apr 2018 14:18:56 GMT
etag
"62f-56a485e4f5400-gzip"
content-encoding
gzip
expires
Sat, 30 Mar 2019 05:08:30 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
link.html
track.webgains.com/ Frame 42E1 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=10716700012730300951453010811010
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
18d2703b901f787ee32f592dd9fdaa0e210b54fb0dc83dcd3ee65f4608d0b960

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:30 GMT
Last-Modified
Sat, 23 Mar 2019 05:08:30 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvdi.aspx
banners.webmasterplan.com/ Frame 61A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=53267200015864000951457010811025&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by
Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=53267200015864000951457010811025&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host
banners.webmasterplan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
affili_0=uid=c4qx43e0satnmytiewznjgft&date=2019-03-23T06:08:30; affili_4655pv=ref=203506&subid=53267200015864000951457010811025&date=2019-03-23&cltime=2019-03-23T06:08:30&linkType=1&linkNb=1249
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
0
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
P3P
CP="STP CUR OUR"
X-Powered-By
ASP.NET
Date
Sat, 23 Mar 2019 05:08:30 GMT
Content-Length
444
Cookie set cookie
banner.congstar.de/ Frame 0303 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://banner.congstar.de/cookie?afid=203506-53267200015864000951457010811025&affmt=1&affmn=1249
Requested by
Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=53267200015864000951457010811025&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.214.124.106 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
h2491987.stratoserver.net
Software
/
Resource Hash

Request headers

Host
banner.congstar.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Date
Sat, 23 Mar 2019 05:08:31 GMT
Set-Cookie
staticentry=%7B%22affmn%22%3A%221249%22%2C%22afid%22%3A%22203506-53267200015864000951457010811025%22%2C%22affmt%22%3A%221%22%7D; Domain=.congstar.de; Expires=Sat, 30-Mar-2019 05:08:31 GMT; Path=/
Content-Length
0
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
B8594688.214760858;dc_pre=CO-H9bK_l-ECFQShewodmZsNZA;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/ Frame D57B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CO-H9bK_l-ECFQShewodmZsNZA;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;...
42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CO-H9bK_l-ECFQShewodmZsNZA;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CO-H9bK_l-ECFQShewodmZsNZA;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CJqKi7S_l-ECFdFx4Aod3zIEdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943
5994599.fls.doubleclick.net/ Frame 6192
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJqKi7S_l-ECFdFx4Aod3zIEdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJqKi7S_l-ECFdFx4Aod3zIEdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943?
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJqKi7S_l-ECFdFx4Aod3zIEdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7wMLlr82VfS8hROvk1yCz2A0LoRyDSROVd6_DDC6flCPLq_FvxVdjRzFa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sat, 23 Mar 2019 05:08:33 GMT
expires
Sat, 23 Mar 2019 05:08:33 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sat, 23 Mar 2019 05:08:33 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJqKi7S_l-ECFdFx4Aod3zIEdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8379522478818.943?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
request_content.php
hal900025.redintelligence.net/ Frame C0D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request_content.php?s=53267200015864000951457010811025&a=97cd374c
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.45.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.45.243.136.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
hal900025.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=d0ff4e37f93d75f4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Mar 2019 05:08:33 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1374
Connection
close
Content-Type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame B46F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=CsuDQynrr4UGH+X7ZlUOyK1kYqPdwgBpq9CFJE+mwSZDMNqaUnP9SJwOcY4+nMYzsrBOoh5zznynaY0sdoI/U5AZoa46KBSCasSm8Yq0ANwBD4By41q+DGoIlkdiqhWtTf7kV8VwDqdM5Unk4W3sn6mVUvzG; vis15=208448^1; ses15=208448^1; khaos=JTL198M8-S-HVWQ; ses2=208448^1; vis2=208448^1; audit=2Vi9kzRSXWJLONS8pSF+LZIG4EoDBvZKTrCdrZ7XNCmyMUWpB7JQIw5PXp7MiVykKpK2DXPC0jI9LQb+iSXr6j4wKm5rsXv3; pux=1185%3D80837%261512%3D80837%262249%3D80837%262307%3D80837%262974%3D80837%263778%3D80837%26goog%3D80837%26brx%3D80837%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding
gzip
Content-Length
7419
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=12958
Expires
Sat, 23 Mar 2019 08:44:28 GMT
Date
Sat, 23 Mar 2019 05:08:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
img
pixel.mathtag.com/misc/ Frame D57B 		43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x5 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:30 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Mar 2019 05:08:29 GMT
truncated
/ Frame D57B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f4978e4ef3faa5f74247610078f2b6468a859e740ca42cd3e01996eda3f13e7

Request headers

Response headers

Content-Type
image/png
clk.min.js
analytics.webgains.io/ Frame 42E1 		160 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/clk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=10716700012730300951453010811010
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:a800:9:352d:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13a095de7ca6d29ed28664c4082919a9fdc05ec717a65648e019c5ccfebb7410

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
UBNTWP3kCXmaHWU14NjEHY_37CNKU9vX
content-encoding
gzip
last-modified
Thu, 07 Mar 2019 11:57:04 GMT
server
AmazonS3
age
61868
date
Fri, 22 Mar 2019 11:58:39 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
pDx1NoCSs02Lkx6pea-ezvWBFamzt6j2yGOJoS3854Jmu9CpJNgqTw==
via
1.1 d76fac2b5a2f460a1cbffb76189f59ef.cloudfront.net (CloudFront)
hit
diapi.webgains.com/2.0/ Frame 42E1 		77 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=sGa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKseKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kks3hjC9TkBygjhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflJflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWk8QTPJxVOxOUPm8LKfAaZ4ySy.aPjftckirQjD2Umd_rtCjiSI5yjaY2ftckuyPBDjaY1HGOg3ZLQ0I5HZggdNI5urN.S9RdPQSzOy_Aw7UTlf_01kKHoNv_KSWW8mZb97ShraUkxMuNUXGfe2Rc7L1eWNNW5BNlYiMfTjV.2K2&wgcookie=%7B%22wgifp12595%22%3A%5B%2299582%22%2C%2212595%22%2C%22723175%22%2C%22%22%2C%221553317710%22%2C%22https%253A%252F%252Fwww.thecanary.co%252F%22%2C%22%22%2C%22%22%2C%221708837710%22%2C%2210716700012730300951453010811010%22%5D%7D&wgchecksum=9d7caa13233fe29f02e1153aac36a577&userIP=37.58.58.236&doAffectv=1&wgtime=1553317710
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=10716700012730300951453010811010
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.12.250 , United Kingdom, ASN (),
Reverse DNS
46-236-12-250.servers.dedipower.net
Software
Apache /
Resource Hash
4df9c2f4d3287bc092c5dffbaf9a6842e9ff26def68b65fc99e737fc2de11929

