urlscan.io logo urlscan.io
SecurityTrails logo

yiwubing.com Open in urlscan Pro
101.32.74.54  Public Scan

Go To Rescan Add Verdict Report
URL: http://yiwubing.com/
Submission: On March 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 59 HTTP transactions. The main IP is 101.32.74.54, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is yiwubing.com.
This is the only time yiwubing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    101.32.74.54 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
yiwubing.com
7    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    34.215.37.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-37-29.us-west-2.compute.amazonaws.com
blogs.kellogg.northwestern.edu
5    151.139.244.23 (United States)

ASN33438 (STACKPATH, US)
cpb-us-w2.wpmucdn.com
1    165.124.147.158 (United States)

ASN103 (NWU-AS, US)
cms.kellogg.northwestern.edu
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 yiwubing.com
yiwubing.com
137 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
225 KB
8 northwestern.edu
blogs.kellogg.northwestern.edu
cms.kellogg.northwestern.edu
36 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
147 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
38 KB
5 wpmucdn.com
cpb-us-w2.wpmucdn.com — Cisco Umbrella Rank: 95536
224 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
36 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
646 B
59 11
Domain Requested by
15 yiwubing.com yiwubing.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 blogs.kellogg.northwestern.edu 5 redirects yiwubing.com
7 pagead2.googlesyndication.com yiwubing.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
yiwubing.com
googleads.g.doubleclick.net
5 cpb-us-w2.wpmucdn.com yiwubing.com
4 fonts.gstatic.com yiwubing.com
fonts.googleapis.com
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cms.kellogg.northwestern.edu yiwubing.com
59 15

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
blogs.kellogg.northwestern.edu
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
www.kellogg.northwestern.edu
InCommon RSA Server CA		 2021-07-27 -
2022-07-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://yiwubing.com/
Frame ID: A090EF6C14DA81F8EEC4D46570A075C4
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 157C5F5C1401B929B226B68767B7F4B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732194202087209&output=html&adk=1812271804&adf=3025194257&lmt=1631674785&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fyiwubing.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1647035987754&bpp=1013&bdt=145&idt=1122&shv=r20220308&mjsv=m202203090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6844395663289&frm=20&pv=2&ga_vid=627489783.1647035989&ga_sid=1647035989&ga_hid=1309202196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C44758396%2C31065370%2C31065607%2C31063247&oid=2&pvsid=3699682148437408&pem=997&tmod=629747450&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=1142
Frame ID: 1C6673A6918946E448F243236C29EA5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Frame ID: 13BD37906A57461A4606B4B4E452103C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8510C30F6B21DDF05C75A55D728118E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
Frame ID: A9788133608FE2A665D5E11CFEF207DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD50AF6288400642A1A8BAA73829AC66
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 70DC634BF27FAAEB180E051FD8E62604
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Entrepreneurship Series, Part Two: Where Are They Now?

