ningbocat.com Open in urlscan Pro
47.243.120.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ningbocat.com/post/1422.html
Submission: On July 19 via api (July 19th 2023, 4:12:19 am UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 8 countries across 24 domains to perform 78 HTTP transactions. The main IP is 47.243.120.56, located in Central, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is ningbocat.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on August 4th 2022. Valid for: a year.

This is the only time ningbocat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	47.243.120.56 47.243.120.56	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:c800:0:e2b1:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a02:26f0:480... 2a02:26f0:480:22::1726:62d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	2600:9000:225... 2600:9000:2251:c800:12:30a1:de00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	171.8.167.89 171.8.167.89	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
78	24

26 47.243.120.56 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

ningbocat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c800:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

jspassport.ssl.qhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsdkprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:22::1726:62d3 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:c800:12:30a1:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 171.8.167.89 (Zhengzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 8.171.broad.ha.dynamic.163data.com.cn

s.360.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	ningbocat.com ningbocat.com	514 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	32 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	220 KB
4	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1588 ams3-ib.adnxs.com — Cisco Umbrella Rank: 5855	29 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 113 region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	2 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 59	7 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4752	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	143 KB
1	360.cn s.360.cn — Cisco Umbrella Rank: 24193	240 B
1	qhres2.com s.ssl.qhres2.com — Cisco Umbrella Rank: 80200	928 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 857	340 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8041	559 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 981	714 B
1	azureedge.net adsdkprod.azureedge.net — Cisco Umbrella Rank: 55775	25 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	57 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 10774	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	464 B
1	qhimg.com jspassport.ssl.qhimg.com — Cisco Umbrella Rank: 77367	467 B
0	baidu.com Failed bdimg.share.baidu.com Failed
78	24

	Domain	Requested by
26	ningbocat.com	ningbocat.com
7	pagead2.googlesyndication.com	ningbocat.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
2	www.google.com	ningbocat.com tpc.googlesyndication.com
2	www.google.de	ningbocat.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c1.adform.net	2 redirects
2	www.googletagmanager.com	ningbocat.com www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s.360.cn	ningbocat.com
1	s.ssl.qhres2.com	jspassport.ssl.qhimg.com
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	ningbocat.com
1	a.tribalfusion.com	1 redirects
1	adsdkprod.azureedge.net	adsdk.microsoft.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	jspassport.ssl.qhimg.com	ningbocat.com
0	bdimg.share.baidu.com Failed	ningbocat.com
78	31

This site contains links to these domains. Also see Links.

Domain
weibo.com
blog.csdn.net
url55.ctfile.com
www.ytecn.com

Subject Issuer	Validity	Valid
ningbocat.com Encryption Everywhere DV TLS CA - G1	`2022-08-04` - `2023-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.ssl.qhimg.com WoTrus DV Server CA [Run by the Issuer]	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-07-16` - `2024-06-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.ssl.qhres2.com WoTrus DV Server CA [Run by the Issuer]	`2023-02-28` - `2024-02-28`	a year	crt.sh
*.s.360.cn WoTrus DV Server CA [Run by the Issuer]	`2022-12-16` - `2023-12-16`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://ningbocat.com/post/1422.html
Frame ID: CFEF42819CDB9D026581AFF20697E9A0
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html
Frame ID: DA99D7D0EE79359EE0D1C8A58B063F8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&adk=1812271804&adf=3025194257&lmt=1689739931&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931470&bpp=8&bdt=1424&idt=186&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2140746908788&frm=20&pv=2&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: F3493FA88F0DF27998DD3BE80829D70B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=280&adk=3728905271&adf=3243104362&pi=t.aa~a.1080308218~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=1080x280&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931478&bpp=3&bdt=1432&idt=220&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n9pzq8HgT9&p=https%3A//ningbocat.com&dtd=223
Frame ID: F32DD461A3BFE27CD592281CA8A66638
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6
Frame ID: C708BE3CE28D0342923468B0240660E7
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 34F99BCA24612BD93530DA62E38647F4
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B362A9CC5CE6D80781D5CB807BD780B9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F0D11FD13E9FB3E65B85B7D25D8ABEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1169F91F817CD148A290460233C1157
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

用谷歌浏览器将英文文档翻译成中文的方法（无字数限制）-第1页-宁波猫的窝

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

90 %
HTTPS

52 %
IPv6

24
Domains

31
Subdomains

24
IPs

8
Countries

1059 kB
Transfer

2224 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://weibo.com/ningbocat

Search URL Search Domain Scan URL

URL: https://blog.csdn.net/fuzimango/article/details/77419080
Title: https://blog.csdn.net/fuzimango/article/details/77419080

Search URL Search Domain Scan URL

URL: https://url55.ctfile.com/d/14928255-51825676-129ac2?p=7242
Title: https://url55.ctfile.com/d/14928255-51825676-129ac2?p=7242

Search URL Search Domain Scan URL

URL: http://www.ytecn.com/
Title: 唐朝

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=076a6bcb-7f58-402d-97bd-607dc35eb626&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ce32bf34-443c-45b4-aea4-434000f76d2d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dc0931524bdac4cfb848cff7dc5205403%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_tbbq_ovat&aid=8340915952835214449&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c0931524bdac4cfb848cff7dc5205403&SNR=1&GV=2&med=10

Request Chain 48

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGoi5pVja04EPIcTMD6aZz0&google_cver=1&google_push=AaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoi5pVja04EPIcTMD6aZz0&google_cver=1&google_push=AaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 49

https://um.simpli.fi/gp_match?google_gid=CAESEB281-ObvnmE246fcP9uS4U&google_cver=1&google_push=AaAOQGEWMgINuumHHni3TO51vRPDSzc6TVuvew5caXYm4MOVu48MHe8lw6JWXTL_FUMWDeUxZAg7AKKooaMaq0L3JSax4gumraOTGUU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E717F50BB3C64334BA690A2106A29977&google_push=AaAOQGEWMgINuumHHni3TO51vRPDSzc6TVuvew5caXYm4MOVu48MHe8lw6JWXTL_FUMWDeUxZAg7AKKooaMaq0L3JSax4gumraOTGUU

Request Chain 51

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGSVpqDodVnL3efY0BphkX8&google_cver=1&google_push=AaAOQGGz0wkYJqOATlzdvf81XeJLqhtO0HGoDEEJ8WDTVNkg-ctSJ2bPcFyYRZIJT9h2aABw0ewpCGVnp49MqOxKEEg_LZZH0Jy8HcnF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2HCtxCwITxqMNkY7qBROUw2&google_push=AaAOQGGz0wkYJqOATlzdvf81XeJLqhtO0HGoDEEJ8WDTVNkg-ctSJ2bPcFyYRZIJT9h2aABw0ewpCGVnp49MqOxKEEg_LZZH0Jy8HcnF

Request Chain 53

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqZipGg-XR8H0xHmWSCKtQ&google_cver=1&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj0jQi6RNJnDasDcawYwCsKv_qzHl8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHqZipGg-XR8H0xHmWSCKtQ&google_cver=1&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj0jQi6RNJnDasDcawYwCsKv_qzHl8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxOTQ0MjE2MjY4MzI3MDQyMA&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj0jQi6RNJnDasDcawYwCsKv_qzHl8