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
Apache
Connection
close
Content-Length
77
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 42E1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=79972300017759900714456010811009&wglinkid=723175
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:34 GMT
Last-Modified
Sat, 23 Mar 2019 05:08:34 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2727
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 42E1 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&nw=1&clickref=10716700012730300951453010811010&viewref=10716700012730300951453010811010
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9633d6691e6f4a622f60b83d86bb19f303e582bc6e794b26f1cc24d6cb79aeb0

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:33 GMT
Last-Modified
Sat, 23 Mar 2019 05:08:33 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
cache-not-used
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html; charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
iframe
pixel.mathtag.com/sync/ Frame 794C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=e1a05c95-b045-4700-8365-f8ff9a31b311&no_iframe=1&mt_lim=5
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x5 /
Resource Hash

Request headers

Host
pixel.mathtag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
uuid=e1a05c95-b045-4700-8365-f8ff9a31b311; uuidc=pFXbMXEPDv9b5TPpdZf6XyHLMerC8A1ekC2pXXw62bOoIbFoDzCzfUr1jq8TEKgTeEeSFa5QtkAQBnXZhBLf9AyWFMVQPhZB4J5w44DTD3Y=; mt_mop=9:1553317706|4:1553317707|16:1553317707|10010:1553317706; mt_misc=mt_bt:1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Content-Type
text/html
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x5
Expires
Sat, 23 Mar 2019 05:08:29 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1147
Date
Sat, 23 Mar 2019 05:08:30 GMT
Connection
keep-alive
tag
w-it.m-t.io/ Frame 42E1 		0
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1553317710674
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2013 , Ireland, ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-cloud-trace-context
8ad81b1f6379aa883216008960775078
server
Google Frontend
date
Sat, 23 Mar 2019 05:08:30 GMT
content-length
0
content-type
application/javascript;charset=utf-8
track
w-it.m-t.io/ Frame 42E1 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=99582&clickId=12595_99582_15533177103476_f782626d95&programId=12595&expiry=1708837710&type=postview&indicator=0a1d60cf28d200c46b95ff84d01e1fdc&
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2013 , Ireland, ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-cloud-trace-context
f16cfc0f89353d9e1cc6d75b2a12accc
server
Google Frontend
date
Sat, 23 Mar 2019 05:08:30 GMT
content-length
0
content-type
application/javascript;charset=utf-8
hb
ad.360yield.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/hb?debug=1&jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22a47mz1o9%22%2C%22callback%22%3A%22%22%2C%22reqtype%22%3A1%2C%22secure%22%3A1%2C%22version%22%3A%221.0.0-JS007%22%2C%22imp%22%3A%5B%7B%22id%22%3A500604%2C%22pid%22%3A13319643%2C%22banner%22%3A%7B%7D%2C%22kvw%22%3A%7B%22kv%22%3A%5B%22hb%22%5D%7D%7D%5D%2C%22debug%22%3A1%2C%22gdpr%22%3A1%7D%7D
Requested by
Host: cdn-cf.justpremium.com
URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.113.123 Dublin, Ireland, ASN (),
Reverse DNS
ec2-54-76-113-123.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
28ad64d54f4fccd73498a6953ad99d94d4dd380ca73631aa6292cf207eba4f78

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/
Origin
https://www.thecanary.co

Response headers

Date
Sat, 23 Mar 2019 05:08:33 GMT
Content-Encoding
gzip
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.thecanary.co
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Content-Length
1663
arj
ox-d.justpremium.com/w/1.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ox-d.justpremium.com/w/1.0/arj?url=https%3A%2F%2Fwww.thecanary.co&auid=540658600&gdpr=1&gdpr_consent=1&callback=jpx_1553317712811_6554_callback
Requested by
Host: cdn-cf.justpremium.com
URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, 3DES_EDE_CBC
Server
173.241.240.151 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-151.xa.dc.openx.org
Software
OXGW/16.128.2 /
Resource Hash
8a3f6adbbd82f79e9993a735fa40c968a9aca535434703f82b8b9552be6e5465

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:32 GMT
Content-Encoding
gzip
Server
OXGW/16.128.2
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Content-Type
application/json
Expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://ad.turn.com/r/cs?pid=15&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=4&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher...
  • https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=3565448589264417009&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=3565448589264417009&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.254.226 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Location
https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=3565448589264417009&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:32 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=4&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=105&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAA...
  • https://ad.360yield.com/match?publisher_dsp_id=105&external_user_id=6671448777634019477&Expiration=1553922513&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=105&external_user_id=6671448777634019477&Expiration=1553922513&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.254.226 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Location
https://ad.360yield.com/match?publisher_dsp_id=105&external_user_id=6671448777634019477&Expiration=1553922513&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Date
Sat, 23 Mar 2019 05:08:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAA...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=improve&bsw_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=improve&bsw_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3ca26be2-1fb8-4f4f-8326-6f6dbd67abd9&ssp=improve
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.254.226 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//ad.360yield.com/match?publisher_dsp_id=191&external_user_id=f50d6552-3c34-4a80-bae9-bb65c50ad530
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
us.php
gu.dyntrk.com/adx/id/ Frame 6097 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/id/us.php?dynk=i2mpr0vd1g7&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=283&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA&publisher_redirecturl=https://ad.360yield.com/match
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.77.128.18 , United Kingdom, ASN (),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate, no-transform
X-RC
28
Server
proxy
Content-Length
0
Content-Type
text/plain
match
ad.360yield.com/ Frame 6097
Redirect Chain
  • https://sync.widespace.com/map/ext/api/trackingcallback/v1?accessToken=impdig-user-sync&publisher_user_id=f9b46126-faf8-435f-9056-1d36998d58ea&publisher_dsp_id=305&publisher_call_type=redirect&gdpr...
  • https://ad.360yield.com/match?publisher_dsp_id=305&external_user_id=a63ddbcb-5bff-46bd-902f-1f0671717e39&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=305&external_user_id=a63ddbcb-5bff-46bd-902f-1f0671717e39&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.254.226 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Location
https://ad.360yield.com/match?publisher_dsp_id=305&external_user_id=a63ddbcb-5bff-46bd-902f-1f0671717e39&gdpr=1&gdpr_consent=BOWJjG9Ob5qcJCLAAAENCF-AAAAkHAAA
Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:33 GMT
Cache-Control
must-revalidate, no-store, no-cache
Server
nginx/1.12.2
Content-Length
0
Expires
-1
tag
w-it.m-t.io/ Frame 42E1 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1553317713801
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2013 , Ireland, ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-cloud-trace-context
c722e629a64d3afcdd730f2eb86db9ac
server
Google Frontend
date
Sat, 23 Mar 2019 05:08:33 GMT
content-length
0
content-type
application/javascript;charset=utf-8
hit
diapi.webgains.com/2.0/ Frame 42E1 		76 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=kGa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKseKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kks3hjC9TkBygjhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflJflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWk8QTPJxVOxOUPm8LKfAaZ4ySy.aPjftckirQjD2Umd_rtCjiSI5yjaY2ftckuyPBDjaY1HGOg3ZLQ0I5HZggdJxNFrN.S9RdPQSzOy_Aw7UTlf_01kKHoNveikkZtHI_3DqvnEsTfx9UXGfe2Rc7L1eWNNW5BNlYiMfTjV.CgI&wgcookie=%7B%22wgifp7121%22%3A%5B%2299582%22%2C%227121%22%2C%222513135%22%2C%22%22%2C%221553317713%22%2C%22https%253A%252F%252Fwww.thecanary.co%252F%22%2C%22%22%2C%22%22%2C%221561093713%22%2C%2210716700012730300951453010811010%22%5D%7D&wgchecksum=848594837b86e672384b7d4114348d6d&userIP=37.58.58.236&doAffectv=1&wgtime=1553317713
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&nw=1&clickref=10716700012730300951453010811010&viewref=10716700012730300951453010811010
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.12.250 , United Kingdom, ASN (),
Reverse DNS
46-236-12-250.servers.dedipower.net
Software
Apache /
Resource Hash
f128afe52bebb537395a1f6a724c9d93cba380ef73d4d694bc1fa73dd1ad307d