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

59
Requests

63 %
HTTPS

67 %
IPv6

11
Domains

15
Subdomains

16
IPs

3
Countries

845 kB
Transfer

1832 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://blogs.kellogg.northwestern.edu/inside/files/2017/11/blog-hero-1140x300-1qzzup2.jpg HTTP 302
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2017/11/blog-hero-1140x300-1qzzup2.jpg
Request Chain 25
  • https://blogs.kellogg.northwestern.edu/inside/files/2021/04/blog_img_041421_tyler_lorena.jpg HTTP 302
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041421_tyler_lorena.jpg
Request Chain 31
  • https://blogs.kellogg.northwestern.edu/inside/files/2021/04/kengos_blog_img_042021-660x440.jpg HTTP 302
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/kengos_blog_img_042021-660x440.jpg
Request Chain 32
  • https://blogs.kellogg.northwestern.edu/inside/files/2021/04/blog_img_041921_emily_bri-660x440.jpg HTTP 302
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041921_emily_bri-660x440.jpg
Request Chain 33
  • https://blogs.kellogg.northwestern.edu/inside/files/2020/07/HUB-FINAL_blog_img_072320-660x440.jpg HTTP 302
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2020/07/HUB-FINAL_blog_img_072320-660x440.jpg
Request Chain 49
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yiwubing.com/ 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
69693227b71564cde386dd6207b83a9967cd3a3dcb36d31d11124e8d0894caf2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 11 Mar 2022 21:59:47 GMT
Content-Type
text/html
Last-Modified
Wed, 15 Sep 2021 02:59:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"614161a1-7b57"
Content-Encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7732194202087209
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
236527a0a61d1932d0df456bad0058682db2d3a8ef7d4c9a1c5e86f36dd576a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yiwubing.com/
Origin
http://yiwubing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54639
x-xss-protection
0
server
cafe
etag
13127406905671362634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:59:47 GMT
inside.css
yiwubing.com/static/css/ 		113 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/css/inside.css
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
56ce49db13d88f808015f4aa09033078e6a17ba5acc0667d7fa9b0751a2dd268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:26 GMT
Server
nginx
ETag
W/"6081a2fe-1c49d"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:47 GMT
style.min.css
yiwubing.com/static/css/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/css/style.min.css
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:28 GMT
Server
nginx
ETag
W/"6081a300-c8e9"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:47 GMT
admin-bar-public.css
yiwubing.com/static/css/ 		369 B
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/css/admin-bar-public.css
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
f67e47d0233a2c0a611da80af0d72f87be1a688b0828c5ea1c4432521f02af04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Last-Modified
Thu, 22 Apr 2021 16:23:26 GMT
Server
nginx
ETag
"6081a2fe-171"
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
369
Expires
Sat, 12 Mar 2022 09:59:48 GMT
css.css
yiwubing.com/static/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/css/css.css
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
2baae83ea1f1a5b3310b572483a9982c17f85eb063beddc47d3683acc73b2c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:26 GMT
Server
nginx
ETag
W/"6081a2fe-2004"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
bootstrap.min.css
yiwubing.com/static/css/ 		107 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/css/bootstrap.min.css
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
ce65a532b282a47f9eef1a383b68347e68a06ce97a8ce2b05e10bb9e912cb39c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:26 GMT
Server
nginx
ETag
W/"6081a2fe-1ad36"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
font-awesome.min.css
yiwubing.com/static/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/css/font-awesome.min.css
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
cc571a2814efa4071d70ded467436135f1c8b18e5baacbd1c2b2653fded80a4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:26 GMT
Server
nginx
ETag
W/"6081a2fe-5286"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
style.css
yiwubing.com/static/css/ 		62 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/css/style.css
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
ce667621f04178c49d6cceb4fac0b67bb6a72da41c1e313a103089f398900d15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:26 GMT
Server
nginx
ETag
W/"6081a2fe-f694"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
jquery.min.js
yiwubing.com/static/js/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/js/jquery.min.js
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:28 GMT
Server
nginx
ETag
W/"6081a300-15d98"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
jquery-migrate.min.js
yiwubing.com/static/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/js/jquery-migrate.min.js
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:28 GMT
Server
nginx
ETag
W/"6081a300-2bd8"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
tdmagazine.js
blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/js/tdmagazine.js?ver=201301
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.215.37.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-37-29.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
705f71dd6e127300efec5b651c403dc6acd9e7cccc458f1ce085f46f677f0722