Request Chain 54

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENeIVSP7e8LgkNkdn1AZGfU&google_cver=1&google_push=AaAOQGG2WRjiFiUb5Wu3jxHY6symVfKbSgWhCz-yNG-Eq6sGvgZOGfqwSulUey7jazsFX2wFd9Q4WQGMafKrrdrHxp3Mf6cW3wRb1Obz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGG2WRjiFiUb5Wu3jxHY6symVfKbSgWhCz-yNG-Eq6sGvgZOGfqwSulUey7jazsFX2wFd9Q4WQGMafKrrdrHxp3Mf6cW3wRb1Obz

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 1422.html Show response
ningbocat.com/post/ 60 KB
11 KB 1877ms
374ms Document
text/html 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://ningbocat.com/post/1422.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

57228791f3956f700a99abc935d1ebc0a6cfe180a823e0b24e85b332decd5024

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 11141
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Jul 2023 04:12:09 GMT
Keep-Alive: timeout=15, max=300
Product: Z-BlogPHP 1.7.3
Server: Apache
Upgrade-Insecure-Requests: 1
Vary: User-Agent,Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
ningbocat.com/zb_users/theme/Tcbymt/style/ 63 KB
13 KB 209ms
196ms Stylesheet
text/css 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 0f3bd67c4c6c63be3f7e95c2e1aeb2a129c11be142a22247a914266cce5757a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 05:31:22 GMT
Server: Apache
ETag: "a0147-fa0c-5dc1de7a3fe80"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=299
Content-Length: 13250

GET
H/1.1 200
OK common.js Show response
ningbocat.com/zb_system/script/ 907 B
818 B 648ms
194ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_system/script/common.js
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 313fdcaabffeaa889d2c7e479fe39efe856436ad98fecab6ce6b1aef24fea3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Apr 2021 01:45:30 GMT
Server: Apache
ETag: "9fcfe-38b-5bfbcab2a8280"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=297
Content-Length: 471

GET
H/1.1 200
OK c_html_js_add.php Show response
ningbocat.com/zb_system/script/ 3 KB
1 KB 917ms
332ms Script
application/x-javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_system/script/c_html_js_add.php
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: de08e0cdfca6a3726c7592eaa4317b55e3372dafc3a8a45231a7647b52c88395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:10 GMT
Content-Encoding: gzip
Server: Apache
Product: Z-BlogPHP 1.7.3
Etag: W/44beca04f799b88b316a0884dbb9e2b9
Vary: User-Agent,Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Keep-Alive: timeout=15, max=299
Content-Length: 1165

GET
H/1.1 200
OK fancybox.css
ningbocat.com/zb_users/theme/Tcbymt/style/fancybox/ 4 KB
2 KB 453ms
194ms Stylesheet
text/css 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/fancybox/fancybox.css
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: fb65d203861737b252aa8933c89fd69d6681798136806c01b3f9075388c84fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:55:16 GMT
Server: Apache
ETag: "a00fd-fe5-5dc2c7ceafd00"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=298
Content-Length: 1266

GET
H/1.1 200
OK fancybox.js Show response
ningbocat.com/zb_users/theme/Tcbymt/script/ 23 KB
9 KB 843ms
195ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/script/fancybox.js
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 7dff661466a5370d1c1d24d1d8f2620ba7c1a04bf8f0672c9e4b225a308b09b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:55:10 GMT
Server: Apache
ETag: "a00ef-5bea-5dc2c7c8f6f80"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=296
Content-Length: 8780

GET
H/1.1 200
OK dm_fy.css
ningbocat.com/zb_users/plugin/dm_fy/ 852 B
700 B 583ms
195ms Stylesheet
text/css 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/plugin/dm_fy/dm_fy.css
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: fcdbc3c95c570280739f2b9230f706ddedb0c25a41612e58b02851d3b3cd6b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:29:36 GMT
Server: Apache
ETag: "9fec0-354-5dc2c21207400"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=300
Content-Length: 367

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 91ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7855408881266272

Requested by

Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

495f4c42d7075a2e1243ba0e3f880f365056bcfa8a188df88ad0e64c314c9983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ningbocat.com/
Origin: https://ningbocat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50508
x-xss-protection: 0
server: cafe
etag: 4731695671851987189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 04:12:11 GMT

GET
H/1.1 200
OK 201809191537330197430208.png
ningbocat.com/zb_users/upload/2018/09/ 83 KB
84 KB 2031ms
239ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/upload/2018/09/201809191537330197430208.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 6a08e9b8b4c9af8a11b957efe6ebf9e625297f2a26014074898a81cf8746d52a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:13 GMT
Last-Modified: Wed, 19 Sep 2018 04:09:56 GMT
Server: Apache
ETag: "c334f-14d4f-57631943c2d00"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=286
Content-Length: 85327

GET
H/1.1 200
OK 201809191537330210441992.png
ningbocat.com/zb_users/upload/2018/09/ 286 KB
286 KB 1030ms
195ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/upload/2018/09/201809191537330210441992.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 878c6150aded864ff615145f9d634a487e1bd6be3a6a4223be8393b7a8c9e817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:12 GMT
Last-Modified: Wed, 19 Sep 2018 04:10:10 GMT
Server: Apache
ETag: "c3301-47736-576319511cc80"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=293
Content-Length: 292662

GET
H/1.1 200
OK 0.png
ningbocat.com/zb_users/avatar/ 2 KB
2 KB 835ms
195ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/avatar/0.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: d284115b6f0994410d2466ab471727d867c1c183dcdafed233c902ece5d76b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:12 GMT
Last-Modified: Fri, 08 Apr 2022 22:20:52 GMT
Server: Apache
ETag: "9fc06-607-5dc2c01e4d900"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=294
Content-Length: 1543

GET
H/1.1 200
OK c_validcode.php
ningbocat.com/zb_system/script/ 2 KB
2 KB 2089ms
369ms Image
image/jpeg 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_system/script/c_validcode.php?id=cmt
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 82ea1ccabec22bfcdf9145b0d2cd349569edbf1f9674874501bfc2de22d4e18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:14 GMT
Server: Apache
Product: Z-BlogPHP 1.7.3
Vary: User-Agent
Transfer-Encoding: chunked
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=15, max=285

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 43ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-356694-6

Requested by

Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03b12ef1a2799f5c0592dfb099c86c30845111b841b70ae835db3e45dd005498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65823
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jul 2023 04:12:11 GMT

GET
H/1.1 200
OK comments.min.js Show response
ningbocat.com/zb_users/theme/Tcbymt/script/ 11 KB
4 KB 196ms
196ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/script/comments.min.js?ver=2.0
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 952cb9cbbba19f8df7ebf887df6923b054f6db17181987b9cf6dc28a11e6b4aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:55:10 GMT
Server: Apache
ETag: "a00ee-2a61-5dc2c7c8f6f80"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=297
Content-Length: 3815

GET
H/1.1 200
OK global.min.js Show response
ningbocat.com/zb_users/theme/Tcbymt/script/ 8 KB
3 KB 195ms
194ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/script/global.min.js?ver=2.1.1
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: eeaea9ff658a6e3ef3e3c0447f9e18aac0151954abece3b30e121e5d52ae7b62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:55:10 GMT
Server: Apache
ETag: "a00f0-214a-5dc2c7c8f6f80"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=294
Content-Length: 2994

GET
H/1.1 200
OK lightbox.min.js Show response
ningbocat.com/zb_users/theme/Tcbymt/script/ 7 KB
2 KB 1218ms
194ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/script/lightbox.min.js?ver=2.1.1
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 5e9a7e233ee9f1f21c6827835ceccd42edcc3e8fcd90a10ba2235cf1bd7af699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:55:14 GMT
Server: Apache
ETag: "a00f4-1bfe-5dc2c7ccc7880"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=289
Content-Length: 2026