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 23 Mar 2019 05:08:33 GMT
Server
Apache
Connection
close
Content-Length
76
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 42E1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=10716700012730300951453010811010&wglinkid=2513135
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:35 GMT
Last-Modified
Sat, 23 Mar 2019 05:08:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 42E1 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2626505&wgcampaignid=99582&js=1&nw=1&viewref=10716700012730300951453010811010
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
095930084055c566eb2dcd47a5e92693234810033435e123896f5076901ff802

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:34 GMT
Last-Modified
Sat, 23 Mar 2019 05:08:34 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
w-it.m-t.io/ Frame 42E1 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1553317715025
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2013 , Ireland, ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-cloud-trace-context
efd7f38370615f16751d244a937468d8
server
Google Frontend
date
Sat, 23 Mar 2019 05:08:35 GMT
content-length
0
content-type
application/javascript;charset=utf-8
hit
diapi.webgains.com/2.0/ Frame 42E1 		76 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=kGa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKseKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kks3hjC9TkBygjhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflJflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWk8QTPJxVOxOUPm8LKfAaZ4ySy.aPjftckirQjD2Umd_rtCjiSI5yjaY2ftckuyPBDjaY1HGOg3ZLQ0I5HZggdIFe_ik.uJtHoqvynx9MsFyxYM914Ve_clrKSWW8mZb97ShraUkxMuIU3YMJ5tFFg4K1kl1BNlY6RjLxU..0Rs&wgcookie=%7B%22wgifp270465%22%3A%5B%2299582%22%2C%22270465%22%2C%222626505%22%2C%22%22%2C%221553317714%22%2C%22https%253A%252F%252Fwww.thecanary.co%252F%22%2C%22%22%2C%22%22%2C%221561093714%22%2C%2210716700012730300951453010811010%22%5D%7D&wgchecksum=e7f57f922e841b841fb36eb30afb9d5d&userIP=37.58.58.236&doAffectv=1&wgtime=1553317714
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2626505&wgcampaignid=99582&js=1&nw=1&viewref=10716700012730300951453010811010
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.12.250 , United Kingdom, ASN (),
Reverse DNS
46-236-12-250.servers.dedipower.net
Software
Apache /
Resource Hash
f128afe52bebb537395a1f6a724c9d93cba380ef73d4d694bc1fa73dd1ad307d

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 23 Mar 2019 05:08:35 GMT
Server
Apache
Connection
close
Content-Length
76
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 42E1 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=61785500016440700710744010811031&wglinkid=2626505
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2019 05:08:36 GMT
Last-Modified
Sat, 23 Mar 2019 05:08:36 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CIrbg7W_l-ECFYaxewodcfEBkQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848
5994599.fls.doubleclick.net/ Frame 03C4
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIrbg7W_l-ECFYaxewodcfEBkQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIrbg7W_l-ECFYaxewodcfEBkQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848?
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIrbg7W_l-ECFYaxewodcfEBkQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.thecanary.co/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7wMLlr82VfS8hROvk1yCz2A0LoRyDSROVd6_DDC6flCPLq_FvxVdjRzFa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sat, 23 Mar 2019 05:08:35 GMT
expires
Sat, 23 Mar 2019 05:08:35 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sat, 23 Mar 2019 05:08:35 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIrbg7W_l-ECFYaxewodcfEBkQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8871254189643.848?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
request_content.php
hal900010.redintelligence.net/ Frame C93F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=10716700012730300951453010811010&a=094b2b2c
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.51.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.211.51.243.136.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
hal900010.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=d0ff4e37f93d75f4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Date
Sat, 23 Mar 2019 05:08:35 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Mar 2019 05:08:35 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1376
Connection
close
Content-Type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame 0D0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.thecanary.co
URL: https://www.thecanary.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=CsuDQynrr4UGH+X7ZlUOyK1kYqPdwgBpq9CFJE+mwSZDMNqaUnP9SJwOcY4+nMYzsrBOoh5zznynaY0sdoI/U5AZoa46KBSCasSm8Yq0ANwBD4By41q+DGoIlkdiqhWtTf7kV8VwDqdM5Unk4W3sn6mVUvzG; vis15=208448^1; ses15=208448^1; khaos=JTL198M8-S-HVWQ; ses2=208448^1; vis2=208448^1; audit=2Vi9kzRSXWJLONS8pSF+LZIG4EoDBvZKTrCdrZ7XNCmyMUWpB7JQIw5PXp7MiVykKpK2DXPC0jI9LQb+iSXr6j4wKm5rsXv3; pux=1185%3D80837%261512%3D80837%262249%3D80837%262307%3D80837%262974%3D80837%263778%3D80837%26goog%3D80837%26brx%3D80837%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding
gzip
Content-Length
7419
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=12953
Expires
Sat, 23 Mar 2019 08:44:28 GMT
Date
Sat, 23 Mar 2019 05:08:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
img
pixel.mathtag.com/misc/ Frame 42E1 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x22 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:35 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x22
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Mar 2019 05:08:34 GMT
truncated
/ Frame 42E1 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc93cfebdf1121d39da529e0750622548980c006126c505ab22044acad858ec1

Request headers

Response headers

Content-Type
image/png
iframe
pixel.mathtag.com/sync/ Frame 54AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=e1a05c95-b045-4700-8365-f8ff9a31b311&no_iframe=1&mt_lim=5
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x22 /
Resource Hash

Request headers

Host
pixel.mathtag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.thecanary.co/
Accept-Encoding
gzip, deflate, br
Cookie
uuid=e1a05c95-b045-4700-8365-f8ff9a31b311; uuidc=pFXbMXEPDv9b5TPpdZf6XyHLMerC8A1ekC2pXXw62bOoIbFoDzCzfUr1jq8TEKgTeEeSFa5QtkAQBnXZhBLf9AyWFMVQPhZB4J5w44DTD3Y=; mt_misc=mt_bt:1; mt_mop=4:1553317707|5:1553317710|9:1553317706|15:1553317710|16:1553317707|3:1553317710|10010:1553317706|13:1553317710|21:1553317710
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.thecanary.co/

