www.waonews.com Open in urlscan Pro
2606:4700:30::681b:a536 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFET...
Effective URL:
https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFET...
Submission: On October 18 via manual (October 18th 2018, 11:52:26 pm UTC) from AU

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 65 HTTP transactions. The main IP is 2606:4700:30::681b:a536, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.waonews.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 18th 2018. Valid for: 6 months.

This is the only time www.waonews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681b:a436	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2606:4700:30:... 2606:4700:30::681b:a536	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2400:cb00:204... 2400:cb00:2048:1::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2400:cb00:204... 2400:cb00:2048:1::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:10:... 2606:4700:10::6814:d13b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
11	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2400:cb00:204... 2400:cb00:2048:1::6810:a10d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	52.208.26.158 52.208.26.158	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
65	14

1 2606:4700:30::681b:a436 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.waonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:30::681b:a536 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.waonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2400:cb00:2048:1::6810:5814 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:d13b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

coinhive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:cb00:2048:1::6810:a10d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.208.26.158 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-26-158.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com	183 KB
9	viglink.com cdn.viglink.com api.viglink.com	32 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	160 B
7	jsdelivr.net cdn.jsdelivr.net	107 KB
6	waonews.com 1 redirects www.waonews.com	20 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	google.com 1 redirects adservice.google.com www.google.com	670 B
2	google.de adservice.google.de www.google.de	599 B
1	googletagmanager.com www.googletagmanager.com	29 KB
1	coinhive.com coinhive.com	69 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
65	11

	Domain	Requested by
11	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	cdn.jsdelivr.net	www.waonews.com ajax.cloudflare.com
6	api.viglink.com	cdn.viglink.com
6	www.waonews.com	1 redirects www.waonews.com
3	cdn.viglink.com	www.waonews.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	coinhive.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.waonews.com
65	15

This site contains no links.

Subject Issuer	Validity	Valid
sni248912.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-18` - `2019-04-26`	6 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-05-19` - `2018-11-25`	6 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
ssl809251.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-15` - `2019-02-21`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
www.google.de Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
viglink.com Amazon	`2018-03-09` - `2019-04-09`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Frame ID: B742A08241EEBC2716CD874806A409CC
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181015/r20180604/zrt_lookup.html
Frame ID: DE995E8044C730698902F1BC99389C79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js
Frame ID: EC12C24853D5AAA63B2D4D645F2F3821
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&adk=1812271804&adf=3025194257&lmt=1539906736&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1539906735928&bpp=7&bdt=380&fdt=12&idt=224&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=3804693089891&frm=20&pv=2&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=199925760&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=1540411340&ifi=0&fsb=1&dtd=248
Frame ID: 19DEBF86C4162774B09A5BBCA069BE20
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js
Frame ID: C4DD501153E20F973AAFF16B19B52E67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&slotname=4023775619&adk=3062277743&adf=2725398064&w=730&fwrn=4&lmt=1539906736&rafmt=11&guci=1.2.0.0.2.2.0&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&wgl=1&adsid=NT&dt=1539906735940&bpp=10&bdt=392&fdt=277&idt=278&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=348&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2746247489&ifi=1&fsb=1&xpc=kIh2qZqZak&p=https%3A//www.waonews.com&dtd=293
Frame ID: F8ABD5FD1FF0B38F2C3E0866930EA13E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js
Frame ID: 0565FAE3DFBCC6A589E27AE87934D80A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=280&slotname=8883005267&adk=2969073586&adf=3235933448&w=350&fwrn=4&fwrnh=100&lmt=1539906736&rafmt=1&guci=1.2.0.0.2.2.0&format=350x280&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1539906735950&bpp=8&bdt=402&fdt=355&idt=356&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183&nras=1&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=998&ady=81&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2314251941&ifi=2&fsb=1&xpc=ijhRTZBnW2&p=https%3A//www.waonews.com&dtd=361
Frame ID: 4D7E86444E2BD1F55298ABCE88A92411
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js
Frame ID: 8DD78D36754FA7B0B301251EF01D8748
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js
Frame ID: B2AC7A79E7AE4864465BFC5E11EA3662
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js
Frame ID: BC14404E6B5C194DEB46D557453238BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js
Frame ID: 068715E3E4070A18F7F8FEA399878BF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=90&adk=2743202993&adf=54630664&w=1200&fwrn=4&fwrnh=100&lmt=1539906737&rafmt=1&to=qs&pwprc=3183193468&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1539906737021&bpp=11&bdt=1473&fdt=13&idt=14&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183%2C730x183%2C730x183&nras=4&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=4309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2629618636&ifi=6&fsb=1&xpc=BdKmUPAhCZ&p=https%3A//www.waonews.com&dtd=22
Frame ID: 1467CE3E146919B3C4235BC94443EE30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=1848691050&w=730&lmt=1539906736&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736793&bpp=22&bdt=1245&fdt=23&idt=32&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280&nras=2&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1307&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=3&xpc=fHwuzyPAoV&p=https%3A//www.waonews.com&dtd=47
Frame ID: 20F7BF24FA30BC77468758093B2314D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=3379736376&w=730&lmt=1539906736&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736853&bpp=76&bdt=1305&fdt=77&idt=89&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183&nras=3&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2033&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=4&xpc=zNAeh0TK8u&p=https%3A//www.waonews.com&dtd=105
Frame ID: 4D658B988EB25741077067E214DB06E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=1157993134&w=730&lmt=1539906737&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736983&bpp=19&bdt=1436&fdt=20&idt=25&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183%2C730x183&nras=4&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=3199&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=5&xpc=fjcFSsw5EQ&p=https%3A//www.waonews.com&dtd=33
Frame ID: BF5D3498EEACD45D8A5B73F1D07F5577
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_AL... HTTP 301
https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_AL... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i
env /^(?:vglnk(?:$|_)|vl_(?:cB|disable)$)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