GET
H/1.1 200
OK highlight.pack.js Show response
ningbocat.com/zb_users/theme/Tcbymt/script/ 35 KB
14 KB 1447ms
228ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/script/highlight.pack.js?ver=2.1.1
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 874250819ade398694f80d5d8f176031d1f1a96dc1d617bd9b14e1ae1b522ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:55:12 GMT
Server: Apache
ETag: "a00f1-8b9d-5dc2c7cadf400"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=288
Content-Length: 13596

GET
H/1.1 200
OK superslide.min.js Show response
ningbocat.com/zb_users/theme/Tcbymt/script/ 11 KB
4 KB 1780ms
228ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/script/superslide.min.js?ver=2.1.1
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 6b2351b69642a2bbd17494af43e42e1418e0f8c6b8168095da3d593373f18b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 22:55:14 GMT
Server: Apache
ETag: "a00f6-2b05-5dc2c7ccc7880"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=287
Content-Length: 3300

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
ningbocat.com/zb_system/script/ 91 KB
33 KB 394ms
199ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_system/script/jquery-1.8.3.min.js
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_system/script/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 32c696facdc745fe3f18c62fc0e8e35dbce7dc26261599ad8feeff2456592680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 12:18:04 GMT
Server: Apache
ETag: "9fd03-16dc7-5cba31b703700"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=295
Content-Length: 33437

GET
H/1.1 200
OK zblogphp.js Show response
ningbocat.com/zb_system/script/ 7 KB
3 KB 465ms
223ms Script
application/javascript 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_system/script/zblogphp.js
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_system/script/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/post/1422.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jun 2020 07:05:30 GMT
Server: Apache
ETag: "9fd0f-1c24-5a728a73ee280"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=298
Content-Length: 2332

GET share.js
bdimg.share.baidu.com/static/api/js/ 0
0

GET like_shell.js
bdimg.share.baidu.com/static/js/ 0
0

GET
H2 200 11.0.1.js Show response
jspassport.ssl.qhimg.com/ 106 B
467 B 1239ms
466ms Script
application/x-javascript 2600:9000:206f:c800:0:e2b1:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jspassport.ssl.qhimg.com/11.0.1.js?589675c6f8ba7df9c4060a201715499e
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c800:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955

Request headers

Referer: https://ningbocat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 19 Jul 2023 04:12:12 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
kcs-via: REVALIDATED from w-fc01.lato;MISS from w-sc02.bjyt
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
cache-control: max-age=600
x-amz-cf-id: iur_F14GayY1fahpYaZVGTJP9l0VJth3S8twVRffi1gdLoDCLA6RIQ==
expires: Wed, 19 Jul 2023 04:22:12 GMT

GET
H/1.1 200
OK bg.png
ningbocat.com/zb_users/theme/Tcbymt/style/images/ 11 KB
12 KB 338ms
194ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/images/bg.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 381f7729dbe0d4576897fcd25f4014867eb6987763cf4077486d2bd7f55d8ae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:34 GMT
Server: Apache
ETag: "a0128-2cf4-5dc2c7dfda580"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=293
Content-Length: 11508

GET
H/1.1 200
OK prev.png
ningbocat.com/zb_users/theme/Tcbymt/style/images/ 1 KB
1 KB 640ms
195ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/images/prev.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 89f88a955261e7d53f722a4a521818689c582752bc546436324302912cc79bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:44 GMT
Server: Apache
ETag: "a013e-481-5dc2c7e963c00"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=295
Content-Length: 1153

GET
H/1.1 200
OK next.png
ningbocat.com/zb_users/theme/Tcbymt/style/images/ 1 KB
1 KB 976ms
194ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/images/next.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 0ff931352785bf7f1e41b15f88dd66200b2ac11409897bb0e8f7ddf9c41f5be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:12 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:44 GMT
Server: Apache
ETag: "a013d-47e-5dc2c7e963c00"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=290
Content-Length: 1150

GET
H/1.1 200
OK line.png
ningbocat.com/zb_users/theme/Tcbymt/style/images/ 501 B
795 B 782ms
194ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/images/line.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 224ad97d95b9bf8389e9796a1c2b8b9da520d56c973a8c1f7cf871814e678bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:12 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:40 GMT
Server: Apache
ETag: "a0136-1f5-5dc2c7e593300"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=291
Content-Length: 501

GET
H/1.1 200
OK icons-sprite.png
ningbocat.com/zb_users/theme/Tcbymt/style/images/ 6 KB
6 KB 571ms
194ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/images/icons-sprite.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: e792bca67db48196358d8fb02ac6292d22946e58ce38f1dbbdd60f53062985cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:38 GMT
Server: Apache
ETag: "a0131-1733-5dc2c7e3aae80"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=292
Content-Length: 5939

GET
H/1.1 200
OK red_asterisk.png
ningbocat.com/zb_users/theme/Tcbymt/style/images/ 223 B
516 B 1819ms
214ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/images/red_asterisk.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: aedbf5931ea1e3b27905ef6b6cd7de083e5472c1578c0d3343b62ebdc803d1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:14 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:44 GMT
Server: Apache
ETag: "a013f-df-5dc2c7e963c00"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=292
Content-Length: 223

GET
H/1.1 200
OK iconfont.woff
ningbocat.com/zb_users/theme/Tcbymt/style/font/ 18 KB
18 KB 277ms
195ms Font
application/x-font-woff 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/font/iconfont.woff?67326394
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: d6803cfcad0ad766099f3798549c2c2ef37c2c6ed2e24ee8323ee6b1d61df9d9

Request headers

Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Origin: https://ningbocat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:11 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:20 GMT
Server: Apache
ETag: "a0106-461c-5dc2c7d280600"
Vary: User-Agent
Content-Type: application/x-font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=296
Content-Length: 17948

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170201/ 357 KB
123 KB 85ms
71ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7855408881266272&plah=ningbocat.com&bust=31076209

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7855408881266272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc20555940758fec77cb84ccfa1d50207f1064b5ba3fcfcf26cb7bb1265c3c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125711
x-xss-protection: 0
server: cafe
etag: 18410802809842910268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 04:12:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/ Frame DA99 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7855408881266272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ningbocat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 19:25:45 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 19:25:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
464 B 30ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ningbocat.com&callback=_gfp_s_&client=ca-pub-7855408881266272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7855408881266272&plah=ningbocat.com&bust=31076209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c268c3d5a2603ff77e18ddf0f84ef73a0139ec8193652208f55d9b667eea7e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 435ms
16ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ningbocat.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F349 19 KB
5 KB 154ms
153ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&adk=1812271804&adf=3025194257&lmt=1689739931&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931470&bpp=8&bdt=1424&idt=186&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2140746908788&frm=20&pv=2&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84991fbb8b631ebab64d8d355fcbf2b8b21feda6602a208720f3c94d69478d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ningbocat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5194
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 04:12:11 GMT
expires: Wed, 19 Jul 2023 04:12:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F32D 436 B
384 B 164ms
164ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=280&adk=3728905271&adf=3243104362&pi=t.aa~a.1080308218~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=1080x280&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931478&bpp=3&bdt=1432&idt=220&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n9pzq8HgT9&p=https%3A//ningbocat.com&dtd=223