Response headers

Content-Type
text/html
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x22
Expires
Sat, 23 Mar 2019 05:08:34 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1130
Date
Sat, 23 Mar 2019 05:08:35 GMT
Connection
keep-alive
Untitled-5-01-4.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/Untitled-5-01-4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b94dab0c79838f9434ae3f4130077f6384dbfca33138eb6f06d212141c73911

Request headers

:path
/wp-content/uploads/2019/03/Untitled-5-01-4.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1; _ccmsi=1553317706165_0rw6l7b04|1553317706167; _ccmaid=5978151465932972828; _drip_client_2269267=vid%253D9d1d5e202f570137e81c0ef1b2474a86%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1553317706460%2526weeklySessionCount%253D1%2526lastSessionAt%253D1553317706460; __gads=ID=a3c13d022d43a1a1:T=1553317706:S=ALNI_Mb6KkbcDTZej5jtWgK0Wj45uwrNAg; __qca=P0-1243679268-1553317706037
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2019 12:52:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde36fbd7bbec1-FRA
content-length
43523
expires
Sat, 23 Mar 2019 09:08:36 GMT
new-qt.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/new-qt.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a19a60a9df8e730e2d53132f1de63f5010797554a7de7a85cdb994b661adaddc

Request headers

:path
/wp-content/uploads/2019/03/new-qt.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1; _ccmsi=1553317706165_0rw6l7b04|1553317706167; _ccmaid=5978151465932972828; _drip_client_2269267=vid%253D9d1d5e202f570137e81c0ef1b2474a86%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1553317706460%2526weeklySessionCount%253D1%2526lastSessionAt%253D1553317706460; __gads=ID=a3c13d022d43a1a1:T=1553317706:S=ALNI_Mb6KkbcDTZej5jtWgK0Wj45uwrNAg; __qca=P0-1243679268-1553317706037
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:36 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2019 13:13:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde36fbd7cbec1-FRA
content-length
142411
expires
Sat, 23 Mar 2019 09:08:36 GMT
0000830-Plan-to-break-Brexit-deadlock-with-repurposed-vans-01.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/0000830-Plan-to-break-Brexit-deadlock-with-repurposed-vans-01.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
241a29554c6a63527ccfcf1b65f40431b5b8f61b5795086842c767503b36aab0

Request headers

:path
/wp-content/uploads/2019/03/0000830-Plan-to-break-Brexit-deadlock-with-repurposed-vans-01.jpg
pragma
no-cache
cookie
__cfduid=da8167a8267ca2e1108e31caacd3ca6fd1553317704; _ga=GA1.2.1402858781.1553317705; _gid=GA1.2.122916402.1553317705; _gat=1; _fbp=fb.1.1553317705381.177370755; _gat_gtag_UA_129593788_1=1; _ccmsi=1553317706165_0rw6l7b04|1553317706167; _ccmaid=5978151465932972828; _drip_client_2269267=vid%253D9d1d5e202f570137e81c0ef1b2474a86%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1553317706460%2526weeklySessionCount%253D1%2526lastSessionAt%253D1553317706460; __gads=ID=a3c13d022d43a1a1:T=1553317706:S=ALNI_Mb6KkbcDTZej5jtWgK0Wj45uwrNAg; __qca=P0-1243679268-1553317706037
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2019 11:23:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4bbde36fbd7ebec1-FRA
content-length
53267
expires
Sat, 23 Mar 2019 09:08:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 42E1 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRD5W8nhrGHeKBv3Wf1zBWXoX5uPW84W9u9RaSn4yx2hFWBIHROTVgo88ZhgxgLS8VjfcxV3rrBmPosGkgSzuebMwY2CCpNr2x_bU&sig=Cg0ArKJSzJnuUfDbSigDEAE&adk=2403599834&tt=678&bs=1585%2C1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&p=1066,268,1156,996&mcvt=1011&rs=3&ht=0&tfs=9198&tls=10209&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1553317706933&rpt=9183&isd=0&msd=0&lm=2&mce=1&oseid=3&xdi=0&ps=1585%2C3309&ss=1600%2C1200&pt=9532&deb=1-2-2-21-103-16-103-101&tvt=10198&r=v&id=osdim&vs=4&uc=22&upc=11&tgt=DIV&cl=1&cec=11&clc=1&cac=0&cd=728x90&v=20190322
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2019 05:08:37 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/misc/ Frame D57B 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x21 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:40 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x21
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Mar 2019 05:08:39 GMT
imsync.ashx
ml314.com/ 		17 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/imsync.ashx?pi=5978151465932972828&data=eyJwaCI6MzI4OCwid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNTUzMzE3NzA2MTY1XzBydzZsN2IwNCIsInNkIjoxMjAwfQ%3D%3D
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:40 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
135
beckett-v-leslie-min.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/beckett-v-leslie-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79c58090cb73fb148ad62db4acaf9089ebda893ac445f27c5a9120cc50abead

Request headers

:path
/wp-content/uploads/2019/03/beckett-v-leslie-min.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:41 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2019 14:55:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=d02d14002155ebd9fa85110b4f7bc13631553317721; expires=Sun, 22-Mar-20 05:08:41 GMT; path=/; domain=.thecanary.co; HttpOnly
accept-ranges
bytes
cf-ray
4bbde38e3ac9bec1-FRA
content-length
45558
expires
Sat, 23 Mar 2019 09:08:41 GMT
20190320_110258_opt.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/20190320_110258_opt.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52813d53474e666323e19a60da073d789042d0a80c8fdc051c1e5d0bc62d530c

Request headers

:path
/wp-content/uploads/2019/03/20190320_110258_opt.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:41 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2019 15:15:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=d02d14002155ebd9fa85110b4f7bc13631553317721; expires=Sun, 22-Mar-20 05:08:41 GMT; path=/; domain=.thecanary.co; HttpOnly
accept-ranges
bytes
cf-ray
4bbde38e3acabec1-FRA
content-length
121548
expires
Sat, 23 Mar 2019 09:08:41 GMT
paul-mason-min.jpg
www.thecanary.co/wp-content/uploads/2019/03/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecanary.co/wp-content/uploads/2019/03/paul-mason-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:835a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d7b8133e3ad5264580ca34f69e2a92cd0fb059e0ce488d3bdf28d89faaed94