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-bypass-reason
Arguments found
date
Fri, 11 Mar 2022 21:59:48 GMT
content-encoding
gzip
last-modified
Wed, 20 Jun 2018 16:14:57 GMT
server
openresty
etag
W/"5b2a7d81-14fb"
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Sat, 11 Mar 2023 21:59:48 GMT
blog-hero-1140x300-1qzzup2.jpg
cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2017/11/
Redirect Chain
  • http://blogs.kellogg.northwestern.edu/inside/files/2017/11/blog-hero-1140x300-1qzzup2.jpg
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2017/11/blog-hero-1140x300-1qzzup2.jpg
76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2017/11/blog-hero-1140x300-1qzzup2.jpg
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Server
151.139.244.23 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
07cb056355170a945ff8cb7f33fbd67abe80ff2f04d52057546bd76501635e41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:49 GMT
last-modified
Fri, 22 Dec 2017 17:55:39 GMT
server
nginx
etag
"89154ca0581d2030fbb0b9187c70e658"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
77898
expires
Mon, 06 Mar 2023 21:59:49 GMT

Redirect headers

Date
Fri, 11 Mar 2022 21:59:49 GMT
Server
openresty
Cache-Control
public, max-age=31536000
ETag
d3eacec72ceaa19a3a57251f23120e08
Transfer-Encoding
chunked
X-Cache
BYPASS
Content-Type
image/jpeg
Location
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2017/11/blog-hero-1140x300-1qzzup2.jpg
X-Cache-Bypass-Reason
Arguments found
Connection
keep-alive
jquery.min.js
yiwubing.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/jquery.min.js
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
6a44e0a4e4f30e3dcaeac039ba35888d3d2c484031db3cd74b16a4eea0fbc219

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Sep 2021 02:59:31 GMT
Server
nginx
ETag
W/"61416193-7c1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
feed-icon32x32.png
yiwubing.com/static/picture/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yiwubing.com/static/picture/feed-icon32x32.png
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Last-Modified
Thu, 22 Apr 2021 16:23:00 GMT
Server
nginx
ETag
"6081a2e4-5a1"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1441
Expires
Sun, 10 Apr 2022 21:59:48 GMT
beacon
cms.kellogg.northwestern.edu/bundle/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.kellogg.northwestern.edu/bundle/beacon
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.124.147.158 , United States, ASN103 (NWU-AS, US),
Reverse DNS
Software
BigIP /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Server
BigIP
skip-link-focus-fix.js
yiwubing.com/static/js/ 		733 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/js/skip-link-focus-fix.js
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Last-Modified
Thu, 22 Apr 2021 16:23:28 GMT
Server
nginx
ETag
"6081a300-2dd"
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
733
Expires
Sat, 12 Mar 2022 09:59:48 GMT
jquery.assets.js
blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/js/ 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/js/jquery.assets.js?ver=201401
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.215.37.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-37-29.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e17ecac26448e98e0f5a9bd4cb366ee269664338ca748b28612415aa96cf8812

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-bypass-reason
Arguments found
date
Fri, 11 Mar 2022 21:59:48 GMT
content-encoding
gzip
last-modified
Wed, 20 Jun 2018 16:14:57 GMT
server
openresty
etag
W/"5b2a7d81-185d8"
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Sat, 11 Mar 2023 21:59:48 GMT
wp-embed.min.js
yiwubing.com/static/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/js/wp-embed.min.js
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:28 GMT
Server
nginx
ETag
W/"6081a300-59a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
wp-emoji-release.min.js
yiwubing.com/static/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yiwubing.com/static/js/wp-emoji-release.min.js
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
HTTP/1.1
Server
101.32.74.54 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 21:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 16:23:28 GMT
Server
nginx
ETag
W/"6081a300-37a6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 12 Mar 2022 09:59:48 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/ 		293 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7732194202087209&plah=yiwubing.com&bust=31065607
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7732194202087209
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82e404a65f5c239c618041f0209d69d1ac357fb0d5ffde7dad511db517efa93f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108332
x-xss-protection
0
server
cafe
etag
11424779170982528820
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:59:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 157C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7732194202087209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Fri, 11 Mar 2022 00:08:55 GMT
expires
Fri, 25 Mar 2022 00:08:55 GMT
cache-control
public, max-age=1209600
age
78652
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/static/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yiwubing.com/
Origin
http://yiwubing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:17:32 GMT
x-content-type-options
nosniff
age
348136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 07 Mar 2023 21:17:32 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/static/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yiwubing.com/
Origin
http://yiwubing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:17:09 GMT
x-content-type-options
nosniff
age
31359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57116
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 23:13:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Mar 2023 13:17:09 GMT
fontawesome-webfont.woff
blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/ 		0
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/static/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://yiwubing.com/
Origin
http://yiwubing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 18:02:23 GMT
x-content-type-options
nosniff
age
187045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 18:02:23 GMT
blog_img_041421_tyler_lorena.jpg
cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/
Redirect Chain
  • https://blogs.kellogg.northwestern.edu/inside/files/2021/04/blog_img_041421_tyler_lorena.jpg
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041421_tyler_lorena.jpg
72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041421_tyler_lorena.jpg
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Server
151.139.244.23 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
f3aad0ccc2c20b61aa74d1e152c9b75f73181ab553e7e86e9b175236b4224233