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b25c97def981dfae8025d58e7a9e6b7f9a8c4ffc588ee84ed33d05bf3c103fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ningbocat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 04:12:11 GMT
expires: Wed, 19 Jul 2023 04:12:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C708 56 KB
20 KB 260ms
260ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66166411e7e8b7ca9cc31f3f7a05c86c2660d98aad74bced167586178859e1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ningbocat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19927
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 04:12:12 GMT
expires: Wed, 19 Jul 2023 04:12:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 34F9 14 KB
6 KB 139ms
9ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1cbee518f6314d565c81f72af6f09dbc74cc770fce1a02a90b52c2c2dd480985

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 19 Jul 2023 04:12:12 GMT
content-encoding: br
last-modified: Tue, 11 Jul 2023 20:07:18 GMT
vary: Accept-Encoding
x-azure-ref: 20230719T041212Z-7xx38wxwd90yp81baf2pmuu8k0000000049g00000003t15s
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f763d8e6-601e-0019-7fec-b8a98f000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 34F9 80 KB
28 KB 39ms
6ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Wed, 19 Jul 2023 04:12:12 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 663352
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-fra-eddf8230056-FRA
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1689739932.263909,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 5, 262306

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 34F9 3 KB
1 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 34F9 20 KB
9 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F9 179 KB
57 KB 291ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 04:12:12 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 34F9
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=076a6bcb-7f58-402d-97bd-607dc35eb626&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ce32bf34-443c-45b4-aea4-434000f76d2d&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c0931524bdac4cfb848cff7dc5205403&SNR=1&GV=2&med=10

0
525 B

52ms
52ms

Image
text/plain

2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c0931524bdac4cfb848cff7dc5205403&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6
Protocol: H2
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C050EB5BECCA428DB3B3DED5E4FC4B67 Ref B: FRA31EDGE0113 Ref C: 2023-07-19T04:12:12Z
x-cdn-traceid: 0.13d53e17.1689739932.8eceffd
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 19 Jul 2023 04:12:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28258AF65A1241CAA11873CC28988B65 Ref B: MIL30EDGE1316 Ref C: 2023-07-19T04:12:12Z
x-cdn-traceid: 0.13d53e17.1689739932.8ecefa3
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c0931524bdac4cfb848cff7dc5205403&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 044f11c98027a2ea45a6.js Show response
adsdkprod.azureedge.net/native-to-display/ Frame 34F9 61 KB
25 KB 45ms
14ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdkprod.azureedge.net/native-to-display/044f11c98027a2ea45a6.js
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 819d2e67c083da04e6e95e9792723d2a97b722e52a6606e3179882ac9f7db02b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 19 Jul 2023 04:12:12 GMT
content-encoding: br
last-modified: Tue, 11 Jul 2023 20:07:17 GMT
vary: Accept-Encoding
x-azure-ref: 20230719T041212Z-f9ckwd3w953rzacrnxnwbze2f400000002kg00000000wpwc
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b7d2afea-101e-0082-13ee-b86bef000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 34F9 0
532 B 52ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&e=wqT_3QLrA-jrAQAAAwDWAAUBCJzF3aUGEPH4hrHf27jgcxgAKjYJAAAAnJdusj8RMzMz0gjhsT8ZAAAAgML19D8hMw0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4vfQFgAEBigEDVVNEkgUG8KqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vbmluZ2JvY2F0LmNvbS9wb3N0LzE0MjIuaHRtbIADAIgDAZADAJgDCaADAaoDAMADrALIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoBzFiIBQGYBQCgBY-d7a6Cvb_zdcAFAMkFAAUBEPA_0gUJITcFAXDYBQHgBQHwBZvGVvoFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvfQF0gcNFWUBJgjaBwYBXnAYAOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=fa481343c6b35c65f6f32d990e928a5b9ca10c71&bdref=https%3A%2F%2Fningbocat.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fningbocat.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7855408881266272%26output%3Dhtml%26h%3D600%26adk%3D296424415%26adf%3D82128889%26pi%3Dt.aa~a.602528404~rp.4%26w%3D292%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1689739931%26rafmt%3D1%26to%3Dqs%26pwprc%3D5397140053%26format%3D292x600%26url%3Dhttps%253A%252F%252Fningbocat.com%252Fpost%252F1422.html%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1689739931934%26bpp%3D1%26bdt%3D1889%26idt%3D1%26shv%3Dr20230717%26mjsv%3Dm202307170201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe399636feae2025-22c36ffdafe700d8%253AT%253D1689739931%253ART%253D1689739931%253AS%253DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w%26gpic%3DUID%253D00000c3ff50d82b6%253AT%253D1689739931%253ART%253D1689739931%253AS%253DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg%26prev_fmts%3D0x0%252C1080x280%26nras%3D3%26correlator%3D2140746908788%26frm%3D20%26pv%3D1%26ga_vid%3D1701805983.1689739932%26ga_sid%3D1689739932%26ga_hid%3D25011176%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1048%26ady%3D1599%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31076250%252C31076209%252C44788441%252C44796826%26oid%3D2%26pvsid%3D3488329001761458%26tmod%3D1531166533%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DhRrqJ42bcA%26p%3Dhttps%253A%2F%2Fningbocat.com%26dtd%3D6,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7855408881266272%26output%3Dhtml%26h%3D600%26adk%3D296424415%26adf%3D82128889%26pi%3Dt.aa~a.602528404~rp.4%26w%3D292%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1689739931%26rafmt%3D1%26to%3Dqs%26pwprc%3D5397140053%26format%3D292x600%26url%3Dhttps%253A%252F%252Fningbocat.com%252Fpost%252F1422.html%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1689739931934%26bpp%3D1%26bdt%3D1889%26idt%3D1%26shv%3Dr20230717%26mjsv%3Dm202307170201%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe399636feae2025-22c36ffdafe700d8%253AT%253D1689739931%253ART%253D1689739931%253AS%253DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w%26gpic%3DUID%253D00000c3ff50d82b6%253AT%253D1689739931%253ART%253D1689739931%253AS%253DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg%26prev_fmts%3D0x0%252C1080x280%26nras%3D3%26correlator%3D2140746908788%26frm%3D20%26pv%3D1%26ga_vid%3D1701805983.1689739932%26ga_sid%3D1689739932%26ga_hid%3D25011176%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1048%26ady%3D1599%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31076250%252C31076209%252C44788441%252C44796826%26oid%3D2%26pvsid%3D3488329001761458%26tmod%3D1531166533%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DhRrqJ42bcA%26p%3Dhttps%253A%2F%2Fningbocat.com%26dtd%3D6&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
an-x-request-uuid: 49d9ea55-736b-4dae-9361-c8e2f69eaf8a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.87; 146.70.117.87; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 34F9 6 KB
6 KB 18ms
17ms Image
image/jpeg 2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7284328859048_10VMDYN1DJO86MGDWC&pid=21.2&c=16&roil=0.1445&roit=0&roir=0.8564&roib=1&w=180&h=180
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2644e8e27f0c9f4bc2f43823069fb00449530890f21bd2ff93c2472f2b364df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:12 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.13d53e17.1689739932.8ecf03e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 6018
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B362 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 12:04:14 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 12:04:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 34F9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edd81c3dca94f19083815dd4d02fabc0544274ed916411e8bb91c001d47b1cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 34F9 0
555 B 16ms
15ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&e=wqT_3QKOB-iOAwAAAwDWAAUBCJzF3aUGEPH4hrHf27jgcxgAKjYJAAAAnJdusj8RMzMz0gjhsT8ZAAAAgML19D8hMw0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4vfQFgAEBigEDVVNEkgUG8HmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vbmluZ2JvY2F0LmNvbS9wb3N0LzE0MjIuaHRtbIADAIgDAZADAJgDCaADAaoDogMKuAJodHRwczovL3d3dy5iaW5nLgE58GFhcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jZTMyYmYzNC00NDNjLTQ1YjQtYWVhNC00MzQwMDBmNzZkMmQmY21FeHBJZD1MVjMmb0FkVR1FVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJaALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHhfdGJicV9vdmF0JmFpZD0ke0FVQ1RJT05fSUR9JndwHRHw11BSSUNFfRIFMTIwODUaEzgzNDA5MTU5NTI4MzUyMTQ0NDkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpFNE9EQTRNRGszT1RFeE9UUWpNak15TXpZNE1ETTROalU0TlRJek13PT3AA6wCyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFj53troK9v_N1wAUAyQUAAAAAAADwP9IFCUHaBQFw2AUB4AUB8AWbxlb6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB730BdIHDRVlASYI2gcGAV5wGADgBwDqBwIIAPAHh-MCiggCEACVCAAAgD-YCAE.&s=f185999d08a3c021742372a0025a9a1b33b4ff74&type=nv&nvt=5&jm=1003&px=66&py=0&bw=160&bh=160&sid=1335437701748586837&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=292&ph=600&ww=292&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
an-x-request-uuid: f5d5873f-c10f-4142-a0ec-0c66e5f7f95a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.87; 146.70.117.87; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B362
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGoi5pVja04EPIcTMD6aZz0&google_cver=1&google_push=AaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoi5pVja04EPIcTMD6aZz0&google_cver=1&google_push=AaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGG...

