www.zitauto.com Open in urlscan Pro
94.46.13.117 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zitauto.com/
Submission Tags: @phishunt_io
Submission: On June 09 via api (June 9th 2021, 2:02:15 am UTC) from DE

Summary HTTP 129 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 22 domains to perform 129 HTTP transactions. The main IP is 94.46.13.117, located in Portugal and belongs to ALMOUROLTEC, PT. The main domain is www.zitauto.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on June 8th 2021. Valid for: a year.

This is the only time www.zitauto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	94.46.13.117 94.46.13.117	24768 (ALMOUROLTEC) (ALMOUROLTEC)
5	143.204.98.92 143.204.98.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.72 143.204.98.72	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2602:fed3:2:b... 2602:fed3:2:b74f:112:9a23:af4f:2219	19969 (JOESDATAC...) (JOESDATACENTER)
9	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	52.59.79.213 52.59.79.213	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
129	26

16 94.46.13.117 (Portugal)

ASN24768 (ALMOUROLTEC, PT)
PTR: zitauto.pt

www.zitauto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-92.fra50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-72.fra50.r.cloudfront.net

invitejs.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:fed3:2:b74f:112:9a23:af4f:2219 (Portland, United States)

ASN19969 (JOESDATACENTER, US)

ip.seeip.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.79.213 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-79-213.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	408 KB
19	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	110 KB
16	zitauto.com www.zitauto.com	3 MB
9	tawk.to embed.tawk.to va.tawk.to	120 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	162 KB
7	google.com 2 redirects www.google.com adservice.google.com	1 KB
6	cloudflare.com cdnjs.cloudflare.com	78 KB
6	trustpilot.com widget.trustpilot.com invitejs.trustpilot.com	31 KB
4	googletagservices.com www.googletagservices.com	139 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	google.de www.google.de adservice.google.de	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	761 B
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	15 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	460 B
1	agkn.com 1 redirects d.agkn.com	765 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	463 B
1	seeip.org ip.seeip.org	647 B
1	googletagmanager.com www.googletagmanager.com	34 KB
0	yahooapis.com Failed query.yahooapis.com Failed
129	22

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net www.zitauto.com tpc.googlesyndication.com pagead2.googlesyndication.com
16	www.zitauto.com	www.zitauto.com
12	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com www.zitauto.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	www.zitauto.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	embed.tawk.to	www.zitauto.com embed.tawk.to
7	fonts.gstatic.com	www.zitauto.com fonts.googleapis.com
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.google.com	2 redirects www.zitauto.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	cdnjs.cloudflare.com	www.zitauto.com cdnjs.cloudflare.com
5	widget.trustpilot.com	www.zitauto.com widget.trustpilot.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	www.google.de	www.zitauto.com
2	www.google-analytics.com	www.zitauto.com www.google-analytics.com
1	va.tawk.to	embed.tawk.to
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ip.seeip.org	www.zitauto.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	invitejs.trustpilot.com	www.zitauto.com
1	www.googletagmanager.com	www.zitauto.com
0	query.yahooapis.com Failed	www.zitauto.com
129	31

This site contains no links.

Subject Issuer	Validity	Valid
www.zitauto.com AlphaSSL CA - SHA256 - G2	`2021-06-08` - `2022-07-10`	a year	crt.sh
*.trustpilot.com Amazon	`2021-04-03` - `2022-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
ip.seeip.org R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.zitauto.com/
Frame ID: 53704D1A70C45299FEE02077410ABC9C
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210603/r20190131/zrt_lookup.html
Frame ID: C896AB934B65E15FE8B1A539ED40E685
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=7687010183&adk=2031393337&adf=3499367324&pi=t.ma~as.7687010183&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097577&bpp=2&bdt=486&idt=96&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1376422926181&frm=20&pv=2&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TsLnhmdhAs&p=https%3A//www.zitauto.com&dtd=122
Frame ID: 00FB1643E6898EE763D6BC602176679D
Requests: 2 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=607716edf47b6400017d93da
Frame ID: DC250DEB689F838D4BBD22A70B42FD6D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=3197100833&adk=750410168&adf=3052806192&pi=t.ma~as.3197100833&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097579&bpp=1&bdt=488&idt=177&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Fzhbsiov6y&p=https%3A//www.zitauto.com&dtd=179
Frame ID: 490BBE4BABEC5E9F31CB970063F8BFCA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=4085363444&adk=1318526401&adf=1130078198&pi=t.ma~as.4085363444&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097599&bpp=1&bdt=508&idt=169&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=YlHwmjWHyV&p=https%3A//www.zitauto.com&dtd=172
Frame ID: 3D1A65E94C4140702C3AF5160203FD2E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html
Frame ID: D203EC4124EEC7DA5404DBDB670E4ABC
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CsDAAASHAYI_rK4b03wPSorLYB4rMmq1h8fTowJMN2dkeEAEgxaelLGCVAqABtZDEwAPIAQmoAwHIA0iqBLsBT9DxOYYI_8zigSMgnR1KJDyOPkROVUadBv0wIX6LsgFwDU9GPBlTQAPKqK3hTs8j-7qA6Tox6ygeIeRyuwhn04Q-ZvUoW946AWv4vQlsy4d31v6q0K7olp_nPNz3x-AWSr1g6lCU55mvkR1IogTscIBtxrRdc-yGnsmLLeJCib63f29d9N3i1e7qCyQQgiIrikmAOHzV2eqBgA7mlPNTetyXOulUNO8lRDkuH0RC_mlLcmLgGyHerUPO_MAE3ZzLy6gDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7Pvuz-oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQo_h00ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTU1MzIwODQ0NDUyMjYyOTM&sigh=I8EXT5g-yPc&template_id=419
Frame ID: 6741E9897A66138C7EAD8752B83938B6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D4400F35D2FA49C7F1F8CDE265E4C62D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html
Frame ID: 0CEC521674018E8B6DF75EA73CFFFF50
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CLeVGASHAYLKfMMPX3gPpuZ_ACYrMmq1h8fTowJMN2dkeEAEgxaelLGCVAqABtZDEwAPIAQmoAwHIA0iqBLgBT9B0o4fUZ4PKgCki1WudSFnV49EHKTAHoQely8Ux8J3Z82idaEKbsQGr-8kbkaq5rCiJIQStPqN_dgVnjRZvTP-XHpodZo9fI0T_Km7_WFfl4uPbxhxTQt5hNiV9Y8cJLQs-eZ21hOnl9VJQaIFsmJ9QzrTzotX_xOdTPiuol4wMLKLfSBWSNuub4ensWM8DWE0njRN5r3MNrRtTZiC8_OhbvNf96TLGLjiRbweYNnoRFg_qbPlXtcAE3ZzLy6gDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7Pvuz-oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ1tA00ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTU1MzIwODQ0NDUyMjYyOTM&sigh=M_jlwkh9EvQ&template_id=419
Frame ID: F6942A31D8582086F9082F8F7201756D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4FC055512DEDF5CC42D2CAD1CF9D54A5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 798B709531717B1FE7D91E42676C19B7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Frame ID: F5318A9770DCB68A63C097B5914D1E20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: D6093362EDE9B64FC945097D2AA271AF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D823C6697383D1CFE5ECCB0FEE9F66D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

