urlscan.io logo urlscan.io
SecurityTrails logo

web.itpauto.eu Open in urlscan Pro
165.232.81.235  Public Scan

Go To Rescan Add Verdict Report
URL: https://web.itpauto.eu/
Submission: On January 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 42 HTTP transactions. The main IP is 165.232.81.235, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is web.itpauto.eu.
TLS certificate: Issued by R3 on December 9th 2023. Valid for: 3 months.
This is the only time web.itpauto.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 165.232.81.235 14061 (DIGITALOC...)
6 2607:f8b0:400... 15169 (GOOGLE)
3 3.162.103.69 16509 (AMAZON-02)
2 151.101.66.133 54113 (FASTLY)
1 1 151.101.1.21 54113 (FASTLY)
10 54.221.184.155 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
42 10
13    165.232.81.235 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
web.itpauto.eu
6    2607:f8b0:4006:817::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    3.162.103.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-69.iad61.r.cloudfront.net
cdn.purpleads.io
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
1    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
10    54.221.184.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-184-155.compute-1.amazonaws.com
api.purpleads.io
2    2607:f8b0:4006:823::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:80c::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2606:4700:20::ac43:4a5d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prplads.com
3    2607:f8b0:4006:816::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c19::68 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
13 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 144871
api.purpleads.io — Cisco Umbrella Rank: 53805
53 KB
13 itpauto.eu
web.itpauto.eu
350 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
225 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611
4 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 prplads.com
cdn.prplads.com — Cisco Umbrella Rank: 87336
84 KB
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 485
129 KB
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3015
1012 B
42 9
Domain Requested by
13 web.itpauto.eu web.itpauto.eu
10 api.purpleads.io cdn.purpleads.io
6 pagead2.googlesyndication.com web.itpauto.eu
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 cdn.purpleads.io web.itpauto.eu
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.paypalobjects.com web.itpauto.eu
1 www.google.com tpc.googlesyndication.com
1 cdn.prplads.com cdn.purpleads.io
1 imasdk.googleapis.com cdn.purpleads.io
1 www.paypal.com 1 redirects
42 11

This site contains links to these domains. Also see Links.

Domain
mybook.to
www.partsgeek.com
www.carid.com
m.do.co
Subject Issuer Validity Valid
automotive-acronyms.com
R3		 2023-12-09 -
2024-03-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.purpleads.io
Amazon RSA 2048 M01		 2023-10-01 -
2024-10-28		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
prplads.com
GTS CA 1P5		 2023-12-11 -
2024-03-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://web.itpauto.eu/
Frame ID: 47666EA71B87C493FEA55B6B37D1A53B
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 1A6B619D64C8E8C004469DE7AFD04D60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9472448145163190&output=html&adk=1812271804&adf=3025194257&lmt=1705094887&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fweb.itpauto.eu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705094887177&bpp=100&bdt=361&idt=363&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=814238831303&frm=20&pv=2&ga_vid=1691744962.1705094888&ga_sid=1705094888&ga_hid=124128719&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080224%2C95320378%2C95320890%2C95321252%2C95321627&oid=2&pvsid=2013461893246289&tmod=1672561402&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=384
Frame ID: 1DA223AF1ADD43322A6026F76C23663B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31A15ECACFD1618FCA314FC87C7DC789
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F474C2D0EB85F5F65789B27428AD00F0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cars definitions - Automotive acronyms and abbreviations

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

67 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

851 kB
Transfer

1871 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
web.itpauto.eu/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
431553137b61d641bab4a41d803aa4ea9159a2282b1199d3f28489fc687b17e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
5166
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 21:28:06 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.57 (Debian)
Vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0273c9c4173c460b93b73b4394f3e88d8bc723d28adc38200536dde15c964cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51139
x-xss-protection
0
server
cafe
etag
7538611363174550973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 21:28:07 GMT
load.js
cdn.purpleads.io/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=207749628c5eff5c7dc707fdc8a5e5fe:fa6c2fda196975785d27fdd8adebf461e6f230857e07e4e20ff9479cdd86d6cd8a2d01058fcd0bcd131af27b1f6177065d08bd048d6154bf9c6885531cb47960
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-69.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef464c0022d74bfd9d6348b1835c9618169e3f7357c5e441e0db10d2e8b7e124