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-compressed
81.43
date
Fri, 11 Mar 2022 21:59:50 GMT
last-modified
Wed, 21 Apr 2021 12:10:31 GMT
server
nginx
etag
"ba4bf89df3396ac47b3a329c53c9e6bf"
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
73356
expires
Mon, 06 Mar 2023 21:59:49 GMT

Redirect headers

date
Fri, 11 Mar 2022 21:59:48 GMT
server
openresty
cache-control
public, max-age=31536000
etag
f2e72777350167edc2a50754d7496223
x-cache
BYPASS
content-type
image/jpeg
location
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041421_tyler_lorena.jpg
x-cache-bypass-reason
Arguments found
cookie.js
partner.googleadservices.com/gampad/ 		216 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=yiwubing.com&callback=_gfp_s_&client=ca-pub-7732194202087209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7732194202087209&plah=yiwubing.com&bust=31065607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f2df1fd422f4a9ca44fa8288441c1c9d76bcfb93a5974536adc57350a9d2858e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yiwubing.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7732194202087209&plah=yiwubing.com&bust=31065607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 21:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yiwubing.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7732194202087209&plah=yiwubing.com&bust=31065607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 21:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1C66 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732194202087209&output=html&adk=1812271804&adf=3025194257&lmt=1631674785&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fyiwubing.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1647035987754&bpp=1013&bdt=145&idt=1122&shv=r20220308&mjsv=m202203090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6844395663289&frm=20&pv=2&ga_vid=627489783.1647035989&ga_sid=1647035989&ga_hid=1309202196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C44758396%2C31065370%2C31065607%2C31063247&oid=2&pvsid=3699682148437408&pem=997&tmod=629747450&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=1142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7732194202087209&plah=yiwubing.com&bust=31065607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 11 Mar 2022 21:59:48 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Mar 2022 21:59:48 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 13BD 		93 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6c979a050527f5ba6e138687910d17f965e3526fc822ced5eeaa4babd53a840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 11 Mar 2022 21:59:49 GMT
server
cafe
content-length
33446
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Mar 2022 21:59:49 GMT
cache-control
private
kengos_blog_img_042021-660x440.jpg
cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/
Redirect Chain
  • https://blogs.kellogg.northwestern.edu/inside/files/2021/04/kengos_blog_img_042021-660x440.jpg
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/kengos_blog_img_042021-660x440.jpg
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/kengos_blog_img_042021-660x440.jpg
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Server
151.139.244.23 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
cd2a211f6a7c51a8d0c95ad4123e1193ef039c24f4ba01f80477a9fa2219dfaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-compressed
20.53
date
Fri, 11 Mar 2022 21:59:50 GMT
last-modified
Wed, 21 Apr 2021 22:42:26 GMT
server
nginx
etag
"a1099f0ade224cb0473319fe0880d7a1"
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
24635
expires
Mon, 06 Mar 2023 21:59:49 GMT