129
Requests

98 %
HTTPS

63 %
IPv6

22
Domains

31
Subdomains

26
IPs

6
Countries

4657 kB
Transfer

6550 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 109

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKS1Cj1E4ogpeh8XUBONh2gWxmmgbUOqHMAeIG44m-g0C9vnmsx2t1p2HnblbxVFWxq6la8q0Pi0mar49BgMq3KGLzFp9I_&google_gid=CAESECmqLW0dzXNqNBkqfUiEmak&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1BaEFnQUFBWDFoM3huag&google_push=AYg5qPKS1Cj1E4ogpeh8XUBONh2gWxmmgbUOqHMAeIG44m-g0C9vnmsx2t1p2HnblbxVFWxq6la8q0Pi0mar49BgMq3KGLzFp9I_

Request Chain 110

https://d.agkn.com/pixel/2175/?google_gid=CAESEAP2W9XSfLh2MTooCLBPxCo&google_cver=1&google_push=AYg5qPLFiOZdMzUh2CHpNltXDJgKEP6eqIcHrUT4cYw49-2XVYKglXkFNBu4Yt2nm4_svWTNTDuJCTJjXNZIs_TL_Gv_ZW4MFqS- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLFiOZdMzUh2CHpNltXDJgKEP6eqIcHrUT4cYw49-2XVYKglXkFNBu4Yt2nm4_svWTNTDuJCTJjXNZIs_TL_Gv_ZW4MFqS-&google_hm=Q0FFU0VBUDJXOVhTZkxoMk1Ub29DTEJQeENv

Request Chain 111

https://rtb.openx.net/sync/dds?google_gid=CAESEHnDs3bkgVyVaITap8hTA9A&google_cver=1&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEHnDs3bkgVyVaITap8hTA9A&google_cver=1&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG&google_hm=YeeJBr4uzfMaHULy9LTbKg==

Request Chain 112

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED0uSVZUBsQ9ZYGDr4u7B9w&google_cver=1&google_push=AYg5qPK-q_pP-oOqoRcT6-T9ElLUxUpgwbxzqEKvYsSn5OribGU_ihvOqtZKxJfotsQbPJo6KUC-JD5i558A73jA0wdjdrXfejbr HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED0uSVZUBsQ9ZYGDr4u7B9w&google_cver=1&google_push=AYg5qPK-q_pP-oOqoRcT6-T9ElLUxUpgwbxzqEKvYsSn5OribGU_ihvOqtZKxJfotsQbPJo6KUC-JD5i558A73jA0wdjdrXfejbr&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w7m8MnKsSYK7kp-NCARlwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK-q_pP-oOqoRcT6-T9ElLUxUpgwbxzqEKvYsSn5OribGU_ihvOqtZKxJfotsQbPJo6KUC-JD5i558A73jA0wdjdrXfejbr

Request Chain 113

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqmhu1ytglGJfywzedIRGM&google_cver=1&google_push=AYg5qPJrGJ9EFfG8ha3dn1-Rf7KFyLN7QX3-iiHz-opKe7OOyqdxGcQGfZ_tYbccc2pSouLnYBe4zUs8SkQ4NPbSoy8zlTAArTc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPVFQ2R1ctMTItODdSQQ==&google_push=AYg5qPJrGJ9EFfG8ha3dn1-Rf7KFyLN7QX3-iiHz-opKe7OOyqdxGcQGfZ_tYbccc2pSouLnYBe4zUs8SkQ4NPbSoy8zlTAArTc

Request Chain 114

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA-sZpBdskA09579usuJ6iE&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA-sZpBdskA09579usuJ6iE&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE

129 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.zitauto.com/ 48 KB
48 KB 620ms
525ms Document
text/html 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache / PHP/7.1.33
Resource Hash: 10cf2f0239a076753a1f5bfb1f515164c828a5f8e91e7668693c6a30efdf1540

Request headers

Host: www.zitauto.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:36 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Cache-Control: no-cache, private
Set-Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; expires=Wed, 09-Jun-2021 04:01:37 GMT; Max-Age=7200; path=/; HttpOnly
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 81ms
29ms Script
application/x-javascript 143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-92.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2af245a0c8c42d80125c0e1e67379e3626cba969f30e958a6c3d3b379822fcf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 60747
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 08 Jun 2021 09:09:11 GMT
content-length: 6921
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Jun 2021 09:08:48 GMT
server: AmazonS3
etag: "02d701f294542bd92e2231f26ee2f81e"
content-type: application/x-javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: BXUDLPL2xHLg_fH1-ckwel5g1DbL2lWe5_Sd-pWIC6NR_HT8bnNV0A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 86 KB
34 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-947864980

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24daec53f4034d81068ebfc21bc6baf36820f5d7fddd7e8985af30c76e585e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34567
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 00:15:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Jun 2021 02:01:37 GMT

GET
H2 200 tempusdominus-bootstrap-4.min.css
cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.0.1/css/ 9 KB
2 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.0.1/css/tempusdominus-bootstrap-4.min.css

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e59ff803d3b6886f3a09adbb3b080cc0b99162df5b8cb3a81293d7cbbca1892b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3556580
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1311
cf-request-id: 0a901a046300004aa454202000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff9-2368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7Xcc1j7L9H8wU09ZF6tnXOSF8cgcOXLYMWwuRsnYR4TcZT2iCx9sAbYkLlQk7KfGRR7JuVklpZ24jsM0SGXdRqKp6iOeqioXW4BjT6ulSiWAt6ubojO0wORmOJQVC1gYetCCtBouV8h%2BFzVwIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65c6c5e70ce84aa4-FRA
expires: Mon, 30 May 2022 02:01:37 GMT

GET
H/1.1 200
OK 9779bef858372169c905a2272b3e5fe7-1573223338
www.zitauto.com/combine/ 204 KB
204 KB 207ms
114ms Stylesheet
text/css 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: f7e4982ab1b393c13e211fce09e0538a2c12c37b3c2650a47445c882ed34dd38

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 08 Nov 2019 14:28:58 GMT
Server: Apache
ETag: "9779bef858372169c905a2272b3e5fe7"
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Cache-Control: public
Connection: close

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4772654
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1618
cf-request-id: 0a901a046400004aa4249f2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XvNlHDYNPhXPStHe%2FrlsfNWwnOpHwvlmYS4rbLUgjsKsPYWgVqvMSP4lHzu6Zx213VV%2B7LOV0JC%2FWqkjb3OOgl%2BA5DCaLdeOoXKbGTf5FINV3MzI9pKIZ2sMM%2FNIDV%2BessTdj2rFslJPL9jvBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65c6c5e70cea4aa4-FRA
expires: Mon, 30 May 2022 02:01:37 GMT

GET
H/1.1 200
OK zitauto_logo.png
www.zitauto.com/themes/zitauto/assets/images/ 152 KB
153 KB 138ms
46ms Image
image/png 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/themes/zitauto/assets/images/zitauto_logo.png
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 0d2dff017bee7e4844a53e448299258388dc0170292e0d2e3c2b3289b224b703

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Tue, 27 Mar 2018 12:09:21 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 156045
Content-Type: image/png

GET
H2 200 tp.min.js Show response
invitejs.trustpilot.com/ 10 KB
4 KB 78ms
25ms Script
application/javascript 143.204.98.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invitejs.trustpilot.com/tp.min.js
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-72.fra50.r.cloudfront.net
Software: /
Resource Hash: 6ac94ae77db80cf96c09b5e6bb322f5e76948d69604faed836710c1880ce49c4

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 18:29:23 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 08:13:35 GMT
age: 27134
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
x-amz-cf-id: wLhK2u5BIfaTRTw12icvzlp5TEOffMOWkXjTMGNhrHs01_VauDbkzQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1365
date: Wed, 09 Jun 2021 01:38:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 09 Jun 2021 03:38:52 GMT