Request headers

:path
/wp-content/uploads/2019/03/paul-mason-min.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.thecanary.co
referer
https://www.thecanary.co/
:scheme
https
:method
GET
Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 05:08:41 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Mar 2019 17:13:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=d02d14002155ebd9fa85110b4f7bc13631553317721; expires=Sun, 22-Mar-20 05:08:41 GMT; path=/; domain=.thecanary.co; HttpOnly
accept-ranges
bytes
cf-ray
4bbde38e3acbbec1-FRA
content-length
34324
expires
Sat, 23 Mar 2019 09:08:41 GMT
img
pixel.mathtag.com/misc/ Frame 42E1 		43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x22 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.thecanary.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Mar 2019 05:08:45 GMT
Server
MT3 1.31.3.9 fe26b9c DPLAT-404 cdg-pixel-x22
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Mar 2019 05:08:44 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings object| twemoji object| wp function| mpValidateEmail function| mpValidateNotBlank function| mpToggleFieldValidation undefined| $ function| jQuery object| MeprI18n function| mepr_populate_states function| mepr_set_locate_inputs object| mepr_ssl_geoip_services function| mepr_locate object| MeprDatePicker object| MeprSignup object| Cli_Data object| log_object object| CLI_Cookie object| CLI string| CLI_ACCEPT_COOKIE_NAME number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP function| fbq function| _fbq number| cli_flush_cache string| GoogleAnalyticsObject function| ga object| ggevents undefined| bean object| GUMGUM string| ggv2id number| rhombusSiteId object| _0x7b9f function| _0x1057 function| RhScanner boolean| AylTagLoading number| __ts object| sublime object| ayads undefined| xmlHttp object| APESTER boolean| _jpx_loaded object| jp_conf_debug object| google_tag_data object| gaplugins object| gaGlobal object| teadsscript object| gaData string| cli_cookiebar_settings object| _dcq object| _dcs object| superpwa_sw object| ZenoCommentsAjax object| __core-js_shared__ object| _canStore object| pbjs object| googletag object| _qevents function| webpackJsonpJpx__name_ object| Jpx object| canary_js function| webpackJsonp object| AylTag object| Foundation object| jQuery112405883518285026161 object| lazySizesConfig object| lazySizes function| WOW function| fitvids object| teads object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| pbjsChunk function| JSEncrypt function| gtag object| dataLayer object| criteo_pubtag object| Criteo function| quantserve function| __qc object| ezt object| _qoptions object| apntag object| jPAM object| google_tag_manager object| GPT_jstiming undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| _ml object| _dcfg object| _dc undefined| Drip_481121695 function| sublimeCb1553317705113 number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| jpx_template_id object| azvwp5ho5 object| Jpa

47 Cookies

Domain/Path Name / Value
.office-partner.de/ Name: _gid
Value: GA1.2.1670080944.1553317710
.mathtag.com/ Name: mt_mop
Value: 4:1553317707|5:1553317710|9:1553317706|15:1553317710|16:1553317707|3:1553317710|10010:1553317706|13:1553317710|21:1553317710
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.mathtag.com/ Name: uuidc
Value: pFXbMXEPDv9b5TPpdZf6XyHLMerC8A1ekC2pXXw62bOoIbFoDzCzfUr1jq8TEKgTeEeSFa5QtkAQBnXZhBLf9AyWFMVQPhZB4J5w44DTD3Y=
.congstar.de/ Name: staticentry
Value: %7B%22affmn%22%3A%221249%22%2C%22afid%22%3A%22203506-53267200015864000951457010811025%22%2C%22affmt%22%3A%221%22%7D
.webmasterplan.com/ Name: affili_4655pv
Value: ref=203506&subid=53267200015864000951457010811025&date=2019-03-23&cltime=2019-03-23T06:08:30&linkType=1&linkNb=1249&dt=FC21EF85216CE83B2C0C2B9055D663ED0A7F5CAF
.webmasterplan.com/ Name: affili_0
Value: uid=c4qx43e0satnmytiewznjgft&date=2019-03-23T06:08:30
.adnxs.com/ Name: anj
Value: dTM7k!M40mhgVC6ghqdmU(3$0mrJnF#[2R$_pfg*Y80?b3FZ/USPZVcZQ$cPf2vtq*f2w5`gPnmWAD-P)m1)*_ME2>NRl@*@S]Vk.F5N8Im%Y)n[-2'wsp.5]Ch4iE4jFd#>Cif:Lq0:#T<OfO3g$5N3FPJ!1ug4=+svq
.doubleclick.net/ Name: IDE
Value: AHWqTUn7wMLlr82VfS8hROvk1yCz2A0LoRyDSROVd6_DDC6flCPLq_FvxVdjRzFa
.adnxs.com/ Name: uuid2
Value: 5030808967751963453
.adnxs.com/ Name: icu
Value: ChgI8dNWEAoYASABKAEwzP7W5AU4AUABSAEQzP7W5AUYAA..
.openx.net/ Name: pd
Value: v2|1553317707.2|kimWfcgqiysLmOgun0gi.nwrsomgensoa
.districtm.io/ Name: __cfduid
Value: d1b2f201a2d1b3583f9a8bafc625d1ab31553317709
eus.rubiconproject.com/ Name: pux
Value: 1185%3D80837%261512%3D80837%262249%3D80837%262307%3D80837%262974%3D80837%263778%3D80837%26goog%3D80837%26brx%3D80837%26
.rubiconproject.com/ Name: vis2
Value: 208448^1
.rubiconproject.com/ Name: ses2
Value: 208448^1
.rubiconproject.com/ Name: vis15
Value: 208448^1
.rubiconproject.com/ Name: khaos
Value: JTL198M8-S-HVWQ
.rubiconproject.com/ Name: rsid
Value: CsuDQynrr4UGH+X7ZlUOyK1kYqPdwgBpq9CFJE+mwSZDMNqaUnP9SJwOcY4+nMYzsrBOoh5zznynaY0sdoI/U5AZoa46KBSCasSm8Yq0ANwBD4By41q+DGoIlkdiqhWtTf7kV8VwDqdM5Unk4W3sn6mVUvzG
.office-partner.de/ Name: _gat_gtag_UA_114120848_1
Value: 1
.mathtag.com/ Name: uuid
Value: e1a05c95-b045-4700-8365-f8ff9a31b311
.justpremium.com/ Name: jpxumaster
Value: 5845ac07-e043-a3c4-0cfd-e286b9e24531-1553317707189
.thecanary.co/ Name: _fbp
Value: fb.1.1553317705381.177370755
.rubiconproject.com/ Name: ses15
Value: 208448^1
.justpremium.com/ Name: jpxuuid
Value: a3cac8a9-f75e-02ba-6cdd-4279b45346d7-1553317705141
pre.ads.justpremium.com/ Name: AWSELB
Value: 1F0B3B830607DD16DCAE556FE58E9ECE5A08087B28C9EBFEAB5FE0ED103B6833BB69F0FF6903D0A45660F17A10EB7D437831E7533B103F07CADF9F20DA2209CDC876AD73AF
.justpremium.com/ Name: jpxsession
Value: 56354041-4e00-a9ce-f0bb-a2623cb7fdb3-1553317705141
.teads.tv/ Name: tt_viewer
Value: a6a5c146-2b90-4c69-b4f7-7e892759aa4d
.zanox.com/ Name: zptpvc
Value: 5C162486S2544402843138739200T0II5C34683S2544402843138739200T0II32561673C0SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200
.thecanary.co/ Name: __qca
Value: P0-1243679268-1553317706037
.thecanary.co/ Name: __cfduid
Value: da8167a8267ca2e1108e31caacd3ca6fd1553317704
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1553317710390,"clickCookie":false}}
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: d0ff4e37f93d75f4
.thecanary.co/ Name: __gads
Value: ID=a3c13d022d43a1a1:T=1553317706:S=ALNI_Mb6KkbcDTZej5jtWgK0Wj45uwrNAg
www.thecanary.co/ Name: _ccmaid
Value: 5978151465932972828
.office-partner.de/ Name: _ga
Value: GA1.2.491445115.1553317710
www.thecanary.co/ Name: _ccmsi
Value: 1553317706165_0rw6l7b04|1553317706167
.rubiconproject.com/ Name: audit
Value: 2Vi9kzRSXWJLONS8pSF+LZIG4EoDBvZKTrCdrZ7XNCmyMUWpB7JQIw5PXp7MiVykKpK2DXPC0jI9LQb+iSXr6j4wKm5rsXv3
.thecanary.co/ Name: _drip_client_2269267
Value: vid%253D9d1d5e202f570137e81c0ef1b2474a86%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1553317706460%2526weeklySessionCount%253D1%2526lastSessionAt%253D1553317706460
.thecanary.co/ Name: _gat_gtag_UA_129593788_1
Value: 1
.justpremium.com/ Name: 68302_279745
Value: 0_0_0
.openx.net/ Name: i
Value: 4b7ea539-8700-013d-27ef-72b55f875772|1553317705
.thecanary.co/ Name: _gat
Value: 1
.zanox.com/ Name: zttpvc
Value: 5C162486S2544402843138739200T0II5C34683S2544402843138739200T0II32561673C0SV1yq09069558030434245753826034491252yb5yb7T2544402843138739200
.thecanary.co/ Name: _ga
Value: GA1.2.1402858781.1553317705
.justpremium.com/ Name: OX_u
Value: 6d9b9abb-5699-48e2-b925-09805388c134_m_1554527307_1553317705
.thecanary.co/ Name: _gid
Value: GA1.2.122916402.1553317705