65
Requests

72 %
HTTPS

94 %
IPv6

11
Domains

15
Subdomains

14
IPs

2
Countries

461 kB
Transfer

7112 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML HTTP 301
https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1627586543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&ul=en-us&de=UTF-8&dt=Li%20Yanrong%20was%20appointed%20president%20of%20Sichuan%20once%20told%20students%3A%20Although%20anxious%20safety%20first%20date%20%7C%20waonews&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=22219741&gjid=777673535&cid=1198917489.1539906736&tid=UA-111542624-1&_gid=1019556542.1539906736&_r=1&gtm=uaf&z=1105835804 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_gid=1019556542.1539906736&gjid=777673535&_v=j71&z=1105835804 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_v=j71&z=1105835804 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_v=j71&z=1105835804&slf_rd=1&random=2784977209

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML Show response
www.waonews.com/NEWS/
Redirect Chain

http://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

20 KB
7 KB

390ms
367ms

Document
text/html

2606:4700:30::681b:a536
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:a536 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.1.17
Resource Hash: 3ae37969177fbaf05d1a6f81f931af9b630229e076b864de0679ece8709d6c5d

Request headers

:method: GET
:authority: www.waonews.com
:scheme: https
:path: /NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Thu, 18 Oct 2018 23:52:15 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d415b8db74f05c83d330f906b93ad26821539906735; expires=Fri, 18-Oct-19 23:52:15 GMT; path=/; domain=.waonews.com; HttpOnly; Secure
vary: Accept-Encoding
x-powered-by: PHP/7.1.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 46beeae6dbd1c29c-FRA
content-encoding: gzip

Redirect headers

Date: Thu, 18 Oct 2018 23:52:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Oct 2018 00:52:15 GMT
Location: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46beeae6a50c273e-FRA

GET
H2 200 _BH-sAmSP9zS4DD31Aj-tC0v1Oc.js Show response
www.waonews.com/cdn-cgi/apps/head/ 4 KB
2 KB 15ms
10ms Script
application/javascript 2606:4700:30::681b:a536
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.waonews.com/cdn-cgi/apps/head/_BH-sAmSP9zS4DD31Aj-tC0v1Oc.js
Requested by: Host: www.waonews.com
URL: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:a536 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d6c7b1990c381302453580c88efe3ab9df018e9c0e9e912b22eac10ffd2bb2