GET
H/1.1 200
OK no_hidden_charges.png
www.zitauto.com/storage/app/media/ 171 KB
172 KB 139ms
46ms Image
image/png 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/no_hidden_charges.png
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: ade4e100dcebbbc3065f81e25d2353d691d611eace08122e8f75b4123f8f3550

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 02 Aug 2019 10:08:25 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 175495
Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ecf0ccc7afe2aee46687d2f6b39d4c07e6cd0c61ddc19fdde71c3725f192d31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48457
x-xss-protection: 0
server: cafe
etag: 1752064910834975785
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 02:01:37 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=864397113&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zitauto.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Zitauto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1230733213&gjid=903881630&cid=393332898.1623204097&tid=UA-51184539-33&_gid=945628269.1623204097&_r=1&_slc=1&z=1752624033

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zitauto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vilamoura.jpg
www.zitauto.com/storage/app/media/visits/ 118 KB
119 KB 140ms
46ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/visits/vilamoura.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 12b7584afe9c60d4c49cb2aa744ac5d9c82a3ecc5a2d3f5bfca25e1199607cf3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 23 Mar 2018 15:06:40 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 121309
Content-Type: image/jpeg

GET
H/1.1 200
OK vale_do_lobo.jpg
www.zitauto.com/storage/app/media/visits/ 83 KB
83 KB 141ms
46ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/visits/vale_do_lobo.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 866f5ff3f77a2ca6269ce25c0b42e79726652ed29033ed540d91893bb497cbf5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 23 Mar 2018 15:06:40 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 84918
Content-Type: image/jpeg

GET
H/1.1 200
OK albufeira.jpg
www.zitauto.com/storage/app/media/visits/ 160 KB
160 KB 141ms
46ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/visits/albufeira.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: ecb917e9dc3657d2cd9eb8d6d680063a3d5d2d29f837307523b7992a049627ad

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 23 Mar 2018 15:06:40 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 163604
Content-Type: image/jpeg

GET
H/1.1 200
OK 11ebbb37d7009d09e7841befeb1c6c11-1524495182 Show response
www.zitauto.com/combine/ 252 KB
252 KB 203ms
111ms Script
application/javascript 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zitauto.com/combine/11ebbb37d7009d09e7841befeb1c6c11-1524495182
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 9e4338ae7a1e6417e2a7b186f8e0cf41f3a308527588a59f124af290da06d338

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Mon, 23 Apr 2018 14:53:02 GMT
Server: Apache
ETag: "11ebbb37d7009d09e7841befeb1c6c11"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public
Connection: close

GET
H3-29 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/ 319 KB
53 KB 15ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment-with-locales.min.js

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b9ad34701d1b38cdb1436d5981b9e71c44f710d3cf8805eb7c7fa6b297287d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2958627
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 53699
cf-request-id: 0a901a048e000005e91c931000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-4fc01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pdf5aDCkDkLmZKXQfPmrGxmuNzuOh%2FY%2FF1zePEMlS2Fa4xLKB%2BmbgSRgyK9VuGvk7G%2FEXPqwU7VKCoXanZKzIW3mxkvyU%2FX03K%2Fvh8l4hQywD8ROoPS03HeRoCB8IxAH2XTz1gPFsFK1ON2k7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65c6c5e74cce05e9-FRA
expires: Mon, 30 May 2022 02:01:37 GMT

GET
H3-29 200 moment-timezone-with-data-2012-2022.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.21/ 32 KB
9 KB 26ms
24ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.21/moment-timezone-with-data-2012-2022.min.js

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ffb9c1e8b8cc2a1f8bb33a0fe1db19c5db1413acb2136ff9a2094a87411a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2956947
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8080
cf-request-id: 0a901a048e000005e9eba4f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-8040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fkMUp%2BngNGOXyE8vgqJNOMyRVTQYZjfmwGAF3mkd%2F9PqoN%2BZ3IR0ZXbM1sjHQiMPNfkOfMp6%2FSQtOwKhdPkIxsKT%2B4sSeUKUsxQaG2JgISMe9aAQYBvcYE%2FgI4hkCLUkceBCYKrWy5PH3suPMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65c6c5e74cd005e9-FRA
expires: Mon, 30 May 2022 02:01:37 GMT

GET
H3-29 200 tempusdominus-bootstrap-4.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.0.1/js/ 55 KB
11 KB 27ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.0.1/js/tempusdominus-bootstrap-4.min.js

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e0318c345dffa23b41180b8a675fcb52e2f983ab28ed27d7707d230c8d266e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1745870
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10497
cf-request-id: 0a901a0490000005e90f26c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff9-dd05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D%2FWI7nNyX0B2PXW9fLipV4r5IjiFuwNBBDnETGfFOuDKv5BOkAaQG11lLWiCvGoGBq4YuHDoGf%2F%2FIvMDQspneFGg9nYrlV32pIGAHDcJhzS5uaHQv2ejtMIvIB50iGvVWTOp7vyR3GOQCs6wtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65c6c5e74cd105e9-FRA
expires: Mon, 30 May 2022 02:01:37 GMT

GET
H/1.1 200
OK custom.js Show response
www.zitauto.com/plugins/stronganswer/weatherchecker/assets/js/ 1 KB
1 KB 138ms
46ms Script
application/javascript 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zitauto.com/plugins/stronganswer/weatherchecker/assets/js/custom.js
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 260aed12ac71ab9bf36c313c344a72b37ef02bf0450c31bab519f0bdaff43913

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Tue, 27 Mar 2018 12:15:28 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1262
Content-Type: application/javascript

GET yql
query.yahooapis.com/v1/public/ 0
0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 90ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-947864980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cad013d9042fff980bceebcf6bc4875f185a74e90acf06d4ab576ef88acc9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13938
x-xss-protection: 0
server: cafe
etag: 13764500066822648461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 02:01:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-51184539-33&cid=393332898.1623204097&jid=1230733213&gjid=903881630&_gid=945628269.1623204097&_u=IEBAAEAAAAAAAC~&z=2073196301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Jun 2021 02:01:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.zitauto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-51184539-33&cid=393332898.1623204097&jid=1230733213&_u=IEBAAEAAAAAAAC~&z=373613488

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-51184539-33&cid=393332898.1623204097&jid=1230733213&_u=IEBAAEAAAAAAAC~&z=373613488

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947864980/ 2 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947864980/?random=1623204097267&cv=9&fst=1623204097267&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa621&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.zitauto.com%2F&tiba=Home%20-%20Zitauto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f183fc9001c7046d6ad947d727f3d88c6731e21ae14a3692fa5370631669470b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/947864980/ 42 B
64 B 30ms
28ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947864980/?random=1623204097267&cv=9&fst=1623204000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa621&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.zitauto.com%2F&tiba=Home%20-%20Zitauto&async=1&fmt=3&is_vtc=1&random=2954418296&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/947864980/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947864980/?random=1623204097267&cv=9&fst=1623204000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa621&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.zitauto.com%2F&tiba=Home%20-%20Zitauto&async=1&fmt=3&is_vtc=1&random=2954418296&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 2008_2.jpg
www.zitauto.com/storage/app/media/slider/ 213 KB
213 KB 141ms
46ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/slider/2008_2.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 32b6ef882eaefb472331bc0f03fddfc69cb626f8636530d6b470f2a418e27310

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 19 Mar 2021 10:40:02 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 218199
Content-Type: image/jpeg

GET
H/1.1 200
OK image-03.jpg
www.zitauto.com/storage/app/media/slider/ 247 KB
247 KB 142ms
47ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/slider/image-03.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: a79306bae17474da5f4e6b86f41c023d9b1561851b1cf17f3c099a2666a2f425