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 10:21:54 GMT
content-encoding
gzip
via
1.1 13f73562b215175ddd75c2902ae36650.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 10:21:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
39973
etag
"fa9372f86fb69d8f6620b30813fce050"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
12218
x-amz-cf-id
yyqcrlmgfFKjyO5VcU1eju9_6vk8dMewWlDMFvxNp7bnQKNSvG91Lg==
common.css
web.itpauto.eu/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.itpauto.eu/common.css
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
b8efef19eb965a66441676c770c38a35b8cd3941be62906249f29d5c0b7b0255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:06 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Dec 2021 12:42:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"b04-5d40bea0cf600-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
914
jquery-3.3.1.min.js
web.itpauto.eu/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.itpauto.eu/jquery-3.3.1.min.js
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Jul 2018 21:34:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"1538f-5701f127c8200-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30307
logo.png
web.itpauto.eu/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/logo.png
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
f6870c042fdf3e22e1fecf93f74e969da2a2ebcdfd7386e6fa3439d7d88b202c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Fri, 27 Jul 2018 14:41:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"8fb8-571fc19acb700"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
36792
header_text.png
web.itpauto.eu/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/header_text.png
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
cc197e31c4b819fce7355eb9271d4fd910037fd28b3d75e9753cbfcbed7dac19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Fri, 27 Jul 2018 14:44:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"39af-571fc24674c00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14767
automotive_500.png
web.itpauto.eu/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/automotive_500.png
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
b31b5d20e431ac7671f48e5ad0ba4902b2bddce9177333be62aa73a0b60f7f56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Wed, 06 Jul 2022 21:52:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"4a4c-5e329fa890000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
19020
partsgeek_200x80.jpg
web.itpauto.eu/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/partsgeek_200x80.jpg
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
7b22b7780bd2073908a1528869b36861eb896031283ac517439eaee8d66b49b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Sun, 23 Feb 2020 13:56:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"1a44-59f3e9d55fc00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6724
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
log-origin
shield=DFW,src_ip=140.248.68.72,alternate_path=0,ip=140.248.68.72,port=443,name=shield_ssl_cache_dfw_kdfw8210072_DFW,status=200,reason=OK,method=GET,url="/en_US/i/btn/btn_donateCC_LG.gif",host=www.paypalobjects.com
log-timing
fetch=31499,misspass=109,do_stream=0
x-cache
HIT, HIT
fastly-io-info
ifsz=3099 idim=147x47 ifmt=gif ofsz=3098 odim=147x47 ofmt=gif
paypal-debug-id
bfd841c41c2e2
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
3098
x-served-by
cache-dfw-kdfw8210072-DFW, cache-mia-kmia1760050-MIA
traceparent
00-0000000000000000000bfd841c41c2e2-7dbef219ec6abcde-01
x-timer
S1705094887.369571,VS0,VE0
etag
"JFKX4Gl4l9piGeivuwDm/G2qA2sZqmLsEhkCWtwctAk"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
2512, 212
pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain
  • https://www.paypal.com/en_US/i/scr/pixel.gif
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif
42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
H2
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
log-origin
shield=DFW,src_ip=140.248.68.133,alternate_path=0,ip=140.248.68.116,port=443,name=shield_ssl_cache_dfw_kdfw8210116_DFW,status=200,reason=OK,method=GET,url="/en_US/i/scr/pixel.gif",host=www.paypalobjects.com
log-timing
fetch=31537,misspass=112,do_stream=0
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
159cc84ec46a2
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
42
x-served-by
cache-dfw-kdfw8210116-DFW, cache-mia-kmia1760050-MIA
traceparent
00-0000000000000000000159cc84ec46a2-6eb3021a5030ea85-01
x-timer
S1705094888.513263,VS0,VE0
etag
"EMKH4Lmcv0jpPecX1lsuI9JDUC4i6ZE+vkcq+Tq/75s"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
3, 3637