43 B
412 B

201ms
184ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoi5pVja04EPIcTMD6aZz0&google_cver=1&google_push=AaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e901ff37bf43608-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 52
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoi5pVja04EPIcTMD6aZz0&google_cver=1&google_push=AaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEBp40ZF0M5rCsnxGnyyXLAYlvMA7LlcmIhDXtCsbHusnHA0f42lUdDbi02HlNAR9UijjqiE_fi2MmX2qHvIhRrIUeOqGGCw0Jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e901ff25af33608-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B362
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB281-ObvnmE246fcP9uS4U&google_cver=1&google_push=AaAOQGEWMgINuumHHni3TO51vRPDSzc6TVuvew5caXYm4MOVu48MHe8lw6JWXTL_FUMWDeUxZAg7AKKooaMaq0L3JSax4gumraOTGUU
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E717F50BB3C64334BA690A2106A29977&google_push=AaAOQGEWMgINuumHHni3TO51vRPDSzc6TVuvew5caXYm4MOVu48MHe8lw6JWXTL_FUMWDeUxZAg7AKKooaMaq0L...

170 B
329 B

17ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E717F50BB3C64334BA690A2106A29977&google_push=AaAOQGEWMgINuumHHni3TO51vRPDSzc6TVuvew5caXYm4MOVu48MHe8lw6JWXTL_FUMWDeUxZAg7AKKooaMaq0L3JSax4gumraOTGUU

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 04:12:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E717F50BB3C64334BA690A2106A29977&google_push=AaAOQGEWMgINuumHHni3TO51vRPDSzc6TVuvew5caXYm4MOVu48MHe8lw6JWXTL_FUMWDeUxZAg7AKKooaMaq0L3JSax4gumraOTGUU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 18 Jul 2023 04:12:12 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B362 0
173 B 1052ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKB1UkWwPlkghL6oKlZPJJU&google_cver=1&google_push=AaAOQGFfJDysKGHA8RHcdIYEH2stTzAEgNpMUjE50Fc-ANgQKwh8iNsADXTF0shrBG9tTBUXRSEhU9guj1Lrj8WOBCJTg0xdIbDZn7RH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B362
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGSVpqDodVnL3efY0BphkX8&google_cver=1&google_push=AaAOQGGz0wkYJqOATlzdvf81XeJLqhtO0HGoDEEJ8WDTVNkg-ctSJ2bPcFyYRZIJT9h2aABw0ewpCGVnp49MqOxK...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2HCtxCwITxqMNkY7qBROUw2&google_push=AaAOQGGz0wkYJqOATlzdvf81XeJLqhtO0HGoDEEJ8WDTVNkg-ctSJ2bPcFyYRZIJT9h2aABw0ewpCGVnp49MqOxKEEg_LZZH0Jy8HcnF

170 B
232 B

17ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2HCtxCwITxqMNkY7qBROUw2&google_push=AaAOQGGz0wkYJqOATlzdvf81XeJLqhtO0HGoDEEJ8WDTVNkg-ctSJ2bPcFyYRZIJT9h2aABw0ewpCGVnp49MqOxKEEg_LZZH0Jy8HcnF

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 04:12:12 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2HCtxCwITxqMNkY7qBROUw2&google_push=AaAOQGGz0wkYJqOATlzdvf81XeJLqhtO0HGoDEEJ8WDTVNkg-ctSJ2bPcFyYRZIJT9h2aABw0ewpCGVnp49MqOxKEEg_LZZH0Jy8HcnF
x-host: tde-deliveryengine-production-6689f7fc45-wvngg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B362 43 B
363 B 62ms
16ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEDb6LhNUPrIPqfyeu-FWnQk&google_cver=1&google_push=AaAOQGGa43cf3K9rXR3VU0sDyIP9NUBnLuI34dTByBdVaHwymRuz7F3eqnKxl43jZrI4ds72Rckiy-k39k2KtcGo64GczSJzdarBQNL9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 289283
expires: Wed, 19 Jul 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B362
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqZipGg-XR8H0xHmWSCKtQ&google_cver=1&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj0jQi6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHqZipGg-XR8H0xHmWSCKtQ&google_cver=1&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxOTQ0MjE2MjY4MzI3MDQyMA&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj0jQ...

170 B
232 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxOTQ0MjE2MjY4MzI3MDQyMA&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj0jQi6RNJnDasDcawYwCsKv_qzHl8

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxOTQ0MjE2MjY4MzI3MDQyMA&google_push=AaAOQGH2O2ymd9z3ESlkACSXuhbdtTUpa53wDGTidAJ_y7wZkc4EFE3oS4Kbn7bRICdS6DISpqj0jQi6RNJnDasDcawYwCsKv_qzHl8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B362
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENeIVSP7e8LgkNkdn1AZGfU&google_cver=1&google_push=AaAOQGG2WRjiFiUb5Wu3jxHY6symVfKbSgWhCz-yNG-Eq6sGvgZOGfqwSulUey7jazsFX2wFd9Q4WQGMafKr...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGG2WRjiFiUb5Wu3jxHY6symVfKbSgWhCz-yNG-Eq6sGvgZOGfqwSulUey7jazsFX2wFd9Q4WQGMafKrrdrHxp3Mf6cW3wRb1Obz

170 B
232 B

18ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGG2WRjiFiUb5Wu3jxHY6symVfKbSgWhCz-yNG-Eq6sGvgZOGfqwSulUey7jazsFX2wFd9Q4WQGMafKrrdrHxp3Mf6cW3wRb1Obz