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 09 Aug 2019 09:46:48 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 252723
Content-Type: image/jpeg

GET
H/1.1 404
Not Found Cookie set 2008_3.jpg
www.zitauto.com/storage/app/media/slide/ 0
598 B 234ms
139ms Image
text/html 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/slide/2008_3.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Content-Type: text/html; charset=UTF-8
Set-Cookie: zitauto_session=eyJpdiI6IlViRE1FU1I3MytBYXpkWjhzbHBCK1E9PSIsInZhbHVlIjoicmdUNk1icm1vUHRoVWpLRXVNMFlad1IwamcxdkxDYjNCQnBhcEhmSGtnaUM0SWpQVG9kbFc1cXFnK0FJSWloVlhvMEI3VVR5Y1lRTDFPMnlMY0YraHc9PSIsIm1hYyI6IjYyOTQwYzcwNzRjNDhlMzFiNmViOWI3NmY3NGM2MTViNjdmN2ZiOGMzNTE3NjYyZmZkZWFiOWVhMGE4YjE4MmQifQ%3D%3D; expires=Wed, 09-Jun-2021 04:01:37 GMT; Max-Age=7200; path=/; HttpOnly
Cache-Control: no-cache, private
Connection: close
Content-Length: 0

GET
H/1.1 200
OK 2008_1.jpg
www.zitauto.com/storage/app/media/slider/ 181 KB
181 KB 179ms
46ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/slider/2008_1.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 935dbcdac9d16cad1bb4c98abf1ee065ffec4f503da05ad1a561dcdc3964755b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 19 Mar 2021 10:40:02 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 185046
Content-Type: image/jpeg

GET
H/1.1 200
OK background_i.jpg
www.zitauto.com/storage/app/media/ 222 KB
222 KB 139ms
46ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/background_i.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 1f4a09a23422dd6ad4e6eb8ed9f87d198619286bbaf10ee1bac9954382079629

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 23 Mar 2018 15:06:35 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 227525
Content-Type: image/jpeg

GET
H/1.1 200
OK background.jpg
www.zitauto.com/storage/app/media/ 1 MB
1 MB 138ms
46ms Image
image/jpeg 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitauto.com/storage/app/media/background.jpg
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Referer: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 23 Mar 2018 15:06:34 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1438564
Content-Type: image/jpeg

GET
H2 200 S6u9w4BMUTPHh7USSwiPHA.ttf
fonts.gstatic.com/s/lato/v17/ 62 KB
33 KB 8ms
6ms Font
font/ttf 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPHA.ttf

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1fd91d8a429d51fb8df45a0a16dbc19dfa4b89d40cab7ee81ba68edb6ad58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 23:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33653
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:05 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:28:11 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.zitauto.com/themes/zitauto/assets/fonts/ 75 KB
76 KB 101ms
46ms Font
font/woff2 94.46.13.117
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zitauto.com/themes/zitauto/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.zitauto.com
URL: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.46.13.117 , Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: zitauto.pt
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.zitauto.com
Accept-Encoding: gzip, deflate, br
Host: www.zitauto.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
Cookie: zitauto_session=eyJpdiI6InU3SnBjRElybmpDWE55bzV4RURKR3c9PSIsInZhbHVlIjoidjNJN0hZYWd0UDA0Z2Jld2hQVU41MHpiY1lrWWhXODM2NEFkQXVLN0pXdFlwYU1xeERUTW92Yk8xRXlXZFdMWEV4YWhpS1JuMjh6VzMwTjVFYXV1S2c9PSIsIm1hYyI6ImE2ZDJjZDZiNzY4OGM1YjgxNGRkNjc0MTRhYjg5YTVkMTkxMjQ3YmI4Njg2ZDM5YWJiMTFlNzNmMDc0MzQxNmIifQ%3D%3D; _ga=GA1.2.393332898.1623204097; _gid=GA1.2.945628269.1623204097; _gat=1
Connection: keep-alive
Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/combine/9779bef858372169c905a2272b3e5fe7-1573223338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:37 GMT
Last-Modified: Fri, 23 Mar 2018 15:07:10 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 77160
Content-Type: font/woff2

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210603/r20190131/ 231 KB
85 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210603/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5532084445226293&plah=www.zitauto.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91ed8b909c7841f868db32297ac0cbf2f772b088524cbd13a03e13853e0fb3f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87398
x-xss-protection: 0
server: cafe
etag: 13442914087995955003
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 02:01:37 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210603/r20190131/ Frame C896 10 KB
4 KB 16ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210603/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210603/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zitauto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zitauto.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Jun 2021 15:52:23 GMT
expires: Tue, 22 Jun 2021 15:52:23 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 36554
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20No%20slot%20size%20for%20availableWidth%3D0%0Aat%20Ok%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A158%3A453)%0Aat%20Nk%20(adsbygoogle.js%3A157%3A137)%0Aat%20%24k%20(adsbygoogle.js%3A164%3A238)%0Aat%20mm%20(adsbygoogle.js%3A208%3A501)%0Aat%20Cm%20(adsbygoogle.js%3A212%3A108)%0Aat%20Bm%20(adsbygoogle.js%3A211%3A622)%0Aat%20Km%20(adsbygoogle.js%3A225%3A330)%0Aat%20adsbygoogle.js%3A220%3A47%0Aat%20Ge.n.la%20(adsbygoogle.js%3A66%3A804)%0Aat%20Oe%20(adsbygoogle.js%3A74%3A106)&shv=r20210603&eid=42530671%2C21065725&client=ca-pub-5532084445226293&slotname=9477749012&url=https%3A%2F%2Fwww.zitauto.com%2F

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK geoip Show response
ip.seeip.org/ 347 B
647 B 625ms
117ms Script
application/json 2602:fed3:2:b74f:112:9a23:af4f:2219
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.seeip.org/geoip?callback=_1623204097600

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2602:fed3:2:b74f:112:9a23:af4f:2219 Portland, United States, ASN19969 (JOESDATACENTER, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e940881c7d97f37cf4d49224da0610cb8df395b90ebdf0f345a09bb6e45ab379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 02:01:38 GMT
Server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 347

GET
H2 200 default Show response
embed.tawk.to/5d48433d7d27204601c9618f/ 2 KB
968 B 33ms
16ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5d48433d7d27204601c9618f/default

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a63148b338084385477e63e15e8d5379f528d0a289bf49db2c14c8f1e0977ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0653000024884d248000000001
server: cloudflare
etag: W/"stable-v4-60bf24e0c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 65c6c5ea1ae92488-FRA
expires: Wed, 09 Jun 2021 03:01:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
642 B 98ms
40ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zitauto.com&callback=_gfp_s_&client=ca-pub-5532084445226293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210603/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5532084445226293&plah=www.zitauto.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f14ce15a3e1f2ded7a28cd779756e2f78993c50c961d2ab466347eaace7861b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zitauto.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zitauto.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00FB 119 KB
39 KB 401ms
401ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=7687010183&adk=2031393337&adf=3499367324&pi=t.ma~as.7687010183&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097577&bpp=2&bdt=486&idt=96&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1376422926181&frm=20&pv=2&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TsLnhmdhAs&p=https%3A//www.zitauto.com&dtd=122

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c5975e66e1a70d0e9ee6653c198e3b27afcec798c3125213937fa480389e97