38 Console Messages

Source Level URL
Text
console-api log URL: https://www.thecanary.co/wp-content/cache/wpfc-minified/eru88qqk/4f4g5.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: loading pbjs
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: loading gpt
console-api debug URL: https://ads.counciladvertising.net/code/canary/mpu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-mpu-1]: ad visible: true
console-api debug URL: https://ads.counciladvertising.net/code/canary/leaderboard/public(Line 98)
Message:
[can] [div-gpt-ad-canary-leaderboard-1]: ad visible: true
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: add ad unit
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: bootstrap: no gdpr
console-api debug URL: https://ads.counciladvertising.net/code/canary/mpu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-mpu-1]: add ad unit
console-api debug URL: https://ads.counciladvertising.net/code/canary/mpu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-mpu-1]: bootstrap: no gdpr
console-api debug URL: https://ads.counciladvertising.net/code/canary/leaderboard/public(Line 98)
Message:
[can] [div-gpt-ad-canary-leaderboard-1]: add ad unit
console-api debug URL: https://ads.counciladvertising.net/code/canary/leaderboard/public(Line 98)
Message:
[can] [div-gpt-ad-canary-leaderboard-1]: bootstrap: no gdpr
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: firstLoad
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.21.1
console-api log URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js(Line 1)
Message:
%c(00:01:568.48)%cJAdManager: version v2.12.276 initialized
console-api log URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js(Line 1)
Message:
(https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js:1:165438)
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: gpt ready
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: dfp define
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: dfp display()
console-api debug URL: https://ads.counciladvertising.net/code/canary/mpu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-mpu-1]: dfp define
console-api debug URL: https://ads.counciladvertising.net/code/canary/mpu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-mpu-1]: dfp display()
console-api debug URL: https://ads.counciladvertising.net/code/canary/leaderboard/public(Line 98)
Message:
[can] [div-gpt-ad-canary-leaderboard-1]: dfp define
console-api debug URL: https://ads.counciladvertising.net/code/canary/leaderboard/public(Line 98)
Message:
[can] [div-gpt-ad-canary-leaderboard-1]: dfp display()
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js(Line 1)
Message:
Exception in queued GPT command
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: auction start: full
console-api log URL: https://sac.ayads.co/sublime/22001(Line 22)
Message:
%cwf%cs%c
console-api log URL: https://sac.ayads.co/sublime/22001(Line 22)
Message:
console.trace
console-api log URL: https://sac.ayads.co/sublime/22001(Line 22)
Message:
console.groupEnd
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: auction end
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: setTargetingForGPTAsync()
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: handleBids()
console-api debug URL: https://ads.counciladvertising.net/code/canary/doublempu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-doublempu-1]: dfp refresh()
console-api debug URL: https://ads.counciladvertising.net/code/canary/mpu/public(Line 98)
Message:
[can] [div-gpt-ad-canary-mpu-1]: dfp refresh()
console-api debug URL: https://ads.counciladvertising.net/code/canary/leaderboard/public(Line 98)
Message:
[can] [div-gpt-ad-canary-leaderboard-1]: dfp refresh()
console-api log URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js(Line 1)
Message:
%c(00:03:562.35)%cJQueue: No ad to run
console-api log URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js(Line 1)
Message:
(https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js:1:39876)
console-api log URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js(Line 1)
Message:
%c(00:08:847.22)%cJQueue: No ad to run
console-api log URL: https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js(Line 1)
Message:
(https://cdn-cf.justpremium.com/js/v2.12.276/jpx.js:1:39876)
console-api log URL: https://www.thecanary.co/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js(Line 1)
Message:
SuperPWA service worker ready