Redirect headers

date
Fri, 11 Mar 2022 21:59:49 GMT
server
openresty
cache-control
public, max-age=31536000
etag
f9974968729b581f2685e23720a7b6e9
x-cache
BYPASS
content-type
image/jpeg
location
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/kengos_blog_img_042021-660x440.jpg
x-cache-bypass-reason
Arguments found
blog_img_041921_emily_bri-660x440.jpg
cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/
Redirect Chain
  • https://blogs.kellogg.northwestern.edu/inside/files/2021/04/blog_img_041921_emily_bri-660x440.jpg
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041921_emily_bri-660x440.jpg
51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041921_emily_bri-660x440.jpg
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Server
151.139.244.23 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
72c61d1bc2d6f8392db5037e877166964eef56dbfe87953e805478ef7c5c46cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-compressed
8.74
date
Fri, 11 Mar 2022 21:59:50 GMT
last-modified
Mon, 19 Apr 2021 22:21:46 GMT
server
nginx
etag
"ffcbc82923d079a17f326b6fe60b7471"
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
52302
expires
Mon, 06 Mar 2023 21:59:50 GMT

Redirect headers

date
Fri, 11 Mar 2022 21:59:49 GMT
server
openresty
cache-control
public, max-age=31536000
etag
958bfb7306f33804e015b1e1dae24577
x-cache
BYPASS
content-type
image/jpeg
location
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2021/04/blog_img_041921_emily_bri-660x440.jpg
x-cache-bypass-reason
Arguments found
HUB-FINAL_blog_img_072320-660x440.jpg
cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2020/07/
Redirect Chain
  • https://blogs.kellogg.northwestern.edu/inside/files/2020/07/HUB-FINAL_blog_img_072320-660x440.jpg
  • https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2020/07/HUB-FINAL_blog_img_072320-660x440.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2020/07/HUB-FINAL_blog_img_072320-660x440.jpg
Requested by
Host: yiwubing.com
URL: http://yiwubing.com/
Protocol
H2
Server
151.139.244.23 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Fri, 11 Mar 2022 21:59:49 GMT
server
openresty
cache-control
public, max-age=31536000
etag
c4828a3740edec9cb5158ae8e258a222
x-cache
BYPASS
content-type
image/jpeg
location
https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2020/07/HUB-FINAL_blog_img_072320-660x440.jpg
x-cache-bypass-reason
Arguments found
fontawesome-webfont.ttf
blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/ 		0
0
f0bb7a1f705d608239f854e986aba8ab.js
www.gstatic.com/mysidia/ Frame 13BD 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f0bb7a1f705d608239f854e986aba8ab.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 10:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3745
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:04:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 10:14:08 GMT
91e0c874f9703d67138113c8fcce6f41.js
www.gstatic.com/mysidia/ Frame 13BD 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/91e0c874f9703d67138113c8fcce6f41.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d144e3cedf9b96679caf134416822a66a20c41a61f5569ae0ff09779581fe69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 10:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3714
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:55:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 10:15:05 GMT
css
fonts.googleapis.com/ Frame 13BD 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9faa887081053d0ba3aa93fe82b3bb77190d4e43cfed2f20fbbde79c3f51f9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 20:07:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 11 Mar 2022 21:59:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Mar 2022 21:59:49 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 13BD 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 21:55:16 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 13BD 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7865
x-xss-protection
0
server
cafe
etag
17470246482903461409
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 21:58:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 13BD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 21:59:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 13BD 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 21:59:49 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 13BD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 21:57:18 GMT
l
www.google.com/ads/measurement/ Frame 13BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtgxlhOy0fZZCu-Tkmdt6uM9hFSH4Wd_VNJA8jWB18mSWiowR_LOGVHHEnITwpq9BS03X1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
35849274faa25b88196bf3c3ff2d72d2.js
www.gstatic.com/mysidia/ Frame 13BD 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 10:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11831
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:55:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 10:13:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 13BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChmKgVcYrYuGJAZK2tweA-5PgCamS-5Jor_T6z7kL3fLA7-IMEAEg6ODGKmCVgoCArAegAcDOrt0CyAEBqQJ1v1NOJCWBPqgDAcgDwwSqBN8BT9AYMTxw6NXCX0eLbDyUUYwu4FjlO6EKPhGQSLXyOQotRXHZTMi0Z7FNdTY3eyMFkhobFLsQkF6onloB-caP7Vxd5z4SHmoG6Js6SDIrGxFXPCJax9ZPf1rFMoO7MrTgQY60fi7LIG8fxKQLJG3SzVkfIVySPozRDKe0SQXA_ug0VWK8FgfSFYZgmCzoU5kSmyOkLJOM5DCxzCuwusWqw6KMM_6z0shAuqIySDdOzwDvmoXiiD8haV80OvflIwsY6usoHESxIoLotPb8bLC7HXOH1mX-of4WP_cQLZjEXcAEhLryzvcCkgUECAQYAZIFBAgFGASgBlGAB6ix0aIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQlu0f0ggJCIDhgHAQARgfgAoByAsB2BMLiBQC0BUBmBYBgBcBshccChoIABIUcHViLTQwOTE5MzUzNzYwMTIwNDQYAA&sigh=arecen74BgI&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 11 Mar 2022 21:59:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8510 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Fri, 11 Mar 2022 21:03:19 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
3390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 13BD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ddef606d60f088dbc2176fedc9c0fbbe1689038f1a81b5b4b4710fbd1cbe330