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_vkb26ifECFQb6dwodUpEMew&gqi=ASHAYPOiK8vP7_UP2_2pmAk&layout=/sadbundle/%24csp%253Der3%24/5902880581523090733/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=7687010183&adk=2031393337&adf=3499367324&pi=t.ma~as.7687010183&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097577&bpp=2&bdt=486&idt=96&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1376422926181&frm=20&pv=2&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TsLnhmdhAs&p=https%3A//www.zitauto.com&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zitauto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zitauto.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_vkb26ifECFQb6dwodUpEMew&gqi=ASHAYPOiK8vP7_UP2_2pmAk&layout=/sadbundle/%24csp%253Der3%24/5902880581523090733/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Jun 2021 02:01:38 GMT
server: cafe
content-length: 39539
x-xss-protection: 0
set-cookie: IDE=AHWqTUkLyn7aWmXJmKOZAR0m9M3A9z09x9AxTxHnuvldRpRKi5gVzt24QPcsZpstyZA; expires=Mon, 04-Jul-2022 02:01:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Jun 2021 02:01:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Wed, 09 Jun 2021 02:01:37 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame DC25 6 KB
2 KB 25ms
25ms Document
text/html 143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=607716edf47b6400017d93da

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-92.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8b17b12a46bcc8cfb1b0873fddf84dd8360ec0424ea090d0d7df5ba11f0e358a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: widget.trustpilot.com
:scheme: https
:path: /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=607716edf47b6400017d93da
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zitauto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zitauto.com/

Response headers

content-type: text/html
content-length: 1796
last-modified: Wed, 24 Feb 2021 10:38:49 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 08 Jun 2021 09:04:20 GMT
cache-control: max-age=86400
etag: "cd69f4d5ed17d150e89a02d3bc8839ce"
x-cache: Hit from cloudfront
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3OGaomYZv8C9IJ_AdPgv_1uNEqdoBmWWBnGS5aYqT2vtrViBHIUa3A==
age: 61038

GET
H3-29 200 ads
googleads.g.doubleclick.net/pagead/ Frame 490B 76 KB
26 KB 743ms
742ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=3197100833&adk=750410168&adf=3052806192&pi=t.ma~as.3197100833&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097579&bpp=1&bdt=488&idt=177&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Fzhbsiov6y&p=https%3A//www.zitauto.com&dtd=179

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=3197100833&adk=750410168&adf=3052806192&pi=t.ma~as.3197100833&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097579&bpp=1&bdt=488&idt=177&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Fzhbsiov6y&p=https%3A//www.zitauto.com&dtd=179
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zitauto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zitauto.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Jun 2021 02:01:38 GMT
server: cafe
content-length: 26227
x-xss-protection: 0
set-cookie: IDE=AHWqTUldt6cttEYnBsRjT08ZKHmohEoQymnFAWorSw3MTm_tH9eXX4xSsq8DuNBX7lE; expires=Mon, 04-Jul-2022 02:01:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Jun 2021 02:01:38 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D1A 120 KB
39 KB 426ms
426ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=4085363444&adk=1318526401&adf=1130078198&pi=t.ma~as.4085363444&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097599&bpp=1&bdt=508&idt=169&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=YlHwmjWHyV&p=https%3A//www.zitauto.com&dtd=172

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a0864b78126fc9bced36889f61b3f7adac88164edc38a2270568eb9474e3617

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPKjlr26ifECFcOrdwod6dwHmA&gqi=ASHAYJbeL8XK7_UPud-22AE&layout=/sadbundle/%24csp%253Der3%24/5902880581523090733/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=4085363444&adk=1318526401&adf=1130078198&pi=t.ma~as.4085363444&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097599&bpp=1&bdt=508&idt=169&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=YlHwmjWHyV&p=https%3A//www.zitauto.com&dtd=172
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zitauto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zitauto.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPKjlr26ifECFcOrdwod6dwHmA&gqi=ASHAYJbeL8XK7_UPud-22AE&layout=/sadbundle/%24csp%253Der3%24/5902880581523090733/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Jun 2021 02:01:38 GMT
server: cafe
content-length: 39611
x-xss-protection: 0
set-cookie: IDE=AHWqTUkCvK4xpUMcTOUeFWjlcj4WfsRVN5U8R4i5RV7fi58IJCa03BO8BCLAcQ_Zjlc; expires=Mon, 04-Jul-2022 02:01:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Jun 2021 02:01:38 GMT
cache-control: private

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame DC25 52 KB
16 KB 29ms
29ms Script
application/x-javascript 143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=607716edf47b6400017d93da

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-92.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

43d664ff8fa70e1adb5687a83abfb0f8459867d7f8d437deeb5ddb87b845fba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=607716edf47b6400017d93da
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16220
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Feb 2021 10:38:50 GMT
server: AmazonS3
etag: "fd5a2b2b74555c9f2479baa5c2e766d6"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: RooLHbD_lGtvNqAQKHqSPeacQFlIq9pL98IzOBkIbWEmg6KmhJIzQQ==

GET
H2 200 5419b6a8b0d04a076446a9ad Show response
widget.trustpilot.com/trustbox-data/ Frame DC25 945 B
889 B 25ms
24ms XHR
application/json 143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=607716edf47b6400017d93da&locale=en-GB

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-92.fra50.r.cloudfront.net

Software

Resource Hash

3448a1cc7f26f2798da600d4f376a66c16d2ddf2026d349a4fa8feed8ec0cc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=607716edf47b6400017d93da
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 24
x-cache: Hit from cloudfront
date: Wed, 09 Jun 2021 02:01:13 GMT
content-length: 433
x-xss-protection: 1; mode=block
x-skip-cache-cookie: 0
etag: "81ade2e773c15638f389a7e83e1b4b86"
vary: Accept-Encoding
x-fallback-status: BYPASS
content-type: application/json; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: public,max-age=1800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SLK92BNWm34ZB2HzewdBupqiFvwu_lKmH4cbXN7rPqNh0j1-zexThw==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame DC25 0
309 B 52ms
52ms XHR
text/plain 143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=100px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.zitauto.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=607716edf47b6400017d93da&widgetId=5419b6a8b0d04a076446a9ad

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-92.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=607716edf47b6400017d93da
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: GwpiVlpFj2f7YEzuCjok_zExYcMU9ORweLyCWG0WpU-t1Ap5lmJX_g==
x-xss-protection: 1; mode=block

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 00FB 67 B
533 B 25ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=7687010183&adk=2031393337&adf=3499367324&pi=t.ma~as.7687010183&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097577&bpp=2&bdt=486&idt=96&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1376422926181&frm=20&pv=2&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TsLnhmdhAs&p=https%3A//www.zitauto.com&dtd=122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 18:55:15 GMT
x-content-type-options: nosniff
server: cafe
age: 25583
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 09 Jun 2021 18:55:15 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/ Frame D203 16 KB
4 KB 29ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb3d8ae4e0944c270ea320e95e7128589deaa0e283543d266718ec127e1d40c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5902880581523090733/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3608
date: Tue, 08 Jun 2021 19:03:00 GMT
expires: Wed, 08 Jun 2022 19:03:00 GMT
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25118
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6741 0
0 19ms
17ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsDAAASHAYI_rK4b03wPSorLYB4rMmq1h8fTowJMN2dkeEAEgxaelLGCVAqABtZDEwAPIAQmoAwHIA0iqBLsBT9DxOYYI_8zigSMgnR1KJDyOPkROVUadBv0wIX6LsgFwDU9GPBlTQAPKqK3hTs8j-7qA6Tox6ygeIeRyuwhn04Q-ZvUoW946AWv4vQlsy4d31v6q0K7olp_nPNz3x-AWSr1g6lCU55mvkR1IogTscIBtxrRdc-yGnsmLLeJCib63f29d9N3i1e7qCyQQgiIrikmAOHzV2eqBgA7mlPNTetyXOulUNO8lRDkuH0RC_mlLcmLgGyHerUPO_MAE3ZzLy6gDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7Pvuz-oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQo_h00ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTU1MzIwODQ0NDUyMjYyOTM&sigh=I8EXT5g-yPc&template_id=419