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.teads.tv
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad.zanox.com
ads.avocet.io
ads.counciladvertising.net
ads.creative-serving.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
antenna.ayads.co
apex.go.sonobi.com
api.getdrip.com
api.rhombusads.com
as-sec.casalemedia.com
assets.counciladvertising.net
banner.congstar.de
banners.webmasterplan.com
beacon-eu-ams3.rubiconproject.com
bidder.criteo.com
can-digital-d.openx.net
cdn-cf.justpremium.com
cdn.districtm.io
cdn.rhombusads.com
cm.g.doubleclick.net
connect.facebook.net
creative-a.akamaihd.net
d.turn.com
diapi.webgains.com
display.apester.com
dmx.districtm.io
dsp.adfarm1.adition.com
emea-v3.tracking.justpremium.com
eu-u.openx.net
eus.rubiconproject.com
events.apester.com
fastlane.rubiconproject.com
fo-api.omnitagjs.com
fo-ssp.omnitagjs.com
fo-static.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
gkng.ayads.co
gu.dyntrk.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.gumgum.com
match.adsrvr.org
ml314.com
optchk.ayads.co
ox-d.justpremium.com
p.cpx.to
pagead2.googlesyndication.com
pb.media01.eu
pixel.mathtag.com
pixel.quantserve.com
pre.ads.justpremium.com
ps.eyeota.net
rtb.mfadsrvr.com
rules.quantcount.com
s.cpx.to
sac.ayads.co
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.apester.com
static.criteo.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
sync.teads.tv
sync.widespace.com
t.teads.tv
tag.getdrip.com
tags.bluekai.com
tags.mathtag.com
thecanary.co
tpc.googlesyndication.com
track.adform.net
track.webgains.com
tracking.omnitagjs.com
u.openx.net
uk.ads.justpremium.com
w-it.m-t.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.thecanary.co
x.bidswitch.net
104.111.214.103
104.111.230.142
104.111.241.32
104.155.76.175
13.35.253.113
13.35.253.116
13.35.253.50
13.35.253.57
13.35.253.63
136.243.44.166
136.243.45.142
136.243.51.211
151.101.121.108
151.101.2.217
152.199.19.174
172.217.16.130
172.217.16.162
172.217.22.6
173.241.240.143
173.241.240.151
173.241.240.220
178.162.133.150
178.250.0.130
178.250.2.89
178.32.127.114
178.33.104.182
18.130.30.105
18.153.11.25
18.195.52.121
18.196.37.19
185.29.133.199
185.29.135.181
185.29.135.48
185.33.223.208
185.33.223.210
185.33.223.80
185.64.189.110
195.216.249.67
2.16.186.48
2.18.232.7
2.18.233.201
2.18.234.21
213.19.162.71
213.19.162.77
2600:9000:2043:3200:1b:9b08:7f00:93a1
2600:9000:2043:a800:9:352d:a240:93a1
2600:9000:2043:b800:e:c158:8400:93a1
2600:9000:2043:be00:6:44e3:f8c0:93a1
2606:4700:10::6814:a25
2606:4700:10::6814:b25
2606:4700:30::681b:835a
2606:4700:30::681c:13e8
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:814::2002
2a00:1450:4001:815::200a
2a00:1450:4001:819::2003
2a00:1450:4001:819::2013
2a00:1450:4001:81b::200a
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::200e
2a00:1450:400c:c08::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
3.18.15.238
34.192.130.172
34.249.56.252
34.251.129.195
35.158.215.78
35.190.63.234
35.190.72.53
35.203.66.107
37.157.4.25
46.18.188.30
46.228.164.11
46.228.164.13
46.236.12.250
46.236.13.147
51.77.128.18
52.18.226.220
52.210.60.105
52.211.27.134
52.212.164.235
52.31.110.40
52.48.121.18
52.49.254.226
54.194.88.117
54.229.254.12
54.246.129.36
54.37.115.103
54.76.113.123
85.10.231.199
85.114.159.93
85.214.124.106
91.228.74.188
91.228.74.213
015ecdec79939116c633481c3f591c1c945cd3d747740f5148e8346aeff929e7
02ae6fe1f615031919f4500aec54b079f76be8a27e4f719c047bcc0efe83395c
03b62a9131d730caf783ca627d47973d6e9ef6131a33b8ed47f61f445a0f4ae8
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06825cf2cb9ec6784f3790af0eb35ac5a76945dead1b408da9f80c8f9832d548
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
07da870e1c62f31014cf51ef324fa877948514142030fa2b32e125c11c2fe252
095930084055c566eb2dcd47a5e92693234810033435e123896f5076901ff802
0a9206827a793dff2e308219a14fba7fb5226f130ad61cf0525e7a6e94939fec
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1d96c4d55dac9a62469ebaf1f8be226607a76ea930d990578228b26c28ba7d
0e1ce7ce343107c60e5f5519f3e32cc6701518951e17619c5d0f320ebf9992a4
0fe94746b2830ec4085ebca187c68a84811f1302224f08680966f5ac54914741
1041dae3e51ef9d8fbf9eb274dcd1dcca7b3afae0c08f4b1d162d751f6adc00e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13a095de7ca6d29ed28664c4082919a9fdc05ec717a65648e019c5ccfebb7410
1504ee536c63f8811a317a9f48dc68c0acfda15d6d4e49d1aacb447c299b3bd9
166e3be50d8b26e7180ebb75974095081887c492ed42ccbd2ebe7c3c545aea0f
18d2703b901f787ee32f592dd9fdaa0e210b54fb0dc83dcd3ee65f4608d0b960
19dfa394e17544214c912ade5dc9f3ce7af1472607c57dbb081cbb1afee7e3e3
1c48a99b42458acbc6b2de0a1b4b747524e7bb5dc54a4e79055045b5508ae31d
1ccc94b0a4d1c0a8111ad88310e5c4d4176c48eb8ba37e3847fe62b8616f870b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1eb84a8ca585986405cfc881af41cf5658752b32189bafda9c2093f4a559daba
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a
219d1004a4c3f8190477628a8dad0cbe36fe48ef368647799852cf1a86ec36f1
21b74467b3bbcbe64fe3c111f9b1ef48b5fdf40b20ab82ec87804d84cfa92b32
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
239a6b4117c65d12031e7000564fb4513789562625596b6be74bda016474d1ed
241a29554c6a63527ccfcf1b65f40431b5b8f61b5795086842c767503b36aab0
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f206f2b99920299cec95522f63e9d5a0bc7a729eb814d11730b19d6fd5c848
28652aa49303dcd3487901a41c92afeab79c82f29cf7c04045a610cc59849659
28ad64d54f4fccd73498a6953ad99d94d4dd380ca73631aa6292cf207eba4f78
29fe06bb2e99792d95a10cc599d53241dffa8ebb049529463d1377b3853ca18c
2c0b28a2c45eeb44937e789c97bda7d1b1430ab16c2f2ebeca7342299a3e0479
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336d5f64673ed2f825a3161ed2ec4c6c2156bd58f9d1427e0749678c0a1b87c3
33723fdf1e2471e94de6864e250f7c9f33c56490cc852010d8b7a8806cd1f41a
3da096eadec42f2ee70ba0d51e8a54704543b5b67a957732d8c244cd90b731ab