Request headers

:path: /cdn-cgi/apps/head/_BH-sAmSP9zS4DD31Aj-tC0v1Oc.js
pragma: no-cache
cookie: __cfduid=d415b8db74f05c83d330f906b93ad26821539906735
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.waonews.com
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
:scheme: https
:method: GET
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 47B7CDD3E9B36A7A
cf-ray: 46beeae94e3ec29c-FRA
status: 200
content-length: 1501
x-amz-id-2: Fb78sS5QUvijLNrXF1gDEFywrWKKwDmGvnMBPTvCl6EUI0LkoRiYVYoXye4yAWJrMpaCKTSpKrQ=
last-modified: Sun, 01 Apr 2018 10:57:58 GMT
server: cloudflare
etag: "1f6f3d41fb7a7d67019e80c14d210be7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: GQm9F_nxbnclOY3aDCuG0wuszdWDvFQ8
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
expires: Fri, 18 Oct 2019 23:52:15 GMT

GET
S 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/ 141 KB
21 KB 70ms
10ms Stylesheet
text/css 2400:cb00:2048:1::6810:5814
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/bootstrap.min.css

Requested by

Host: www.waonews.com
URL: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
content-length: 20563
x-served-by: cache-ams4125-AMS, cache-hhn1540-HHN
timing-allow-origin: *
server: cloudflare
etag: "235ed-iVElpFIqOxDuetoG7mUDWHy/lcU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 46beeae9a9e99816-FRA

GET
H2 200 logo.svg
www.waonews.com/skin/images/ 7 KB
2 KB 9ms
9ms Image
image/svg+xml 2606:4700:30::681b:a536
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.waonews.com/skin/images/logo.svg
Requested by: Host: www.waonews.com
URL: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:a536 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fc3533710fef1024ff1b1eaf8da36c928b67a7c52e954eef0baa2e627ee313

Request headers

:path: /skin/images/logo.svg
pragma: no-cache
cookie: __cfduid=d415b8db74f05c83d330f906b93ad26821539906735
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.waonews.com
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
:scheme: https
:method: GET
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 08 May 2018 03:35:04 GMT
server: cloudflare
etag: W/"5af11ae8-1a78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 46beeae94e40c29c-FRA
expires: Fri, 19 Oct 2018 03:52:15 GMT

GET
H2 404 0d140742030fdc00261c0545667f12f9.jpg
www.waonews.com/uploads/2017/12// 7 KB
7 KB 349ms
349ms Image
text/html 2606:4700:30::681b:a536
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.waonews.com/uploads/2017/12//0d140742030fdc00261c0545667f12f9.jpg
Requested by: Host: www.waonews.com
URL: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:a536 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.1.17
Resource Hash: f41f1177adecc9a3d5533f9ecb4c2603d2fdbf90b45f550be9f87c260b3f5e9e

Request headers

:path: /uploads/2017/12//0d140742030fdc00261c0545667f12f9.jpg
pragma: no-cache
cookie: __cfduid=d415b8db74f05c83d330f906b93ad26821539906735
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.waonews.com
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
:scheme: https
:method: GET
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
x-powered-by: PHP/7.1.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
status: 404
cache-control: public, max-age=14400
cf-ray: 46beeae94e41c29c-FRA
expires: Fri, 19 Oct 2018 03:52:15 GMT

GET
S 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/ 11 KB
4 KB 15ms
8ms Script
application/javascript 2400:cb00:2048:1::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.waonews.com
URL: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 16 Oct 2018 13:12:27 GMT
server: cloudflare-nginx
etag: W/"5bc5e3bb-2ba8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 46beeae969e1c27e-FRA
expires: Sat, 20 Oct 2018 23:52:15 GMT

GET
H2 200 0htj9gmHfHMpl2hlfGlcdWR7Ks0.js Show response
www.waonews.com/cdn-cgi/apps/body/ 732 B
579 B 9ms
9ms Script
application/javascript 2606:4700:30::681b:a536
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.waonews.com/cdn-cgi/apps/body/0htj9gmHfHMpl2hlfGlcdWR7Ks0.js
Requested by: Host: www.waonews.com
URL: https://www.waonews.com/cdn-cgi/apps/head/_BH-sAmSP9zS4DD31Aj-tC0v1Oc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:a536 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53851e3b698396bb233fde7ff755ec749f40d6c890d042bfb7c8a0d922d5c668