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=7687010183&adk=2031393337&adf=3499367324&pi=t.ma~as.7687010183&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097577&bpp=2&bdt=486&idt=96&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1376422926181&frm=20&pv=2&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TsLnhmdhAs&p=https%3A//www.zitauto.com&dtd=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Jun 2021 02:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 6741 17 KB
7 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:29:08 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 6741 2 KB
1 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:17:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6741 122 KB
37 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Wed, 09 Jun 2021 02:01:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 6741 13 KB
6 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 21:53:55 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D440 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=7687010183&adk=2031393337&adf=3499367324&pi=t.ma~as.7687010183&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097577&bpp=2&bdt=486&idt=96&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1376422926181&frm=20&pv=2&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TsLnhmdhAs&p=https%3A//www.zitauto.com&dtd=122
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkCvK4xpUMcTOUeFWjlcj4WfsRVN5U8R4i5RV7fi58IJCa03BO8BCLAcQ_Zjlc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=7687010183&adk=2031393337&adf=3499367324&pi=t.ma~as.7687010183&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097577&bpp=2&bdt=486&idt=96&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1376422926181&frm=20&pv=2&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TsLnhmdhAs&p=https%3A//www.zitauto.com&dtd=122

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 09 Jun 2021 01:45:08 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 990
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6741 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f737b71806882f07d9ccc5a06779f75b0ffe9d9b74f7a357eaf0407aab3ee782

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 6741 0
20 B 28ms
14ms Other
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_vkb26ifECFQb6dwodUpEMew&gqi=ASHAYPOiK8vP7_UP2_2pmAk&layout=/sadbundle/%24csp%253Der3%24/5902880581523090733/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D203 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 09 Jun 2021 17:48:12 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D203 26 KB
10 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 09 Jun 2021 22:25:59 GMT

GET
H3-29 200 0f8e3698ba24ee14634af14275093191.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/ Frame D203 74 KB
19 KB 10ms
8ms Script
application/x-javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/0f8e3698ba24ee14634af14275093191.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e933cda2759567f9067d8cd22f3dc10aca9aa5d69781ec9e3c12cc613f0657

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 39160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19328
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 15:08:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:08:58 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 3D1A 67 B
91 B 10ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=4085363444&adk=1318526401&adf=1130078198&pi=t.ma~as.4085363444&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097599&bpp=1&bdt=508&idt=169&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=YlHwmjWHyV&p=https%3A//www.zitauto.com&dtd=172

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 18:55:15 GMT
x-content-type-options: nosniff
server: cafe
age: 25583
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 09 Jun 2021 18:55:15 GMT

GET
H3-29 200 index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/ Frame 0CEC 16 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5902880581523090733/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3608
date: Tue, 08 Jun 2021 19:03:00 GMT
expires: Wed, 08 Jun 2022 19:03:00 GMT
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25118
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F694 0
0 32ms
32ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLeVGASHAYLKfMMPX3gPpuZ_ACYrMmq1h8fTowJMN2dkeEAEgxaelLGCVAqABtZDEwAPIAQmoAwHIA0iqBLgBT9B0o4fUZ4PKgCki1WudSFnV49EHKTAHoQely8Ux8J3Z82idaEKbsQGr-8kbkaq5rCiJIQStPqN_dgVnjRZvTP-XHpodZo9fI0T_Km7_WFfl4uPbxhxTQt5hNiV9Y8cJLQs-eZ21hOnl9VJQaIFsmJ9QzrTzotX_xOdTPiuol4wMLKLfSBWSNuub4ensWM8DWE0njRN5r3MNrRtTZiC8_OhbvNf96TLGLjiRbweYNnoRFg_qbPlXtcAE3ZzLy6gDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7Pvuz-oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ1tA00ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTU1MzIwODQ0NDUyMjYyOTM&sigh=M_jlwkh9EvQ&template_id=419

Requested by

Host: www.zitauto.com
URL: https://www.zitauto.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=4085363444&adk=1318526401&adf=1130078198&pi=t.ma~as.4085363444&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097599&bpp=1&bdt=508&idt=169&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=YlHwmjWHyV&p=https%3A//www.zitauto.com&dtd=172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Jun 2021 02:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/ Frame F694 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97bd8342439af3d67fd67c50ae141bd62f62d621104f58e75f61f054d5c06983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 01:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 17852637887628504664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 01:57:07 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame F694 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 01:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 01:57:58 GMT

GET
H3-29 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F694 122 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Wed, 09 Jun 2021 02:01:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame F694 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 00:16:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D203 3 KB
552 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/0f8e3698ba24ee14634af14275093191.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 00:59:20 GMT
server: ESF
date: Wed, 09 Jun 2021 02:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Jun 2021 02:01:38 GMT

GET
H3-29 200 fceaebf005e29f9dc44495999ce8d801.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/ Frame D203 44 KB
44 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/fceaebf005e29f9dc44495999ce8d801.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44739
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 23:21:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:21:26 GMT

GET
H3-29 200 5ca6559475f0295ec225ecdd393d86d5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/ Frame D203 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/5ca6559475f0295ec225ecdd393d86d5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2526
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 11:35:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:35:15 GMT

GET
H3-29 200 3e60c7981fb6209365ffc4524c4442ae.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/ Frame D203 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/3e60c7981fb6209365ffc4524c4442ae.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 32018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2322
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 17:08:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 17:08:00 GMT

GET
H3-29 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame 4FC0 143 B
163 B 11ms
10ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=4085363444&adk=1318526401&adf=1130078198&pi=t.ma~as.4085363444&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097599&bpp=1&bdt=508&idt=169&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=YlHwmjWHyV&p=https%3A//www.zitauto.com&dtd=172
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkCvK4xpUMcTOUeFWjlcj4WfsRVN5U8R4i5RV7fi58IJCa03BO8BCLAcQ_Zjlc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=4085363444&adk=1318526401&adf=1130078198&pi=t.ma~as.4085363444&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097599&bpp=1&bdt=508&idt=169&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=YlHwmjWHyV&p=https%3A//www.zitauto.com&dtd=172

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 09 Jun 2021 01:45:08 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 990
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D440
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkCvK4xpUMcTOUeFWjlcj4WfsRVN5U8R4i5RV7fi58IJCa03BO8BCLAcQ_Zjlc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Jun 2021 02:01:38 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 09-Jun-2021 03:01:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Jun 2021 02:01:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Jun 2021 02:01:38 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame F694 0
20 B 17ms
14ms Other
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPKjlr26ifECFcOrdwod6dwHmA&gqi=ASHAYJbeL8XK7_UPud-22AE&layout=/sadbundle/%24csp%253Der3%24/5902880581523090733/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0CEC 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 09 Jun 2021 17:48:12 GMT

GET
H3-29 200 addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0CEC 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 09 Jun 2021 22:25:59 GMT

GET
H3-29 200 0f8e3698ba24ee14634af14275093191.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/ Frame 0CEC 74 KB
19 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/0f8e3698ba24ee14634af14275093191.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 39160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19328
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 15:08:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:08:58 GMT

GET
DATA 200
OK truncated
/ Frame F694 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame D203 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:05:33 GMT
x-content-type-options: nosniff
age: 46565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19440
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:05:33 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame D203 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 23:08:35 GMT
x-content-type-options: nosniff
age: 10383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:08:35 GMT