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGG2WRjiFiUb5Wu3jxHY6symVfKbSgWhCz-yNG-Eq6sGvgZOGfqwSulUey7jazsFX2wFd9Q4WQGMafKrrdrHxp3Mf6cW3wRb1Obz
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B362 0
139 B 42ms
14ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9fivdHZnyqxi_53RLm0D2no1mKyPRF2kMcbQt-vYaovFgKgMVQI06QmIdki6NRCmQ0l_Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 34F9 0
19 B 54ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGNNim2K3ZOPfOpexjuwPjJ6-yALS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODU1NDA4ODgxMjY2MjcyyAEJqAMByAMCqgTMAU_QFDWbLFZvKPn-RHS4M7gVjGAQyYU0-JCR8MVEWn4RfjT0OWMKA3v-llzhbYEptPKEz5MUExUQJE5YGY9kKUM_0CoPqfcSuiRnhWayC-lgEVLK5Z7Yt67bS9vfUylXwVryKIG7Z8JtZGslrswP9BWyjAXMFZHJ2RJTpW8DUHSyDJpNBW0HiqjSHlT5T1hUwkOx-LMKmp1vJNQGIq4CDIAKHZ-L2Uup9Nly7Xed9UBL98tnSB72Qs9Irt2lpElM0sD3KxvexUVVsYkynYAGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODU1NDA4ODgxMjY2MjcyGAA&sigh=cWk2GJtVCuk&uach_m=[UACH]&cid=CAQSPABpAlJWii5M6KsPJRKmGDtVfTlAzd5eBGpZVh-4en4NYFWzz8Dj6RsT51YY4fr56Ln2D8Jn26NPlK4GwxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7855408881266272&output=html&h=600&adk=296424415&adf=82128889&pi=t.aa~a.602528404~rp.4&w=292&fwrn=4&fwrnh=100&lmt=1689739931&rafmt=1&to=qs&pwprc=5397140053&format=292x600&url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689739931934&bpp=1&bdt=1889&idt=1&shv=r20230717&mjsv=m202307170201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe399636feae2025-22c36ffdafe700d8%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w&gpic=UID%3D00000c3ff50d82b6%3AT%3D1689739931%3ART%3D1689739931%3AS%3DALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg&prev_fmts=0x0%2C1080x280&nras=3&correlator=2140746908788&frm=20&pv=1&ga_vid=1701805983.1689739932&ga_sid=1689739932&ga_hid=25011176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1048&ady=1599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076250%2C31076209%2C44788441%2C44796826&oid=2&pvsid=3488329001761458&tmod=1531166533&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hRrqJ42bcA&p=https%3A//ningbocat.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 04:12:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 34F9 0
531 B 19ms
19ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&e=wqT_3QKOB-iOAwAAAwDWAAUBCJzF3aUGEPH4hrHf27jgcxgAKjYJAAAAnJdusj8RMzMz0gjhsT8ZAAAAgML19D8hMw0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4vfQFgAEBigEDVVNEkgUG8HmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vbmluZ2JvY2F0LmNvbS9wb3N0LzE0MjIuaHRtbIADAIgDAZADAJgDCaADAaoDogMKuAJodHRwczovL3d3dy5iaW5nLgE58GFhcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jZTMyYmYzNC00NDNjLTQ1YjQtYWVhNC00MzQwMDBmNzZkMmQmY21FeHBJZD1MVjMmb0FkVR1FVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJaALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHhfdGJicV9vdmF0JmFpZD0ke0FVQ1RJT05fSUR9JndwHRHw11BSSUNFfRIFMTIwODUaEzgzNDA5MTU5NTI4MzUyMTQ0NDkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpFNE9EQTRNRGszT1RFeE9UUWpNak15TXpZNE1ETTROalU0TlRJek13PT3AA6wCyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFj53troK9v_N1wAUAyQUAAAAAAADwP9IFCUHaBQFw2AUB4AUB8AWbxlb6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB730BdIHDRVlASYI2gcGAV5wGADgBwDqBwIIAPAHh-MCiggCEACVCAAAgD-YCAE.&s=f185999d08a3c021742372a0025a9a1b33b4ff74&pp=ZLdimwAOr-MHg5iXAA-PDGENOj6p_X0m4K5mvA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2aUom2K3ZOPfOpexjuwPjJ6-yALS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODU1NDA4ODgxMjY2MjcyyAEJqAMByAMCqgTPAU_QFDWbLFZvKPn-RHS4M7gVjGAQyYU0-JCR8MVEWn4RfjT0OWMKA3v-llzhbYEptPKEz5MUExUQJE5YGY9kKUM_0CoPqfcSuiRnhWayC-lgEVLK5Z7Yt67bS9vfUylXwVryKIG7Z8JtZGslrswP9BWyjAXMFZHJ2RJTpW8DUHSyDJpNBW0HiqjSHlT5T1hUwkOx-LMKmp1vJNQGIq4CDIAKHZ-L2Uvr9vjgL9NnmNSxg375EZpARuxCKtSLvJDuVJlzl5v06V2VMGtfCT1IgYAGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3KOfo2x2ZiRFyTTWybd78uGIDo5g%26client%3Dca-pub-7855408881266272%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:12 GMT
an-x-request-uuid: ccefae80-c55b-4562-851c-61b09e78f138
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.87; 146.70.117.87; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres2.com/ssl/ 478 B
928 B 1339ms
7ms Script
application/javascript 2600:9000:2251:c800:12:30a1:de00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: jspassport.ssl.qhimg.com
URL: https://jspassport.ssl.qhimg.com/11.0.1.js?589675c6f8ba7df9c4060a201715499e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:c800:12:30a1:de00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer: https://ningbocat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 25 May 2023 01:25:07 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;MISS from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA60-P3
age: 4762026
x-cache: Hit from cloudfront
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"5ea522c52117c396"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: 279QLZMn_7nY88vNk8WhN_jwk1I3Tvj09gLtdKoTXItxfGC_T8KiIQ==
expires: Sun, 22 May 2033 01:25:07 GMT

GET
H/1.1 200
OK zz.gif
s.360.cn/so/ 0
240 B 1355ms
178ms Image
image/gif 171.8.167.89
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.360.cn/so/zz.gif?url=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&sid=589675c6f8ba7df9c4060a201715499e&token=5l8m9t6h7.52c264f18/btas7odpf/9m
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 171.8.167.89 Zhengzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS: 8.171.broad.ha.dynamic.163data.com.cn
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:15 GMT
Last-Modified: Mon, 29 Oct 2018 06:07:21 GMT
Server: openresty/1.15.8.2
ETag: "5bd6a399-0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK btt.png
ningbocat.com/zb_users/theme/Tcbymt/style/images/ 376 B
670 B 633ms
195ms Image
image/png 47.243.120.56
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/images/btt.png
Requested by: Host: ningbocat.com
URL: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.120.56 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4bd25ce61ae48ec1a47fe4d415265513e7e95312da312081c44362d3cab1e929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/zb_users/theme/Tcbymt/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 04:12:14 GMT
Last-Modified: Fri, 08 Apr 2022 22:55:36 GMT
Server: Apache
ETag: "a012a-178-5dc2c7e1c2a00"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=291
Content-Length: 376

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RKK46E6FDY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-356694-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25f1bfd7924b634aa305e9e53021ff88bffbfd2c2a0fe30421b793c8ab25a4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jul 2023 04:12:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 329ms
6ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-356694-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 03:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4057
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jul 2023 05:04:37 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 110ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RKK46E6FDY&_ono=1&gtm=45je37h0&_p=25011176&_gaz=1&cid=1701805983.1689739932&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1689739934&sct=1&seg=0&dl=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&dt=%E7%94%A8%E8%B0%B7%E6%AD%8C%E6%B5%8F%E8%A7%88%E5%99%A8%E5%B0%86%E8%8B%B1%E6%96%87%E6%96%87%E6%A1%A3%E7%BF%BB%E8%AF%91%E6%88%90%E4%B8%AD%E6%96%87%E7%9A%84%E6%96%B9%E6%B3%95%EF%BC%88%E6%97%A0%E5%AD%97%E6%95%B0%E9%99%90%E5%88%B6%EF%BC%89-%E7%AC%AC1%E9%A1%B5-%E5%AE%81%E6%B3%A2%E7%8C%AB%E7%9A%84%E7%AA%9D&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RKK46E6FDY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ningbocat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 116ms
19ms Ping
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RKK46E6FDY&cid=1701805983.1689739932&gtm=45je37h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RKK46E6FDY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ningbocat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 114ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RKK46E6FDY&cid=1701805983.1689739932&gtm=45je37h0&aip=1&z=1843009672