Request headers

:path: /cdn-cgi/apps/body/0htj9gmHfHMpl2hlfGlcdWR7Ks0.js
pragma: no-cache
cookie: __cfduid=d415b8db74f05c83d330f906b93ad26821539906735
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.waonews.com
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
:scheme: https
:method: GET
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6F1A5CC7DF95F16D
cf-ray: 46beeae96e64c29c-FRA
status: 200
content-length: 382
x-amz-id-2: cG0zZUUtkSNfBHOm7R2end4FTCPk0g1GgXd27W2J6pAF5lSG2dP2oBUgN5rOX2WwB4b9Qjf7qiA=
last-modified: Sun, 01 Apr 2018 10:57:58 GMT
server: cloudflare
etag: "67ed4e242182de662385ba14bb9c7290"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6Lw9KuxwFl0_eCc.caGCMysE3YmSiN8R
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
expires: Fri, 18 Oct 2019 23:52:15 GMT

GET
S 200 coinhive.min.js Show response
coinhive.com/lib/ 265 KB
69 KB 90ms
11ms Script
application/javascript 2606:4700:10::6814:d13b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://coinhive.com/lib/coinhive.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:d13b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a9bdb4f8cff06f1f195018a63e4ae1ed73968c8c170df51ed665700e9bd847

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Oct 2018 11:57:41 GMT
server: cloudflare
status: 200
etag: W/"5bc480b5-423b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=28800
cf-ray: 46beeaea4d929ab8-FRA
expires: Fri, 19 Oct 2018 07:52:15 GMT

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
29 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111542624-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

dfaa4b4834e6925819b38551b32088175cc5fe87a427712b60b9d5a533310b8c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 29675
x-xss-protection: 1; mode=block
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
S 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/ 48 KB
13 KB 9ms
9ms Script
application/javascript 2400:cb00:2048:1::6810:5814
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
content-length: 13105
x-served-by: cache-ams4141-AMS, cache-hhn1524-HHN
timing-allow-origin: *
server: cloudflare
etag: "bf30-qVRYMYA7E1nP7tR+O01rrmjkDpk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 46beeae9ca169816-FRA

GET
S 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/ 19 KB
7 KB 15ms
15ms Script
application/javascript 2400:cb00:2048:1::6810:5814
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/popper.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
content-length: 6911
x-served-by: cache-ams4136-AMS, cache-hhn1551-HHN
timing-allow-origin: *
server: cloudflare
etag: "4af4-w7l3qkuN+2nWUeBwFQMdOF3tlks"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 46beeae9ca189816-FRA

GET
S 200 jquery.slim.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.2.1/dist/ 68 KB
24 KB 14ms
13ms Script
application/javascript 2400:cb00:2048:1::6810:5814
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.slim.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 23896
x-served-by: cache-ams4150-AMS, cache-hhn1529-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"10fdd-nonRUVvEw3G4b0yxAC/Y43fBgp8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 46beeae9ca1a9816-FRA

GET
S 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 75 KB
28 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e48235138c5957c838d81820e126c3df22f0b6e4a02de33e6e4640af70c8842c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28144
x-xss-protection: 1; mode=block
server: cafe
etag: 7539946005733577377
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
S 200 jquery.slim.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.2.1/dist/ 68 KB
23 KB 12ms
12ms Script
application/javascript 2400:cb00:2048:1::6810:5814
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.slim.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 23896
x-served-by: cache-ams4150-AMS, cache-hhn1529-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"10fdd-nonRUVvEw3G4b0yxAC/Y43fBgp8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 46beeaeb7b259816-FRA

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
490 B 46ms
19ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.waonews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
490 B 46ms
19ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.waonews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 ca-pub-8655643176113736.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
275 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8655643176113736.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Oct 2018 21:36:32 GMT
server: sffe
age: 123
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Fri, 19 Oct 2018 11:50:12 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181015/r20180604/ Frame DE99 0
0 7ms
3ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181015/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181015/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 16 Oct 2018 01:12:51 GMT
expires: Tue, 30 Oct 2018 01:12:51 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 254364
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ Frame EC12 200 KB
74 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75852
x-xss-protection: 1; mode=block
server: cafe
etag: 11803176738510783056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
S 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/ 19 KB
7 KB 12ms
11ms Script
application/javascript 2400:cb00:2048:1::6810:5814
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/popper.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com

Response headers

date: Thu, 18 Oct 2018 23:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
content-length: 6911
x-served-by: cache-ams4136-AMS, cache-hhn1551-HHN
timing-allow-origin: *
server: cloudflare
etag: "4af4-w7l3qkuN+2nWUeBwFQMdOF3tlks"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 46beeaec5ba79816-FRA