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 13BD 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49bbb839b2ee4dc7e2d7af28a4b4a1fab796590c9d28aa58787b55dfae8c43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 22:45:24 GMT
x-content-type-options
nosniff
age
256465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17084
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Mar 2023 22:45:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8510
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 11 Mar 2022 21:59:49 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Mar 2022 21:59:49 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 11 Mar 2022 21:59:49 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
pagead2.googlesyndication.com/bg/ Frame A978 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4091935376012044&output=html&h=280&slotname=3395405790&adk=3183436490&adf=323118133&w=336&lmt=1602654183&psa=1&guci=2.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fpingu.blog%2Fgundam-info%2F&region=test&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602654183173&bpp=1&bdt=128&idt=217&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D21eb86606e07820d-22f3fcf80dc4002d%3AT%3D1602651360%3ART%3D1602651360%3AS%3DALNI_MZQqlNIo_xVKGmHSi5F9BADBW8Zmw&prev_fmts=750x100&nras=1&correlator=4396040267718&frm=20&pv=1&ga_vid=1195582628.1602604299&ga_sid=1602654183&ga_hid=1721528672&ga_fc=0&iag=0&icsg=281474618796704&dssz=61&mdo=0&mso=0&u_tz=480&u_his=5&u_java=0&u_h=1440&u_w=3440&u_ah=1400&u_aw=3440&u_cd=24&u_nplug=3&u_nmime=4&adx=1136&ady=972&biw=3421&bih=1297&scr_x=0&scr_y=200&eid=21067166%2C21067553&oid=3&pvsid=2638180635814425&pem=263&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C3440%2C0%2C3440%2C1400%2C3438%2C1297&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8200&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7eP0YiYS2k&p=https%3A//pingu.blog&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 22:03:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
86169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13712
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Mar 2023 22:03:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7732194202087209&plah=yiwubing.com&bust=31065607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f48ce42de3c59fb86ff44b9e7b5cd624ab5b4e0529777ae6f7162d29043c57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 21:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10513
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7732194202087209&plah=yiwubing.com&bust=31065607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 21:59:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD50 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 19:50:21 GMT