Requested by

Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 14ms
13ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=25011176&t=pageview&_s=1&dl=https%3A%2F%2Fningbocat.com%2Fpost%2F1422.html&ul=en-us&de=UTF-8&dt=%E7%94%A8%E8%B0%B7%E6%AD%8C%E6%B5%8F%E8%A7%88%E5%99%A8%E5%B0%86%E8%8B%B1%E6%96%87%E6%96%87%E6%A1%A3%E7%BF%BB%E8%AF%91%E6%88%90%E4%B8%AD%E6%96%87%E7%9A%84%E6%96%B9%E6%B3%95%EF%BC%88%E6%97%A0%E5%AD%97%E6%95%B0%E9%99%90%E5%88%B6%EF%BC%89-%E7%AC%AC1%E9%A1%B5-%E5%AE%81%E6%B3%A2%E7%8C%AB%E7%9A%84%E7%AA%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=599848309&gjid=1773233789&cid=1701805983.1689739932&tid=UA-356694-6&_gid=2054543535.1689739934&_r=1&gtm=457e37h0&jsscut=1&z=1131887862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ningbocat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ningbocat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-356694-6&cid=1701805983.1689739932&jid=599848309&gjid=1773233789&_gid=2054543535.1689739934&_u=YADAAUAAAAAAACAAI~&z=33884561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ningbocat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Jul 2023 04:12:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ningbocat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 297ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-356694-6&cid=1701805983.1689739932&jid=599848309&_u=YADAAUAAAAAAACAAI~&z=801180988

Requested by

Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-356694-6&cid=1701805983.1689739932&jid=599848309&_u=YADAAUAAAAAAACAAI~&z=801180988

Requested by

Host: ningbocat.com
URL: https://ningbocat.com/post/1422.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 04:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 59ms
58ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230717&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

334cd5c3d5c11c4e259cc747f3e5a412380db7f4a50fb7295949f3f7b67928b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11703
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 04:12:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F0D 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ningbocat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 16:23:57 GMT
expires: Wed, 17 Jul 2024 16:23:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A116 783 B
968 B 19ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dcd4b51425f435322ad239efbd32939034897b45f7c9ae4e18b455e179fc1e62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q8YZxy0Hy88glOjWdmpl9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ningbocat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-q8YZxy0Hy88glOjWdmpl9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 04:12:15 GMT
expires: Wed, 19 Jul 2023 04:12:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A116 0
0 40ms
39ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230717&jk=3488329001761458&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F0D 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 14:37:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6F0D 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6AGlMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 04:12:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230717&jk=3488329001761458&bg=!nJ-ln8vNAAa3SiIRl0o7ADkAdvg8WjZp1QVD19k7IArNwNmFHnHrf0xeWywK_5UdIefvYCg0fsssqlZ8MxPjbRoxQAa2BjmBcekCAAAAZ1IAAAAYaAEHCgBBkegmyAovVtmpdu6EOARe3dr5Jg4mDxlwuFowe83Sn-rgLRAW9IzeuAFWKMuPNNZZhRrPqdPBUMqOGWlkdJsgUsKZApWqILC6vARmN4Njwo1N_L6kqUDSElRRu0Sb8pulg8FRbJLiT1YSsSzpR6M6A0N01U4FY9oSLrYmhV8nCFo1nb4YfhXgKh_7dikJ7u7661oUrmeILqI1Q5Kf97dQCRbIZXQRAckZds9mErF9KehOcej3sumSWv1F33bOIpuUtLsRxjiG__FTGDpQw18BJ4zETVBww--Vyu4Q7Bnirq1_tpoVHHWqjjOm5XomQ-Z66_Jv510QcA8Z13f28Q2NR_F6UNr_5WIUusyobpkGDTe_d1y4FiyyniLBfJclgoY8qrV6nUiuGIL55WiD4mycq893hGzu5wlB6HOOjLaA-ZNzOpni_obLcXWvWNJmWSm6FHLReFSEukMHc8W_hJ8UeZ-9COhkxl9lr8QJuz-tFdcdQkQufugCb7H2AJcIWUrO7IYldpGVkbp3gpoFTeCHJC73GX684dxSzHg6AZfhRdHpvi7bNhfYCyAWBim9nQaJoguSm8u39Q7JVx885_69DigYQua5nFTvq_Dg2nRdRbnsbV6rLG1Nhmv-z4g8fXWxyTDpDtdomjElqVWeYaJOEjLEBVfNnjdyLUYzt0C8OD2S2KthAku2ZSbxZqKlfw-7212FSKm7KHwkC9QG3orrx01nDhZHjXtzCh9ZsQnMIw4k2C5fUr4SiWn2J6LU_k1rTlm1owNGb9ybhnwRXzxf4b4wja_x6Vqw9SgqK8zx28ppNshojIaXTz8wLnKFgK1uvUNAxOq9JRFgQD7T7AGlpyQtYl7dJMxIVwiYmgprDyirpI0HstAC1LCJUUjDDMrYiwFmr76iHaFgsXFez_ZNzgMubr_ui-f1OCywSBAq_75QM_nyjG7LjaLWKnt31YMFumgtBODE6xfa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ningbocat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=469371

Domain: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/like_shell.js?t=469373

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ningbocat.com/	1970-01-20 22:43:55	Name: __gads Value: ID=fe399636feae2025-22c36ffdafe700d8:T=1689739931:RT=1689739931:S=ALNI_MYL7QS4RbokoRy6ROc1xuVCzVNQ9w
.ningbocat.com/	1970-01-20 22:43:55	Name: __gpi Value: UID=00000c3ff50d82b6:T=1689739931:RT=1689739931:S=ALNI_MbQycp7_P4fkR3yMwkybB0w4_vpCg
.doubleclick.net/	1970-01-20 22:43:55	Name: IDE Value: AHWqTUnROhy07wFz6gtnLuDA7wM3Oa2UFXj-tyeCKZmrbEk5GBbdDUKdgmhOGYUZrjw
.bing.com/	1970-01-20 22:43:55	Name: MUID Value: 10D6D0CAEC7E64D90695C399ED096586
.travelaudience.com/	1970-01-20 22:54:00	Name: _tracker Value: %7B%22UUID%22%3A%22D870ADC4-2C08-4F1A-8C36-463BA8144E53%22%7D
.simpli.fi/	1970-01-20 22:09:22	Name: suid Value: E717F50BB3C64334BA690A2106A29977
.adform.net/	1970-01-20 14:06:58	Name: C Value: 1
.adform.net/	1970-01-20 14:48:43	Name: uid Value: 2619442162683270420
.tribalfusion.com/	1970-01-20 15:31:55	Name: ANON_ID Value: aDnseFrwZaybQXwrSQEbW2H7nfhZcWx9pkPaPV3kmDSS32J54A7HCaobvDBr2yYNRbgepPM4XXoXYurYo85x0W
.blismedia.com/	1970-01-20 22:07:59	Name: b Value: 64B7629DEB39DAFEDE910501BLIS
ningbocat.com/	1969-12-31 23:59:59	Name: timezone Value: 0
.ningbocat.com/	1970-01-20 22:58:19	Name: _ga_RKK46E6FDY Value: GS1.1.1689739934.1.0.1689739934.60.0.0
.ningbocat.com/	1970-01-20 22:58:19	Name: _ga Value: GA1.2.1701805983.1689739932
.ningbocat.com/	1970-01-20 13:23:46	Name: _gid Value: GA1.2.2054543535.1689739934
.ningbocat.com/	1970-01-20 13:22:19	Name: _gat_gtag_UA_356694_6 Value: 1
ningbocat.com/	1969-12-31 23:59:59	Name: captcha_1036744536 Value: 1b2e15aac0b0d6cb256342077f5e33f4