GET
S 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/ 48 KB
13 KB 23ms
23ms Script
application/javascript 2400:cb00:2048:1::6810:5814
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com

Response headers

date: Thu, 18 Oct 2018 23:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
content-length: 13105
x-served-by: cache-ams4141-AMS, cache-hhn1524-HHN
timing-allow-origin: *
server: cloudflare
etag: "bf30-qVRYMYA7E1nP7tR+O01rrmjkDpk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 46beeaec7baf9816-FRA

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 807c9a07-1de0-4127-aa07-5dfa1993d014
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/807c9a07-1de0-4127-aa07-5dfa1993d014
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 19DE 0
0 41ms
40ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&adk=1812271804&adf=3025194257&lmt=1539906736&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1539906735928&bpp=7&bdt=380&fdt=12&idt=224&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=3804693089891&frm=20&pv=2&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=199925760&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=1540411340&ifi=0&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8655643176113736&output=html&adk=1812271804&adf=3025194257&lmt=1539906736&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1539906735928&bpp=7&bdt=380&fdt=12&idt=224&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=3804693089891&frm=20&pv=2&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=199925760&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=1540411340&ifi=0&fsb=1&dtd=248
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Oct 2018 23:52:16 GMT
server: cafe
cache-control: private
content-length: 568
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Oct-2018 00:07:16 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Thu, 18 Oct 2018 23:52:16 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ 73 KB
27 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

809666eab20dda169c2b653d74381101a244f9b40693e354ce22cb857c05abb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 16 Oct 2018 00:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27170
x-xss-protection: 1; mode=block
server: cafe
etag: 13182056233691646820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Oct 2018 00:57:16 GMT

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
BLOB 200
OK 49a7b378-0984-4432-877e-28e5a4f0eae4
https://www.waonews.com/ 249 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.waonews.com/49a7b378-0984-4432-877e-28e5a4f0eae4
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 254828

GET
S 200 vglnk.js Show response
cdn.viglink.com/api/ 80 KB
28 KB 65ms
13ms Script
text/javascript 2400:cb00:2048:1::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: www.waonews.com
URL: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b24e11a5d0cbc8aced7504e44e8d20b9ff60c9bc4a521bfa5aa1f97e6733a36

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:16 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 4BAD95BEEF80D506
status: 200
content-length: 28313
x-amz-id-2: 6aZi79vURZOitszQQgzZuxca+M2zKHcagb+BfEaGWcAqfNY6xYoAQ7LTMBYRqhljKYl+AYPMbZk=
last-modified: Wed, 10 Oct 2018 20:52:41 GMT
server: cloudflare
etag: "e77705f9ba54775209f2d411a506320c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 46beeaed9d246361-FRA
expires: Fri, 19 Oct 2018 00:22:16 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 42 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111542624-1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 5393
date: Thu, 18 Oct 2018 22:22:23 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17301
expires: Fri, 19 Oct 2018 00:22:23 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ Frame C4DD 200 KB
0 32ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75852
x-xss-protection: 1; mode=block
server: cafe
etag: 11803176738510783056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F8AB 0
0 93ms
93ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&slotname=4023775619&adk=3062277743&adf=2725398064&w=730&fwrn=4&lmt=1539906736&rafmt=11&guci=1.2.0.0.2.2.0&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&wgl=1&adsid=NT&dt=1539906735940&bpp=10&bdt=392&fdt=277&idt=278&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=348&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2746247489&ifi=1&fsb=1&xpc=kIh2qZqZak&p=https%3A//www.waonews.com&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&slotname=4023775619&adk=3062277743&adf=2725398064&w=730&fwrn=4&lmt=1539906736&rafmt=11&guci=1.2.0.0.2.2.0&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&wgl=1&adsid=NT&dt=1539906735940&bpp=10&bdt=392&fdt=277&idt=278&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=348&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2746247489&ifi=1&fsb=1&xpc=kIh2qZqZak&p=https%3A//www.waonews.com&dtd=293
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Oct 2018 23:52:16 GMT
server: cafe
cache-control: private
content-length: 384
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUkCruzxXxeejZgyRek5fPbtPLG3QyW0daBV0O8vKNHcKKB5_D83R_eeHiF9; expires=Tue, 12-Nov-2019 23:52:16 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Thu, 18 Oct 2018 23:52:16 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1627586543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALT...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_gid=1019556542.1539906736&gjid=777673535&_v=j71&z=1105835804
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_v=j71&z=1105835804
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_v=j71&z=1105835804&slf_rd=1&random=2784977209