expires
Sat, 11 Mar 2023 19:50:21 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
7769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 70DC 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
532f597c415e00402bbe0f18a0d2284c323222d9636ace2b0b7abbfd09cb006e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2PXva9StxzxRZzMvVb5Lzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 11 Mar 2022 21:59:50 GMT
date
Fri, 11 Mar 2022 21:59:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-2PXva9StxzxRZzMvVb5Lzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
pagead2.googlesyndication.com/bg/ Frame DD50 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 22:03:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
86170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13712
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Mar 2023 22:03:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 70DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=3699682148437408&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DD50 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2ZRxaQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:59:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=3699682148437408&bg=!z8ylzIjNAAb7UztL-1M7ACkAdvg8Wi4zwIispV1OAgIE0nR-EMGggqPV5emdAT6d_WZ6TMj8ROzitAIAAABaUgAAAAFoAQeZAtb2N7UdkDL4jWaUfDDyapczMxc_-Ib9e98QvWeDl7YlJTmPzOdB9KAWqx8GW0NAZxeY8C6KcGv4VuF-TXec83C0R1hUP_W0Cuee8CFo44-gCOIld09iWsjphIjbUE6oEHSMeILO9UCDyzfkS0Il6lWyl9BijVpHfK9WU_nKBWIpgmuoChOrRemoi30EMepj7uQNKKT4XswaWH5TuBvW4CpoEQvyfKnVOmDBM3mh4Q1L0MSffSL8NriphuDOS5Bn7i47rAYyssW5Xs83c3XKEhXSBOXSXNl1PaDMsC3Bx7kNV9Xi2hd5ve1ehd5J2rNkO280WE77bGLhJcP6B4Gaqtgk5XynHojYvrGa85kVUjZKHfsewtLe_zj0WV-IYu-cekepnrR8adYW5h_VkGPgO5aC1p-ezVJ0WdVLMNwQK8nxsmh7deiMh9HgrFd-r4XxWVgWfYIQxLm1kad2RUyEmC8kVc6dkrLchAAGDz94ED3dWu4t3iG-BqFAEtyk4G33AhMonP7IxYMsyw3o84CxUeLYthWLvRBOMd2uL-OD6p2CcFO15H3R8nsN3lUSpKjvVkTfZ_WSh-YTP-5_76a__XnEFOk_N69moN1T3JZaoTIepLA1eISEZRcvndiC9uPk_sL9aJ8H3sQxtlWfDq-6r65CIErXwWXf8bzHctxKuD3hbGE4vcZ2L9RaZ36VTudbfMI1UrMx7FyKgY1tcfgsWt7E8paiR8D8yGS0crKUDIVNoL-xyf09f9sFc6KKkkmL7egl2vzNX8Rq8We9a1p08QBTst-hBGlJnN2RRcGebX6sS5XUwU0GEgdZdy5jZSbhZQa0T9QelDX87SVx-RpGzqLdxGx_gkK9KTXTB8wP-Li2kE8ar9gt-DF-Dp-ZXt_fNF3b1slmDJ7q4fcGkbRL_yJ1gLQZGPRd2nr78VGrWbTjRji8MhCwbnc60tDmDH5cY02Hra9YF7g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://yiwubing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 21:59:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blogs.kellogg.northwestern.edu
URL
https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/fontawesome-webfont.woff?v=4.1.0
Domain
blogs.kellogg.northwestern.edu
URL
https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/fontawesome-webfont.ttf?v=4.1.0