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ningbocat.com/post/1422.html(Line 108) Message: Mixed Content: The page at 'https://ningbocat.com/post/1422.html' was loaded over HTTPS, but requested an insecure script 'http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=469371'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://ningbocat.com/post/1422.html(Line 126) Message: Mixed Content: The page at 'https://ningbocat.com/post/1422.html' was loaded over HTTPS, but requested an insecure script 'http://bdimg.share.baidu.com/static/js/like_shell.js?t=469373'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://ningbocat.com/post/1422.html(Line 421) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?589675c6f8ba7df9c4060a201715499e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ningbocat.com/post/1422.html(Line 421) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?589675c6f8ba7df9c4060a201715499e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?589675c6f8ba7df9c4060a201715499e Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?589675c6f8ba7df9c4060a201715499e Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adsdk.microsoft.com
adsdkprod.azureedge.net
adservice.google.com
ams3-ib.adnxs.com
bdimg.share.baidu.com
c1.adform.net
cdn.adnxs.com
cm.g.doubleclick.net
dis.criteo.com
googleads.g.doubleclick.net
jspassport.ssl.qhimg.com
ningbocat.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
s.360.cn
s.ssl.qhres2.com
s.tribalfusion.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.bing.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
bdimg.share.baidu.com
142.250.184.238
142.250.185.130
151.101.1.108
171.8.167.89
172.217.16.194
178.250.7.11
185.89.210.90
2001:4860:4802:32::36
2600:9000:206f:c800:0:e2b1:a380:93a1
2600:9000:2251:c800:12:30a1:de00:93a1
2606:4700::6812:18ad
2620:1ec:46::45
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2004
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a02:26f0:480:22::1726:62d3
34.91.62.186
34.96.105.8
35.190.0.66
37.157.6.243
47.243.120.56
51.75.86.98
03b12ef1a2799f5c0592dfb099c86c30845111b841b70ae835db3e45dd005498
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f3bd67c4c6c63be3f7e95c2e1aeb2a129c11be142a22247a914266cce5757a9
0ff931352785bf7f1e41b15f88dd66200b2ac11409897bb0e8f7ddf9c41f5be6
11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1cbee518f6314d565c81f72af6f09dbc74cc770fce1a02a90b52c2c2dd480985
224ad97d95b9bf8389e9796a1c2b8b9da520d56c973a8c1f7cf871814e678bb8
25f1bfd7924b634aa305e9e53021ff88bffbfd2c2a0fe30421b793c8ab25a4df
2644e8e27f0c9f4bc2f43823069fb00449530890f21bd2ff93c2472f2b364df0
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
2b25c97def981dfae8025d58e7a9e6b7f9a8c4ffc588ee84ed33d05bf3c103fa
313fdcaabffeaa889d2c7e479fe39efe856436ad98fecab6ce6b1aef24fea3d0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c696facdc745fe3f18c62fc0e8e35dbce7dc26261599ad8feeff2456592680
334cd5c3d5c11c4e259cc747f3e5a412380db7f4a50fb7295949f3f7b67928b1
381f7729dbe0d4576897fcd25f4014867eb6987763cf4077486d2bd7f55d8ae6
495f4c42d7075a2e1243ba0e3f880f365056bcfa8a188df88ad0e64c314c9983
4bd25ce61ae48ec1a47fe4d415265513e7e95312da312081c44362d3cab1e929
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57228791f3956f700a99abc935d1ebc0a6cfe180a823e0b24e85b332decd5024
5e9a7e233ee9f1f21c6827835ceccd42edcc3e8fcd90a10ba2235cf1bd7af699
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66166411e7e8b7ca9cc31f3f7a05c86c2660d98aad74bced167586178859e1bd
6a08e9b8b4c9af8a11b957efe6ebf9e625297f2a26014074898a81cf8746d52a
6b2351b69642a2bbd17494af43e42e1418e0f8c6b8168095da3d593373f18b2f
7dff661466a5370d1c1d24d1d8f2620ba7c1a04bf8f0672c9e4b225a308b09b3
819d2e67c083da04e6e95e9792723d2a97b722e52a6606e3179882ac9f7db02b
82ea1ccabec22bfcdf9145b0d2cd349569edbf1f9674874501bfc2de22d4e18a
84991fbb8b631ebab64d8d355fcbf2b8b21feda6602a208720f3c94d69478d08
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874250819ade398694f80d5d8f176031d1f1a96dc1d617bd9b14e1ae1b522ada
878c6150aded864ff615145f9d634a487e1bd6be3a6a4223be8393b7a8c9e817
89f88a955261e7d53f722a4a521818689c582752bc546436324302912cc79bd8
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
952cb9cbbba19f8df7ebf887df6923b054f6db17181987b9cf6dc28a11e6b4aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aedbf5931ea1e3b27905ef6b6cd7de083e5472c1578c0d3343b62ebdc803d1c9
bc20555940758fec77cb84ccfa1d50207f1064b5ba3fcfcf26cb7bb1265c3c86
c268c3d5a2603ff77e18ddf0f84ef73a0139ec8193652208f55d9b667eea7e37
c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955
d284115b6f0994410d2466ab471727d867c1c183dcdafed233c902ece5d76b18
d6803cfcad0ad766099f3798549c2c2ef37c2c6ed2e24ee8323ee6b1d61df9d9
dcd4b51425f435322ad239efbd32939034897b45f7c9ae4e18b455e179fc1e62
de08e0cdfca6a3726c7592eaa4317b55e3372dafc3a8a45231a7647b52c88395
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e792bca67db48196358d8fb02ac6292d22946e58ce38f1dbbdd60f53062985cf
edd81c3dca94f19083815dd4d02fabc0544274ed916411e8bb91c001d47b1cf7
eeaea9ff658a6e3ef3e3c0447f9e18aac0151954abece3b30e121e5d52ae7b62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb65d203861737b252aa8933c89fd69d6681798136806c01b3f9075388c84fbb
fcdbc3c95c570280739f2b9230f706ddedb0c25a41612e58b02851d3b3cd6b8e

ningbocat.com Open in urlscan Pro 47.243.120.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

90 %HTTPS

52 %IPv6

24 Domains

31 Subdomains

24 IPs

8 Countries

1059 kBTransfer

2224 kBSize

16 Cookies

4 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ningbocat.com Open in urlscan Pro
47.243.120.56 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

90 %
HTTPS

52 %
IPv6

24
Domains

31
Subdomains

24
IPs

8
Countries

1059 kB
Transfer

2224 kB
Size

16
Cookies

78 HTTP transactions
1 data transactions