GET
H3-29 200 fceaebf005e29f9dc44495999ce8d801.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/ Frame 0CEC 44 KB
44 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/fceaebf005e29f9dc44495999ce8d801.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/0f8e3698ba24ee14634af14275093191.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 9612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44739
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 23:21:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:21:26 GMT

GET
H3-29 200 5ca6559475f0295ec225ecdd393d86d5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/ Frame 0CEC 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/5ca6559475f0295ec225ecdd393d86d5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/0f8e3698ba24ee14634af14275093191.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2526
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 11:35:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:35:15 GMT

GET
H3-29 200 3e60c7981fb6209365ffc4524c4442ae.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/ Frame 0CEC 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/media/3e60c7981fb6209365ffc4524c4442ae.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/0f8e3698ba24ee14634af14275093191.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 32018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2322
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 15:54:51 GMT
server: sffe
date: Tue, 08 Jun 2021 17:08:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 17:08:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0CEC 3 KB
552 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5902880581523090733/0f8e3698ba24ee14634af14275093191.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 00:34:31 GMT
server: ESF
date: Wed, 09 Jun 2021 02:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Jun 2021 02:01:38 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 490B 3 KB
578 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=3197100833&adk=750410168&adf=3052806192&pi=t.ma~as.3197100833&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097579&bpp=1&bdt=488&idt=177&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Fzhbsiov6y&p=https%3A//www.zitauto.com&dtd=179

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 00:06:36 GMT
server: ESF
date: Wed, 09 Jun 2021 02:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Jun 2021 02:01:38 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 0CEC 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:05:33 GMT
x-content-type-options: nosniff
age: 46565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19440
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:05:33 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 0CEC 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 23:08:35 GMT
x-content-type-options: nosniff
age: 10383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:08:35 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4FC0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUldt6cttEYnBsRjT08ZKHmohEoQymnFAWorSw3MTm_tH9eXX4xSsq8DuNBX7lE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Jun 2021 02:01:38 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 09-Jun-2021 03:01:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Jun 2021 02:01:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Jun 2021 02:01:38 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 490B 1 KB
919 B 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 01:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 01:49:57 GMT

GET
H3-29 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/ Frame 490B 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 01:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 17852637887628504664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 01:57:07 GMT

GET
H3-29 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 490B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 01:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 01:57:58 GMT

GET
H3-29 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 490B 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Wed, 09 Jun 2021 02:01:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 490B 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 00:16:14 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 490B 0
0 14ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOYGwQofXjDvVIjyTMisxaNfsHKWkMOZbeNvImrGRaELqwqP8N8AMdfHy9b0RpREYs7Iop7LgNts2RTF0WehtbnwLixA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=3197100833&adk=750410168&adf=3052806192&pi=t.ma~as.3197100833&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097579&bpp=1&bdt=488&idt=177&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Fzhbsiov6y&p=https%3A//www.zitauto.com&dtd=179
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ef1eb58ff665bb7a112fcf12029c3c9f.js
www.gstatic.com/mysidia/ Frame 490B 25 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:36:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10553
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Sep 2021 19:36:46 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16213195996289719417/ Frame 490B 21 KB
21 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16213195996289719417/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:54:49 GMT
x-content-type-options: nosniff
age: 43609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21079
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 14:39:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:54:49 GMT

GET
DATA 200
OK truncated
/ Frame 490B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame D203 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 20:19:30 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 490B 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Crb48ASHAYJ-sL8r53gO-mZT4DvfgzZZjq92Q24IO9MK1q64BEAEgxaelLGCVAqABncXg7wLIAQmpAr4GrA3ia7Q-qAMByAPLBKoEsgFP0MgitlMQvy9UFaNYXvy77k6dyMZNmEjfubYEEVYkwCY6gyluXgBQE4fOGnFf4CtYWpT0wVQ4VltdN9DKL--nieovQe85siIOCcglFrJttBEh6ykRgh0kbkkd5hYNJGN1fu3YFi5jRbpkCpy03Go51v0aciERaVuH8_QAIYvyIcsEjBWos01_oxDNyGFjCxwpidG83TO2gLCJGOxUWLwxx-t277kjYTQLMgG9ToC9LHRiwATO3663xgOSBQQIBBgBkgUECAUYBKAGLoAHk52hkAGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ3L4n0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDdAVAYAXAbIXGgoYCAASFHB1Yi01NTMyMDg0NDQ1MjI2Mjkz&sigh=o0Orkr4Hio0&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5532084445226293&output=html&h=280&slotname=3197100833&adk=750410168&adf=3052806192&pi=t.ma~as.3197100833&w=1110&fwrn=4&fwrnh=100&lmt=1623204097&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zitauto.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623204097579&bpp=1&bdt=488&idt=177&shv=r20210603&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=1376422926181&frm=20&pv=1&ga_vid=393332898.1623204097&ga_sid=1623204098&ga_hid=864397113&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C21065725&oid=3&pvsid=1245260949648976&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Fzhbsiov6y&p=https%3A//www.zitauto.com&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Jun 2021 02:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 798B 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Jun 2021 05:40:48 GMT
expires: Wed, 09 Jun 2021 05:40:48 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 73250
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 490B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 490B 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:29:03 GMT
x-content-type-options: nosniff
age: 37955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:29:03 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 490B 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:10:35 GMT
x-content-type-options: nosniff
age: 13863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:10:35 GMT

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame 0CEC 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 20:19:30 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 798B 35 B
463 B 44ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECgKxwDGfm7cmc3ISt1OgS0&google_cver=1&google_push=AYg5qPKTAKDIy-VKZRJamU3qjvOv4lnrERE10Q2mtgGvaigQz5cPMQmlK5a_DEHcevFO48Al68Au498XcaT9PEaLdCIQ33lDJIVX

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 798B
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKS1Cj1E4ogpeh8XUBONh2gWxmmgbUOqHMAeIG...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1BaEFnQUFBWDFoM3huag&google_push=AYg5qPKS1Cj1E4ogpeh8XUBONh2gWxmmgbUOqHMAeIG44m-g0C9vnmsx2t1p2HnblbxVFWxq6la8q0Pi0mar49BgMq3KGLzFp9I_

170 B
188 B

67ms
36ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1BaEFnQUFBWDFoM3huag&google_push=AYg5qPKS1Cj1E4ogpeh8XUBONh2gWxmmgbUOqHMAeIG44m-g0C9vnmsx2t1p2HnblbxVFWxq6la8q0Pi0mar49BgMq3KGLzFp9I_

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1BaEFnQUFBWDFoM3huag&google_push=AYg5qPKS1Cj1E4ogpeh8XUBONh2gWxmmgbUOqHMAeIG44m-g0C9vnmsx2t1p2HnblbxVFWxq6la8q0Pi0mar49BgMq3KGLzFp9I_
Date: Wed, 09 Jun 2021 02:01:38 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 798B
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEAP2W9XSfLh2MTooCLBPxCo&google_cver=1&google_push=AYg5qPLFiOZdMzUh2CHpNltXDJgKEP6eqIcHrUT4cYw49-2XVYKglXkFNBu4Yt2nm4_svWTNTDuJCTJjXNZIs_TL_Gv_ZW4MFqS-
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLFiOZdMzUh2CHpNltXDJgKEP6eqIcHrUT4cYw49-2XVYKglXkFNBu4Yt2nm4_svWTNTDuJCTJjXNZIs_TL_Gv_ZW4MFqS-&google_hm=Q0FFU0VBUDJXOVhTZkxoM...