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_v=j71&z=1105835804&slf_rd=1&random=2784977209

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Oct 2018 23:52:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Oct 2018 23:52:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111542624-1&cid=1198917489.1539906736&jid=22219741&_v=j71&z=1105835804&slf_rd=1&random=2784977209
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ Frame 0565 200 KB
0 32ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75852
x-xss-protection: 1; mode=block
server: cafe
etag: 11803176738510783056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4D7E 0
0 98ms
97ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=280&slotname=8883005267&adk=2969073586&adf=3235933448&w=350&fwrn=4&fwrnh=100&lmt=1539906736&rafmt=1&guci=1.2.0.0.2.2.0&format=350x280&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1539906735950&bpp=8&bdt=402&fdt=355&idt=356&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183&nras=1&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=998&ady=81&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2314251941&ifi=2&fsb=1&xpc=ijhRTZBnW2&p=https%3A//www.waonews.com&dtd=361

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8655643176113736&output=html&h=280&slotname=8883005267&adk=2969073586&adf=3235933448&w=350&fwrn=4&fwrnh=100&lmt=1539906736&rafmt=1&guci=1.2.0.0.2.2.0&format=350x280&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1539906735950&bpp=8&bdt=402&fdt=355&idt=356&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183&nras=1&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=998&ady=81&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2314251941&ifi=2&fsb=1&xpc=ijhRTZBnW2&p=https%3A//www.waonews.com&dtd=361
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Oct 2018 23:52:16 GMT
server: cafe
cache-control: private
content-length: 383
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUmukx9ga7mY8OQAWFZnUyytBJdDqKZmtc-XpX2MvyzT_QLWyv_gSQF9U0Wp; expires=Tue, 12-Nov-2019 23:52:16 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Thu, 18 Oct 2018 23:52:16 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ Frame 8DD7 200 KB
0 32ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75852
x-xss-protection: 1; mode=block
server: cafe
etag: 11803176738510783056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
S 200 reactive_library.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ 155 KB
54 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/reactive_library.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

cef5759e2927fde9fbd82ed0200e9193debae625739a80e03fcdbffd708dcc9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 55370
x-xss-protection: 1; mode=block
server: cafe
etag: 13977862051767967926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:16 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ Frame B2AC 200 KB
0 32ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75852
x-xss-protection: 1; mode=block
server: cafe
etag: 11803176738510783056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ Frame BC14 200 KB
0 32ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75852
x-xss-protection: 1; mode=block
server: cafe
etag: 11803176738510783056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/ Frame 0687 200 KB
0 32ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 18 Oct 2018 23:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75852
x-xss-protection: 1; mode=block
server: cafe
etag: 11803176738510783056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Oct 2018 23:52:15 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1467 0
0 206ms
205ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=90&adk=2743202993&adf=54630664&w=1200&fwrn=4&fwrnh=100&lmt=1539906737&rafmt=1&to=qs&pwprc=3183193468&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1539906737021&bpp=11&bdt=1473&fdt=13&idt=14&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183%2C730x183%2C730x183&nras=4&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=4309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2629618636&ifi=6&fsb=1&xpc=BdKmUPAhCZ&p=https%3A//www.waonews.com&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8655643176113736&output=html&h=90&adk=2743202993&adf=54630664&w=1200&fwrn=4&fwrnh=100&lmt=1539906737&rafmt=1&to=qs&pwprc=3183193468&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1539906737021&bpp=11&bdt=1473&fdt=13&idt=14&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183%2C730x183%2C730x183&nras=4&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=4309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=2629618636&ifi=6&fsb=1&xpc=BdKmUPAhCZ&p=https%3A//www.waonews.com&dtd=22
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUmukx9ga7mY8OQAWFZnUyytBJdDqKZmtc-XpX2MvyzT_QLWyv_gSQF9U0Wp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Oct 2018 23:52:17 GMT
server: cafe
cache-control: private
content-length: 385
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 pixel.gif
cdn.viglink.com/images/ 43 B
286 B 18ms
18ms Image
image/gif 2400:cb00:2048:1::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=1.1077786303299617
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:17 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
x-amz-request-id: 40B2715987E1B24A
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
cf-ray: 46beeaf7e8586361-FRA
content-length: 43
x-amz-id-2: 5hXuMsHv0JB9hPUCxQC8GZcLoA1KT9W+DEgd3gQjL1CnvNte49l+3MZyWbzydZDY6XZQZPE0bKY=