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored object| _wpemojiSettings object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots string| ajaxurl object| msreader_featured_posts undefined| $ function| jQuery object| tdmagazineParams boolean| jQueryMigrateHelperHasSentDowngrade function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry function| imagesLoaded function| smallScreen object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.yiwubing.com/ Name: __gads
Value: ID=7f10215c221aae91-227c45d958cd003e:T=1647035988:RT=1647035988:S=ALNI_MaBhf5m66j6X5VHOdkKmbuz7zTvlg
.doubleclick.net/ Name: IDE
Value: AHWqTUk9Lkl0rvcAWCc4U8wdpNrYcDqCFUTzEuFVjzNJ3cgGDcPdeEMcYaiH_MfHF6w
.doubleclick.net/ Name: DSID
Value: NO_DATA

6 Console Messages

Source Level URL
Text
javascript error URL: http://yiwubing.com/
Message:
Access to font at 'https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/fontawesome-webfont.woff?v=4.1.0' from origin 'http://yiwubing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/fontawesome-webfont.woff?v=4.1.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://yiwubing.com/
Message:
Access to font at 'https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/fontawesome-webfont.ttf?v=4.1.0' from origin 'http://yiwubing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://blogs.kellogg.northwestern.edu/inside/wp-content/themes/tdmagazine/fonts/fontawesome-webfont.ttf?v=4.1.0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cms.kellogg.northwestern.edu/bundle/beacon
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cpb-us-w2.wpmucdn.com/blogs.kellogg.northwestern.edu/dist/4/9/files/2020/07/HUB-FINAL_blog_img_072320-660x440.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
blogs.kellogg.northwestern.edu
cms.kellogg.northwestern.edu
cpb-us-w2.wpmucdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
yiwubing.com
blogs.kellogg.northwestern.edu
101.32.74.54
142.250.185.226
151.139.244.23
165.124.147.158
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
34.215.37.29
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07cb056355170a945ff8cb7f33fbd67abe80ff2f04d52057546bd76501635e41
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
236527a0a61d1932d0df456bad0058682db2d3a8ef7d4c9a1c5e86f36dd576a0
2baae83ea1f1a5b3310b572483a9982c17f85eb063beddc47d3683acc73b2c65
2d144e3cedf9b96679caf134416822a66a20c41a61f5569ae0ff09779581fe69
2ddef606d60f088dbc2176fedc9c0fbbe1689038f1a81b5b4b4710fbd1cbe330
2f48ce42de3c59fb86ff44b9e7b5cd624ab5b4e0529777ae6f7162d29043c57c
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
532f597c415e00402bbe0f18a0d2284c323222d9636ace2b0b7abbfd09cb006e
53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ce49db13d88f808015f4aa09033078e6a17ba5acc0667d7fa9b0751a2dd268
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69693227b71564cde386dd6207b83a9967cd3a3dcb36d31d11124e8d0894caf2
6a44e0a4e4f30e3dcaeac039ba35888d3d2c484031db3cd74b16a4eea0fbc219
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
705f71dd6e127300efec5b651c403dc6acd9e7cccc458f1ce085f46f677f0722
72c61d1bc2d6f8392db5037e877166964eef56dbfe87953e805478ef7c5c46cb
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
82e404a65f5c239c618041f0209d69d1ac357fb0d5ffde7dad511db517efa93f
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
c9faa887081053d0ba3aa93fe82b3bb77190d4e43cfed2f20fbbde79c3f51f9a
cc571a2814efa4071d70ded467436135f1c8b18e5baacbd1c2b2653fded80a4a
cd2a211f6a7c51a8d0c95ad4123e1193ef039c24f4ba01f80477a9fa2219dfaa
ce65a532b282a47f9eef1a383b68347e68a06ce97a8ce2b05e10bb9e912cb39c
ce667621f04178c49d6cceb4fac0b67bb6a72da41c1e313a103089f398900d15
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
e17ecac26448e98e0f5a9bd4cb366ee269664338ca748b28612415aa96cf8812
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
f2df1fd422f4a9ca44fa8288441c1c9d76bcfb93a5974536adc57350a9d2858e
f3aad0ccc2c20b61aa74d1e152c9b75f73181ab553e7e86e9b175236b4224233
f49bbb839b2ee4dc7e2d7af28a4b4a1fab796590c9d28aa58787b55dfae8c43c
f67e47d0233a2c0a611da80af0d72f87be1a688b0828c5ea1c4432521f02af04
f6c979a050527f5ba6e138687910d17f965e3526fc822ced5eeaa4babd53a840
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b