Redirect headers

date
Fri, 12 Jan 2024 21:28:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f967372617369
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-served-by
cache-dfw-kdal2120107-DFW, cache-mia-kmia1760076-MIA, cache-mia-kmia1760076-MIA
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f967372617369-24f8f7ea37004354-01
x-timer
S1705094887.391856,VS0,VE87
location
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
bytes
x-cache-hits
0, 0, 0
carid.PNG
web.itpauto.eu/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/carid.PNG
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
f7ca479ed5cbe502b60d29c337f9540e6288445f9802bd297a08a2385b738aba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Fri, 27 Jul 2018 14:17:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"29b4-571fbc3d80f00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
10676
agent.js
cdn.purpleads.io/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=d4d027f2f13988e93b64da62bfd40455:e2de5270e1e3334a6108df4e6577d69d3b39a9d1a22d9be504f604f9c3c2984811b6bd1295462c429789286eda6f11cd0c3c2283ccbdf45d4e712337790d263b
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-69.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
113b26390f7bdb7530332ce1648e4a9ff165d4fdf61e85c676c7ecd5d66b8aca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 10:21:47 GMT
content-encoding
gzip
via
1.1 13f73562b215175ddd75c2902ae36650.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 10:20:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
39981
etag
"e33d7e8c1020601db2d36e788fe1a7fc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
22282
x-amz-cf-id
JCTr3AZvI1u3A4AE7gX_cJfaQzROHQB796k4FedIAsylY7Zb-aBhZg==
video-agent.js
cdn.purpleads.io/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/video-agent.js?publisherId=22299ee4ccd2bb910a56cb3e12256ed8:cb8dde5cdd34769918761cb1740e263fdde05ac549a65176165de19280b939e3e9252f9d97113bf13bbe70bea6007d2c5c37595fd3246732c961184a64c61194
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-69.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a27d1b26ce32724d74c5db90bf7d790867b7b3c65a9feea40bc9421491180047

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 10:21:49 GMT
content-encoding
gzip
via
1.1 13f73562b215175ddd75c2902ae36650.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 10:08:27 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
39979
etag
"1e9ff97073e0efd41397b8ef54b0953d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17153
x-amz-cf-id
z5jVyykE9BH50CVkuiCDg4uwL8hdAo_SwPxWMqPwLV_6fYE5dkDHHA==
proudlyHostedByDigitalOcean_black.png
web.itpauto.eu/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/proudlyHostedByDigitalOcean_black.png
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
ced55db48c32279d8912bf1ee8b058554bece10109ef521800b414cfba0823c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Fri, 07 Sep 2018 13:52:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"3199-575484fc5a000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12697
85000.png
web.itpauto.eu/images/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/85000.png
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
a64b21f862c7b234f740d5513362f5c75843d72e55012e2105d2bcb11d15aa63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Sun, 29 Oct 2023 21:10:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"ae7b-608e15828da00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
44667
new.gif
web.itpauto.eu/images/ 		173 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/new.gif
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
899554fdaa86ed5982c36fcb5d3e40966ec283470d2a0ac1bb9ac86e975731c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Tue, 14 Jun 2022 19:55:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"ad-5e16dc79a0d00"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
173
f
api.purpleads.io/x/v2/ 		45 B
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=4c57c1e550b148b8b24409a4455bd0be&ts=1705094887025
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=207749628c5eff5c7dc707fdc8a5e5fe:fa6c2fda196975785d27fdd8adebf461e6f230857e07e4e20ff9479cdd86d6cd8a2d01058fcd0bcd131af27b1f6177065d08bd048d6154bf9c6885531cb47960
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash
31b381ed7fc6f2b5055c9437b55fcf87d95341dc90538f47164369712fd83914

Request headers

accept-language
en-US,en;q=0.9
x-request-url
aHR0cHM6Ly93ZWIuaXRwYXV0by5ldS8=
pa-user-id
8b811a9a-c110-4966-b71a-a1de1bb63d5b
Authorization
Bearer 207749628c5eff5c7dc707fdc8a5e5fe:fa6c2fda196975785d27fdd8adebf461e6f230857e07e4e20ff9479cdd86d6cd8a2d01058fcd0bcd131af27b1f6177065d08bd048d6154bf9c6885531cb47960
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://web.itpauto.eu/
x-purpleads-version
2.0.6