GET
S 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 14ms
14ms Image
image/gif 2400:cb00:2048:1::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=1.1077786303299617
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Oct 2018 23:52:17 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
x-amz-request-id: 40B2715987E1B24A
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
cf-ray: 46beeaf8286d6361-FRA
content-length: 43
x-amz-id-2: 5hXuMsHv0JB9hPUCxQC8GZcLoA1KT9W+DEgd3gQjL1CnvNte49l+3MZyWbzydZDY6XZQZPE0bKY=

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 20F7 0
0 60ms
59ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=1848691050&w=730&lmt=1539906736&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736793&bpp=22&bdt=1245&fdt=23&idt=32&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280&nras=2&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1307&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=3&xpc=fHwuzyPAoV&p=https%3A//www.waonews.com&dtd=47

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=1848691050&w=730&lmt=1539906736&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736793&bpp=22&bdt=1245&fdt=23&idt=32&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280&nras=2&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=736796672&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1307&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=3&xpc=fHwuzyPAoV&p=https%3A//www.waonews.com&dtd=47
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUmukx9ga7mY8OQAWFZnUyytBJdDqKZmtc-XpX2MvyzT_QLWyv_gSQF9U0Wp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Oct 2018 23:52:18 GMT
server: cafe
cache-control: private
content-length: 385
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4D65 0
0 58ms
56ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=3379736376&w=730&lmt=1539906736&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736853&bpp=76&bdt=1305&fdt=77&idt=89&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183&nras=3&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2033&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=4&xpc=zNAeh0TK8u&p=https%3A//www.waonews.com&dtd=105

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=3379736376&w=730&lmt=1539906736&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736853&bpp=76&bdt=1305&fdt=77&idt=89&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183&nras=3&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2033&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=4&xpc=zNAeh0TK8u&p=https%3A//www.waonews.com&dtd=105
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUmukx9ga7mY8OQAWFZnUyytBJdDqKZmtc-XpX2MvyzT_QLWyv_gSQF9U0Wp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Oct 2018 23:52:18 GMT
server: cafe
cache-control: private
content-length: 386
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BF5D 0
0 58ms
57ms Document
text/html 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=1157993134&w=730&lmt=1539906737&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736983&bpp=19&bdt=1436&fdt=20&idt=25&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183%2C730x183&nras=4&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=3199&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=5&xpc=fjcFSsw5EQ&p=https%3A//www.waonews.com&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181015/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8655643176113736&output=html&h=183&adk=1662451605&adf=1157993134&w=730&lmt=1539906737&num_ads=1&pwprc=3183193468&guci=1.2.0.0.2.2.0&ad_type=text_image&format=730x183&url=https%3A%2F%2Fwww.waonews.com%2FNEWS%2F645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML&flash=0&pra=3&wgl=1&fa=27&adsid=NT&dt=1539906736983&bpp=19&bdt=1436&fdt=20&idt=25&shv=r20181015&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C730x183%2C350x280%2C730x183%2C730x183&nras=4&correlator=3804693089891&frm=20&pv=1&ga_vid=1198917489.1539906736&ga_sid=1539906736&ga_hid=1627586543&ga_fc=0&iag=0&icsg=35096535040&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=3199&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062569&oid=3&rx=0&eae=0&fc=1296&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=4105894845&ifi=5&xpc=fjcFSsw5EQ&p=https%3A//www.waonews.com&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUmukx9ga7mY8OQAWFZnUyytBJdDqKZmtc-XpX2MvyzT_QLWyv_gSQF9U0Wp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 18 Oct 2018 23:52:18 GMT
server: cafe
cache-control: private
content-length: 383
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 385 B
1 KB 195ms
42ms XHR
text/javascript 52.208.26.158
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.26.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-26-158.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 1448c4116b8cf8af8ec42cda1aeb2cf4077b8f27ba205aff5c5cddaa8158dc45