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3ee1edbf554fb4c57cd32e114b8f8385982ab7acf64443796446271fe2630d82
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41f368010c7b010fa6ca384325e23c731b0a70503b3d1f03b35de85257cf1fe2
46a34aec4b67f9eab386422b561504102c79a1411ebe15c69a2ce25f2b8228e6
46aef23a440301a7d2e1e07a75b0fcf6f24fb4a8ddf3297bcbcedea1accfdce6
4902b57a6e401f284b033b2e6b4dd0bf0e9c7862d0260f12648778999a0468fa
49b9e18a4b833d5c0b464a8e868f333dbefba58b690fb00d90e7aad180e6e847
4a320c52c63a44c676ba2c6d00c5ab74fc031b16d768c1933cbfd27c20c2b4c4
4ab4194d799d00086501641f760a2f14bab16efac18f3a755ae17ebf269e55db
4df9c2f4d3287bc092c5dffbaf9a6842e9ff26def68b65fc99e737fc2de11929
507a61dc3a19f4f433d36188e25a0001a7618b987bc0501101c8539b8c69d7a5
52813d53474e666323e19a60da073d789042d0a80c8fdc051c1e5d0bc62d530c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a2e1db5589696af71d0748e966c84027afb5bf954334190baa594725d3a149
55f4e5fa4fc8d5275cab225c5efd3128687fda5680b664af378dce7321969d28
560bd31233423f2700dc9ffb6e3512aac8a8961ea8350823dd10fe9085a72c97
5a039cae5785b5d0bc43fa4b49df29c9ebe1db05ebd1a8ebbdcdfed121fee04d
5b7da6634a94fb46db26c168e89be19f4071c724b72b3050f0b4864abca74f13
5c4934a60ed35b2c0e6525bd9bb8a16b95f3ed3c6cf98c4767508a9bb2d93f2e
5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c
5d50550399003bd564fe95850381abce45c4ad32336a253d6329d51b01e53f4e
60fdb35f6ad4bb9182219967e37128a310ac24a1ce67bc8cadb11ad956de8aac
62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea
62d201d14e49ed43ffba15107a7042ed7c56998242b8bc049df844f1d2cfb198
647a0bd5a1565b8fc4d13a0e4521b08c3526fd5eba558ef23b0006849dac84fe
6616f60f16e8d74ea13c245e503baf0fb32ee505ae67b2932f755e464ffe9833
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b94dab0c79838f9434ae3f4130077f6384dbfca33138eb6f06d212141c73911
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
6fa9e3c9594362658c239c24ff580e5c737c930966d9efa5cd893c94da4fb41a
72441f0d1ab491d6e4258caa4c5fb2bd4898ca2e7a2cef2736eddddf63195990
7492af5130aa85f612d4a9a85c7d197518e13909179062ade82e07cd890262b2
773594e803657386146504107d17bebbe29b75004fb8da815a09897eb2167a1e
77f077d0ea865d33591c32c4e52891a2fd24b7137d512109b9ef1564d076903c
7a75f41c9f9289bc82c7765195a6351a0fcfccbec594498947ce13b1cfe212e9
7b572a875e53f3e6f31ef3c09cbc35682032a86ec142a49a7984df4bf62e7b91
7e70152caf0c63098993fdc6e65b93159777e460f450074062f94cf0adf0050c
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
8092918bc58569ace4260784f60d4cabfe8f9294aea538ee57ac73aeb0a5eca5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852a8a0281a1b6d7a24139fc66e7b45ed8cc4d6ae8333350282ad27a254dce41
8a3f6adbbd82f79e9993a735fa40c968a9aca535434703f82b8b9552be6e5465
8f4978e4ef3faa5f74247610078f2b6468a859e740ca42cd3e01996eda3f13e7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9314d61b64ca216de28583d43a5994f5cca12fea3538192375bfaddd526c0dfd
935d47a6a799f751d422685ab9a58af1c6bfa9dfbe5ceb2ceb780591b28c411c
95d00ff9d21728e2f1171b90e3ac2ab097ebf5cdca6b99ff99645c1c78e302f8
9633d6691e6f4a622f60b83d86bb19f303e582bc6e794b26f1cc24d6cb79aeb0
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
99d7b8133e3ad5264580ca34f69e2a92cd0fb059e0ce488d3bdf28d89faaed94
9b4671cb9d4879a8c2937da394ef46f21d48bc1aa3da1052bddf27ecc3cdcf39
9c8d3a5de768f2792f5c679aab8c64498a298c75b6aa37e09c60d6dd990ed855
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a19a60a9df8e730e2d53132f1de63f5010797554a7de7a85cdb994b661adaddc
a2ed8bddd789c1c3b72e597fcf5e263e704f78b36f52bfdb15eb5d99218896be
a3273dce4deb1a87d9c6b75ce1b9305872ee56ad6da2ab873858d9d20d1ff3a8
a35913ccdff6ca293da338e1018fb597b687f80b62d742d6d39411553fc8c019
a3ab67ac714b51716aef733d23c66dd0431663645c526152d342ba0c29443edc
a79c58090cb73fb148ad62db4acaf9089ebda893ac445f27c5a9120cc50abead
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ada912436d3960d00f91d763dc77593b9f1d3c956e5a97864d5a60637377bbc6
adabd868f7815d13793816e31efb54b88fbc88d819b3e18952af20483af86a60
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b384c0456559e1c9517ce2148fe4119a665f62dbe4754f479d03f751ec486aee
b45fb938bb5340de483f10f9e295125e69ae9b17ec09f8122b413f60149bc6ff
b671a39789caa3b23b6a07657d1201b871a22ea32129938bb4b8eb2b44e75aea
b8d4b0f3474c8647606c58c68dc9aa8c521972afce2790040da895803b36fa3c
bc93cfebdf1121d39da529e0750622548980c006126c505ab22044acad858ec1
be780fa3161746c0257f843dc2ebdad4a0e76f5ae8f6166381831c65515fb677
beeeff617dd06b444bbba41370eccd8939af423c349b0ed759f680bd65d52f31
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfb266946d335ff1d5f25a72f8fc4fe7eace89eeb82fdee60201f6e2f077d695
c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
cabf156cbc0dfe5ffbb762c8d1035ef90a5071d3d2c76332eef1f7fe24beb208
cdad164f1f7c6a75820a7678fe0466f18df6993f69251f2e46b96640e82bc5fc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d16997e58f34f00fbf4ebc47f0d93c367b67a8d0c2f19aa9765f304bcd9f8f04
d752964121e476d92b610b60f38a9e33c44fbde1e4232af4bbed5913896cdb6f
daa75acbf73c2f6c42ecbc6c501831ddb9e57cac406ffdba29f1cbf3dd820e0f
dc6901e93504800cd062a7854df5666149adefb98e9a84416f2a69391b820ead
de47cf5862e032983d1560f248f4182a58e0e3dbd222c680163ba1c64b246c56
de85f4555c9373b9ec00e19df62005762465715e7992774aca48845549369fa9
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48d831a86d664d6e58c4f853b56814e2c5e4997e5155347fdc6e876eaced26c
e7fb32f90c92ff4e640bda353d9724276dabfa873a35ac51532fc8a37aa95e18
e884c907c3503f6d73dcab5774183c17d757a675da3ea13b74d1a50da3935367
ec6121c882d4d3d1b21012619bf0f02e1d05863fd89f0fe8253ba708ba186585
ec71665bc8431d253cf12b074733b319d7297b42e7ced71e7d46902b36450fff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f128afe52bebb537395a1f6a724c9d93cba380ef73d4d694bc1fa73dd1ad307d
f4d96acefab272f544ccb86bde1504355af2f5c1d8979825729681fedd278a77
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fe60d96fd5b658ba66d330ede0702b378c47aa432835f979806ab85be9b5c461