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
etag
W/"2d-etIhFBzDy/sqTQnrEfeYbNLkEhY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
45
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=4c57c1e550b148b8b24409a4455bd0be&ts=1705094887025
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://web.itpauto.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 12 Jan 2024 21:28:07 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9d2b402dee31c3614b9dbd9668a5cc5a114a96541b91a06e8d15b08e5e0604d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139339
x-xss-protection
0
server
cafe
etag
9691208579348061444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 21:28:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 1A6B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://web.itpauto.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
4719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 20:09:28 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 20:09:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
texture.jpg
web.itpauto.eu/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/texture.jpg
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
5615d3826ccfbf576945234e780c26a1399778b7b825631d3eced331d0a3f0bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Sat, 19 Jan 2019 20:42:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"b7f-57fd5a8c81600"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2943
header.png
web.itpauto.eu/images/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.itpauto.eu/images/header.png
Requested by
Host: web.itpauto.eu
URL: https://web.itpauto.eu/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.232.81.235 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.57 (Debian) /
Resource Hash
a3d0c5a929cc0004483219670a5e308336d1b8d8b6151626c03919909abc4ef0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 21:28:07 GMT
Last-Modified
Fri, 27 Jul 2018 14:37:00 GMT
Server
Apache/2.4.57 (Debian)
ETag
"29684-571fc0b5e9b00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
169604
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1705094887347
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://web.itpauto.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 12 Jan 2024 21:28:07 GMT
init
api.purpleads.io/x/ 		45 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1705094887347
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=d4d027f2f13988e93b64da62bfd40455:e2de5270e1e3334a6108df4e6577d69d3b39a9d1a22d9be504f604f9c3c2984811b6bd1295462c429789286eda6f11cd0c3c2283ccbdf45d4e712337790d263b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash
31b381ed7fc6f2b5055c9437b55fcf87d95341dc90538f47164369712fd83914

Request headers

accept-language
en-US,en;q=0.9
x-request-url
aHR0cHM6Ly93ZWIuaXRwYXV0by5ldS8=
pa-user-id
8b811a9a-c110-4966-b71a-a1de1bb63d5b
Authorization
Bearer d4d027f2f13988e93b64da62bfd40455:e2de5270e1e3334a6108df4e6577d69d3b39a9d1a22d9be504f604f9c3c2984811b6bd1295462c429789286eda6f11cd0c3c2283ccbdf45d4e712337790d263b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://web.itpauto.eu/
x-purpleads-version
3.0.11

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
etag
W/"2d-etIhFBzDy/sqTQnrEfeYbNLkEhY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
45
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=22299ee4ccd2bb910a56cb3e12256ed8:cb8dde5cdd34769918761cb1740e263fdde05ac549a65176165de19280b939e3e9252f9d97113bf13bbe70bea6007d2c5c37595fd3246732c961184a64c61194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef61cf5cd57dedee281674af89bf4f3323d7042e063d15521f87a66f7902f29f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131542
x-xss-protection
0
expires
Fri, 12 Jan 2024 21:28:07 GMT
prebid-video-7.22.0-2023-02-06.js
cdn.prplads.com/ 		266 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-video-7.22.0-2023-02-06.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=22299ee4ccd2bb910a56cb3e12256ed8:cb8dde5cdd34769918761cb1740e263fdde05ac549a65176165de19280b939e3e9252f9d97113bf13bbe70bea6007d2c5c37595fd3246732c961184a64c61194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cee62f5f58c3dd9e5b2451684895111bd5163862b43f0c43ae9f02be34f732