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 18 Oct 2018 23:52:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.waonews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 385
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 40ms
39ms Image
text/plain 52.208.26.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?partner_id=lot
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.26.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-26-158.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Oct 2018 23:52:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 41 B
488 B 56ms
31ms XHR
text/javascript 52.208.26.158
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.26.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-26-158.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b9cc4097f6fecc588996b92543a2bc2e92a41bd1a19b2cdff8aca7b759bc4f20

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 18 Oct 2018 23:52:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.waonews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 111 B
559 B 56ms
35ms XHR
text/javascript 52.208.26.158
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.26.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-26-158.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 59a48dd86dd6b055c05bc4cfbf49e05ed62c10665a03c92560af732634d3210e

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
Origin: https://www.waonews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 18 Oct 2018 23:52:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.waonews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 111
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 67ms
31ms Image
text/plain 52.208.26.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?partner_id=rkt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.26.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-26-158.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Oct 2018 23:52:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 38ms
37ms Image
text/plain 52.208.26.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?partner_id=eyt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.26.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-26-158.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.waonews.com/NEWS/645-LI_YANRONG_WAS_APPOINTED_PRESIDENT_OF_SICHUAN_ONCE_TOLD_STUDENTS_ALTHOUGH_ANXIOUS_SAFETY_FIRST_DATE.HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Oct 2018 23:52:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.waonews.com/	1970-01-19 04:30:42	Name: __cfduid Value: d415b8db74f05c83d330f906b93ad26821539906735

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
api.viglink.com
cdn.jsdelivr.net
cdn.viglink.com
coinhive.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.waonews.com
2400:cb00:2048:1::6810:5814
2400:cb00:2048:1::6810:a10d
2400:cb00:2048:1::6813:c697
2606:4700:10::6814:d13b
2606:4700:30::681b:a436
2606:4700:30::681b:a536
2a00:1450:4001:814::2002
2a00:1450:4001:817::2003
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c00::9c
52.208.26.158
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1448c4116b8cf8af8ec42cda1aeb2cf4077b8f27ba205aff5c5cddaa8158dc45
20fc3533710fef1024ff1b1eaf8da36c928b67a7c52e954eef0baa2e627ee313
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
3ae37969177fbaf05d1a6f81f931af9b630229e076b864de0679ece8709d6c5d
3b24e11a5d0cbc8aced7504e44e8d20b9ff60c9bc4a521bfa5aa1f97e6733a36
53851e3b698396bb233fde7ff755ec749f40d6c890d042bfb7c8a0d922d5c668
59a48dd86dd6b055c05bc4cfbf49e05ed62c10665a03c92560af732634d3210e
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
809666eab20dda169c2b653d74381101a244f9b40693e354ce22cb857c05abb5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
92d6c7b1990c381302453580c88efe3ab9df018e9c0e9e912b22eac10ffd2bb2
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b3ea65fe925fe9fe62fffea17ff8cede8c20bef2284369f26c259d154761b10b
b9cc4097f6fecc588996b92543a2bc2e92a41bd1a19b2cdff8aca7b759bc4f20
cef5759e2927fde9fbd82ed0200e9193debae625739a80e03fcdbffd708dcc9e
dbe3d456f488fc76a01dd05fe4aca88b2ed9de2a17d7f7ae988d5a0fde14e3ad
dfaa4b4834e6925819b38551b32088175cc5fe87a427712b60b9d5a533310b8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48235138c5957c838d81820e126c3df22f0b6e4a02de33e6e4640af70c8842c
e7a9bdb4f8cff06f1f195018a63e4ae1ed73968c8c170df51ed665700e9bd847
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41f1177adecc9a3d5533f9ecb4c2603d2fdbf90b45f550be9f87c260b3f5e9e

www.waonews.com Open in urlscan Pro 2606:4700:30::681b:a536 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

72 %HTTPS

94 %IPv6

11 Domains

15 Subdomains

14 IPs

2 Countries

461 kBTransfer

7112 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.waonews.com Open in urlscan Pro
2606:4700:30::681b:a536 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

72 %
HTTPS

94 %
IPv6

11
Domains

15
Subdomains

14
IPs

2
Countries

461 kB
Transfer

7112 kB
Size

1
Cookies

65 HTTP transactions
0 data transactions