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XX2MK2ES1BRWKVSJ
age
156
cf-polished
origSize=272657
x-amz-id-2
iAWH16eXzo+oqPZ5JX9f7z/yk26YowZmZHtwSmGtDSH5JGXTVdAgokqv0oijr2zAmEYXLa1qGI0=
cf-bgj
minify
last-modified
Mon, 20 Feb 2023 13:50:01 GMT
server
cloudflare
etag
W/"26908555ff2c3247cc82b5a2bb6d6c20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma%2B6NXQxVK1Qj7RZ0f5MGrlOqNFvxrlHGOXR5ZdBnX4cZ5Gpeb%2Fszt%2BoanfHsPBQtU8UHNdECQJYcbWqBo3chKFwWEdXVVQpF4tHaqzlmGrre114DDtXByUlvQBWiWO6sfP6HeJAqk9uv9oc8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
84487cc6ab1d8dd2-MIA
ads
googleads.g.doubleclick.net/pagead/ Frame 1DA2 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9472448145163190&output=html&adk=1812271804&adf=3025194257&lmt=1705094887&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fweb.itpauto.eu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705094887177&bpp=100&bdt=361&idt=363&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=814238831303&frm=20&pv=2&ga_vid=1691744962.1705094888&ga_sid=1705094888&ga_hid=124128719&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080224%2C95320378%2C95320890%2C95321252%2C95321627&oid=2&pvsid=2013461893246289&tmod=1672561402&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=384
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://web.itpauto.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 21:28:07 GMT
expires
Fri, 12 Jan 2024 21:28:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
api.purpleads.io/x/v2/b/ 		45 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=4c57c1e550b148b8b24409a4455bd0be&sizes=[[160,600],[120,600],[200,200]]&slotid=8c654339-bc2a-4b40-a847-32695ad8d8b3&ts=1705094887579
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=d4d027f2f13988e93b64da62bfd40455:e2de5270e1e3334a6108df4e6577d69d3b39a9d1a22d9be504f604f9c3c2984811b6bd1295462c429789286eda6f11cd0c3c2283ccbdf45d4e712337790d263b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash
31b381ed7fc6f2b5055c9437b55fcf87d95341dc90538f47164369712fd83914

Request headers

accept-language
en-US,en;q=0.9
x-request-url
aHR0cHM6Ly93ZWIuaXRwYXV0by5ldS8=
pa-user-id
8b811a9a-c110-4966-b71a-a1de1bb63d5b
Authorization
Bearer d4d027f2f13988e93b64da62bfd40455:e2de5270e1e3334a6108df4e6577d69d3b39a9d1a22d9be504f604f9c3c2984811b6bd1295462c429789286eda6f11cd0c3c2283ccbdf45d4e712337790d263b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://web.itpauto.eu/
x-purpleads-version
3.0.11

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
etag
W/"2d-etIhFBzDy/sqTQnrEfeYbNLkEhY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
45
/
api.purpleads.io/x/v2/b/ 		45 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=4c57c1e550b148b8b24409a4455bd0be&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100],[300,50]]&slotid=d17989e6-adcc-4add-9220-2d60972d1149&ts=1705094887580
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=d4d027f2f13988e93b64da62bfd40455:e2de5270e1e3334a6108df4e6577d69d3b39a9d1a22d9be504f604f9c3c2984811b6bd1295462c429789286eda6f11cd0c3c2283ccbdf45d4e712337790d263b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash
31b381ed7fc6f2b5055c9437b55fcf87d95341dc90538f47164369712fd83914

Request headers

accept-language
en-US,en;q=0.9
x-request-url
aHR0cHM6Ly93ZWIuaXRwYXV0by5ldS8=
pa-user-id
8b811a9a-c110-4966-b71a-a1de1bb63d5b
Authorization
Bearer d4d027f2f13988e93b64da62bfd40455:e2de5270e1e3334a6108df4e6577d69d3b39a9d1a22d9be504f604f9c3c2984811b6bd1295462c429789286eda6f11cd0c3c2283ccbdf45d4e712337790d263b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://web.itpauto.eu/
x-purpleads-version
3.0.11

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
etag
W/"2d-etIhFBzDy/sqTQnrEfeYbNLkEhY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
45
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=4c57c1e550b148b8b24409a4455bd0be&sizes=[[160,600],[120,600],[200,200]]&slotid=8c654339-bc2a-4b40-a847-32695ad8d8b3&ts=1705094887579
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://web.itpauto.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 12 Jan 2024 21:28:07 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=4c57c1e550b148b8b24409a4455bd0be&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100],[300,50]]&slotid=d17989e6-adcc-4add-9220-2d60972d1149&ts=1705094887580
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://web.itpauto.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 12 Jan 2024 21:28:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26a3bff9873ece849501d60f4cd50b63054a886eea45d0527c718c317586eb03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12087
x-xss-protection
0
v
api.purpleads.io/x/v2/ 		45 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/v?pid=4c57c1e550b148b8b24409a4455bd0be&ts=1705094887860
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=22299ee4ccd2bb910a56cb3e12256ed8:cb8dde5cdd34769918761cb1740e263fdde05ac549a65176165de19280b939e3e9252f9d97113bf13bbe70bea6007d2c5c37595fd3246732c961184a64c61194
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash
31b381ed7fc6f2b5055c9437b55fcf87d95341dc90538f47164369712fd83914

Request headers

accept-language
en-US,en;q=0.9
x-request-url
aHR0cHM6Ly93ZWIuaXRwYXV0by5ldS8=
pa-user-id
8b811a9a-c110-4966-b71a-a1de1bb63d5b
Authorization
Bearer 22299ee4ccd2bb910a56cb3e12256ed8:cb8dde5cdd34769918761cb1740e263fdde05ac549a65176165de19280b939e3e9252f9d97113bf13bbe70bea6007d2c5c37595fd3246732c961184a64c61194
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://web.itpauto.eu/
x-purpleads-version
3.0.2

Response headers

date
Fri, 12 Jan 2024 21:28:07 GMT
etag
W/"2d-etIhFBzDy/sqTQnrEfeYbNLkEhY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
45
v
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/v?pid=4c57c1e550b148b8b24409a4455bd0be&ts=1705094887860
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.184.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-184-155.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://web.itpauto.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://web.itpauto.eu
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 12 Jan 2024 21:28:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 21:28:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://web.itpauto.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
4315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 20:16:13 GMT
expires
Sat, 11 Jan 2025 20:16:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F474 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
187db32ab80647aaf96c6ab5ec2030cf66240570bf6b5daee82d88812f56505a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-URyahZsNX8HNynMD8EEgXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.itpauto.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-URyahZsNX8HNynMD8EEgXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 21:28:08 GMT
expires
Fri, 12 Jan 2024 21:28:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 31A1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
2435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 20:47:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F474 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=2013461893246289&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 31A1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TJ4wsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:28:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=2013461893246289&bg=!_v2l_bLNAAaumcC-jpk7ADQBe5WfOJOb2xec4vihrFb1uKvVse5K8TXHvAEypnQoroy2tDWfhpvSEKJU8wRZYBq9NtPAAgAAAE1SAAAAAmgBB5kCsMvnY6KAZM1_MG6TQk-tbQSvdDSPHyJe7qMQ0m0GS08ki-IoA5tp-GYJ1Yq13EG7VflMRkY8on4AWBKcaUaFRVc_SjonsnPIqZaQEzA0yBr-lWrRQXBmKtp573UWV7UFYahRhvwZbvalDt1aT7xfcJFJppd6g8lsRKSN6j0aWEv-oHRgRhySU8tmR1T1JnHNXRGI7hiIfQUuwuO464yYkfobmwsbecBXM3OxCqMYR6j_twa0uc246yd0pnfQKAPv93pXmgPfEDPlh2pmy_5gkWT_QO5KMbt-bZjzTkGOgeFgmgMREe9lyxB0fO4zV7SwsqZx9Qi_RtygcWFPE9HviMHw-9QwaAvZJDxXnHHgBjTmRD4GiIoKTvgoCDFlbn9E_HS9PPu8JZrp4LrKh8ZB1dpXAWx1uH0ydqFRhKPIsrZvAsrKqWdK4fy2kseltp1kYhIk2kpgsCOT8C_Ct79YlGlp1Me6kRWqu74Z_3OLpRBI4GRNJ3F3b0SOixqeaYLHIJV8ChgKIsx_i7YsYLzV3Mbk20T0-t88tGiycKboIxQzKKG2WH9E2d1S6fBcI45PAS5GB_vkWKz8cWzdcWovB8PCsGSarg7cx3RrU1ezR2hfxA2u-poWDee-AA6DSqvoDskSPQzEhIpmL0KQ-7d5G5wxua23j501uygD_33ji-nyvApVheAd01ryAcwrDfEfw7uRVlxCFNdcMSqdfVpmyqVMx38ne0R8ytKOjvqHiN2jgOh5VEpKbU8KX7AH0qBuerfT3PEKD26lti6DTk0dyT4JuxN7HWRDJi1wu6P6v9MZrNMqP_A1z9_fUnWNqOEpVTACuGRou77y5rYwQEmHSPSRPGsASQR2ZqVtBMPyIssk7M2FwqyjLxdPHuY1LeleA94HjpbxgUxW7IiWhp8qwYk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://web.itpauto.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| _0x288d function| _0x26d7 boolean| _purpleadsWasLoaded object| _purpleads string| purpleadsInstanceId object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map object| queries object| _0x56d7 function| _0x22b2 boolean| _purpleAdsDisplayInit object| globalSlots object| purpleadsAgent function| _0x18f0 function| _0x2b4d object| prplPbjs boolean| _purpleAdsVideoInit object| purpleadsVideoAgent function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| prplPbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.paypal.com/ Name: ts
Value: vreXpYrS%3D1799789287%26vteXpYrS%3D1705096687%26vr%3Dff93380918c0ad11ac4dddfeffbed028%26vt%3Dff93380918c0ad11ac4dddfeffbed027%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3Dff93380918c0ad11ac4dddfeffbed028%26vt%3Dff93380918c0ad11ac4dddfeffbed027
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

5 Console Messages

Source Level URL
Text
network error URL: https://api.purpleads.io/x/v2/f?pid=4c57c1e550b148b8b24409a4455bd0be&ts=1705094887025
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.purpleads.io/x/init?ts=1705094887347
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.purpleads.io/x/v2/b/?idx=1&pid=4c57c1e550b148b8b24409a4455bd0be&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100],[300,50]]&slotid=d17989e6-adcc-4add-9220-2d60972d1149&ts=1705094887580
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.purpleads.io/x/v2/b/?idx=0&pid=4c57c1e550b148b8b24409a4455bd0be&sizes=[[160,600],[120,600],[200,200]]&slotid=8c654339-bc2a-4b40-a847-32695ad8d8b3&ts=1705094887579
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.purpleads.io/x/v2/v?pid=4c57c1e550b148b8b24409a4455bd0be&ts=1705094887860
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.purpleads.io
cdn.prplads.com
cdn.purpleads.io
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
web.itpauto.eu
www.google.com
www.paypal.com
www.paypalobjects.com
151.101.1.21
151.101.66.133
165.232.81.235
2606:4700:20::ac43:4a5d
2607:f8b0:4004:c19::68
2607:f8b0:4006:80c::200a
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:823::2002
3.162.103.69
54.221.184.155
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0273c9c4173c460b93b73b4394f3e88d8bc723d28adc38200536dde15c964cfe
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
113b26390f7bdb7530332ce1648e4a9ff165d4fdf61e85c676c7ecd5d66b8aca
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
187db32ab80647aaf96c6ab5ec2030cf66240570bf6b5daee82d88812f56505a
26a3bff9873ece849501d60f4cd50b63054a886eea45d0527c718c317586eb03
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
31b381ed7fc6f2b5055c9437b55fcf87d95341dc90538f47164369712fd83914
431553137b61d641bab4a41d803aa4ea9159a2282b1199d3f28489fc687b17e2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5615d3826ccfbf576945234e780c26a1399778b7b825631d3eced331d0a3f0bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7b22b7780bd2073908a1528869b36861eb896031283ac517439eaee8d66b49b3
899554fdaa86ed5982c36fcb5d3e40966ec283470d2a0ac1bb9ac86e975731c5
a27d1b26ce32724d74c5db90bf7d790867b7b3c65a9feea40bc9421491180047
a3d0c5a929cc0004483219670a5e308336d1b8d8b6151626c03919909abc4ef0
a64b21f862c7b234f740d5513362f5c75843d72e55012e2105d2bcb11d15aa63
b31b5d20e431ac7671f48e5ad0ba4902b2bddce9177333be62aa73a0b60f7f56
b8cee62f5f58c3dd9e5b2451684895111bd5163862b43f0c43ae9f02be34f732
b8efef19eb965a66441676c770c38a35b8cd3941be62906249f29d5c0b7b0255
c9d2b402dee31c3614b9dbd9668a5cc5a114a96541b91a06e8d15b08e5e0604d
cc197e31c4b819fce7355eb9271d4fd910037fd28b3d75e9753cbfcbed7dac19
ced55db48c32279d8912bf1ee8b058554bece10109ef521800b414cfba0823c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474
ef464c0022d74bfd9d6348b1835c9618169e3f7357c5e441e0db10d2e8b7e124
ef61cf5cd57dedee281674af89bf4f3323d7042e063d15521f87a66f7902f29f
f6870c042fdf3e22e1fecf93f74e969da2a2ebcdfd7386e6fa3439d7d88b202c
f7ca479ed5cbe502b60d29c337f9540e6288445f9802bd297a08a2385b738aba