170 B
188 B

65ms
34ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLFiOZdMzUh2CHpNltXDJgKEP6eqIcHrUT4cYw49-2XVYKglXkFNBu4Yt2nm4_svWTNTDuJCTJjXNZIs_TL_Gv_ZW4MFqS-&google_hm=Q0FFU0VBUDJXOVhTZkxoMk1Ub29DTEJQeENv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 02:01:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLFiOZdMzUh2CHpNltXDJgKEP6eqIcHrUT4cYw49-2XVYKglXkFNBu4Yt2nm4_svWTNTDuJCTJjXNZIs_TL_Gv_ZW4MFqS-&google_hm=Q0FFU0VBUDJXOVhTZkxoMk1Ub29DTEJQeENv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 798B
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHnDs3bkgVyVaITap8hTA9A&google_cver=1&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG
https://rtb.openx.net/sync/dds?google_gid=CAESEHnDs3bkgVyVaITap8hTA9A&google_cver=1&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG&google_hm=YeeJBr4uzfMaHULy9LTbKg==

170 B
188 B

64ms
34ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG&google_hm=YeeJBr4uzfMaHULy9LTbKg==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:37 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLwTRiyJpSNkf5jklsEkIipEhOCGB-S5SQmZ0KYijRYEon5iJIXUSzYiaVCzxzSs4WL0s2r8jb3adlTiPkvxtDeKPimYG&google_hm=YeeJBr4uzfMaHULy9LTbKg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: u8b03pth98dear07ibuojh5a5m0d9ct8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 798B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w7m8MnKsSYK7kp-NCARlwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
34ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w7m8MnKsSYK7kp-NCARlwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK-q_pP-oOqoRcT6-T9ElLUxUpgwbxzqEKvYsSn5OribGU_ihvOqtZKxJfotsQbPJo6KUC-JD5i558A73jA0wdjdrXfejbr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w7m8MnKsSYK7kp-NCARlwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK-q_pP-oOqoRcT6-T9ElLUxUpgwbxzqEKvYsSn5OribGU_ihvOqtZKxJfotsQbPJo6KUC-JD5i558A73jA0wdjdrXfejbr
date: Wed, 09 Jun 2021 02:01:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 798B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqmhu1ytglGJfywzedIRGM&google_cver=1&google_push=AYg5qPJrGJ9EFfG8ha3dn1-Rf7KFyLN7QX3-iiHz-opKe7OOyqdxGcQGfZ_tYbccc2pSouLnYBe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPVFQ2R1ctMTItODdSQQ==&google_push=AYg5qPJrGJ9EFfG8ha3dn1-Rf7KFyLN7QX3-iiHz-opKe7OOyqdxGcQGfZ_tYbccc2pSouLnYBe4zUs8SkQ4NPbSoy8zlTAArTc

170 B
188 B

64ms
34ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPVFQ2R1ctMTItODdSQQ==&google_push=AYg5qPJrGJ9EFfG8ha3dn1-Rf7KFyLN7QX3-iiHz-opKe7OOyqdxGcQGfZ_tYbccc2pSouLnYBe4zUs8SkQ4NPbSoy8zlTAArTc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPVFQ2R1ctMTItODdSQQ==&google_push=AYg5qPJrGJ9EFfG8ha3dn1-Rf7KFyLN7QX3-iiHz-opKe7OOyqdxGcQGfZ_tYbccc2pSouLnYBe4zUs8SkQ4NPbSoy8zlTAArTc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 798B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA-sZpBdskA09579usuJ6iE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA-sZpBdskA09579usuJ6iE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BK...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 798B 0
236 B 127ms
65ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlQUrjp-SHEavFlcMzuUTFbnvB6gp5vIqvtJWt4dnjPIT_LJjEDeYUjUxFBqi_RYKcUDcu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 dark-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
1 KB 16ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-bottom.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6757200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 700
cf-request-id: 0a901a0ac8000005e92f996000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q%2BdqvUGKUA6sQz6LaMTDxrXIYdmSS94JRouMW5iI65wqaAvqzDB03E1ZGAGW8IbFy3PTU108U3SWpOQfGBJtiw2NFLhefeRsuNs5D7jV3%2FoSyZX9rPXxJZRsSdvXoq%2FqV5r3fTTZO9QlwU4xJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65c6c5f13a0605e9-FRA
expires: Mon, 30 May 2022 02:01:38 GMT

GET
H3-29 200 twk-main.js
embed.tawk.to/_s/v4/app/60bf24e0c17/js/ 121 B
502 B 46ms
34ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5d48433d7d27204601c9618f/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62467
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0ad000004a73608b3000000001
last-modified: Tue, 08 Jun 2021 08:07:16 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 65c6c5f1490b4a73-FRA

GET
H3-29 200 twk-vendor.js
embed.tawk.to/_s/v4/app/60bf24e0c17/js/ 76 KB
26 KB 27ms
16ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5d48433d7d27204601c9618f/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62467
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0ad000004a73728d8000000001
last-modified: Tue, 08 Jun 2021 08:07:17 GMT
server: cloudflare
etag: W/"0f39891136019f798fa8b3392f334ff1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 65c6c5f1490a4a73-FRA

GET
H3-29 200 twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/60bf24e0c17/js/ 190 KB
54 KB 32ms
22ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5d48433d7d27204601c9618f/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62467
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0ad000004a73458ac000000001
last-modified: Tue, 08 Jun 2021 08:07:16 GMT
server: cloudflare
etag: W/"c257e181d56a8410b255c241c7a67d2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 65c6c5f149064a73-FRA

GET
H3-29 200 twk-chunk-common.js
embed.tawk.to/_s/v4/app/60bf24e0c17/js/ 135 KB
32 KB 38ms
28ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5d48433d7d27204601c9618f/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62467
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0ad000004a736c183000000001
last-modified: Tue, 08 Jun 2021 08:07:16 GMT
server: cloudflare
etag: W/"c367de4895955be804a37a832dc0b4d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 65c6c5f149054a73-FRA

GET
H3-29 200 twk-runtime.js
embed.tawk.to/_s/v4/app/60bf24e0c17/js/ 2 KB
1 KB 23ms
13ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5d48433d7d27204601c9618f/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62467
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0acf00004a738590e000000001
last-modified: Tue, 08 Jun 2021 08:07:16 GMT
server: cloudflare
etag: W/"1c9cbe12724c90c8ce0a95b6d1ca4cb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 65c6c5f149044a73-FRA

GET
H3-29 200 twk-app.js
embed.tawk.to/_s/v4/app/60bf24e0c17/js/ 151 B
562 B 22ms
12ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5d48433d7d27204601c9618f/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zitauto.com
Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62467
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0ad000004a737b856000000001
last-modified: Tue, 08 Jun 2021 08:07:16 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 65c6c5f149094a73-FRA

GET
H3-29 200 sodar
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210603&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7919
x-xss-protection: 0

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame F531 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 20:19:30 GMT

GET
H3-29 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 09 Jun 2021 02:01:38 GMT

GET
H2 200 widget-settings
va.tawk.to/v1/ 3 KB
1 KB 17ms
16ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5d48433d7d27204601c9618f&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0b99000024887e16a000000001
x-served-by: visitor-application-preemptive-v5sx
server: cloudflare
etag: W/"2-46-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 65c6c5f289842488-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3-29 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame D609 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zitauto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zitauto.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 09 Jun 2021 00:21:21 GMT
expires: Thu, 09 Jun 2022 00:21:21 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6017
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe
www.google.com/recaptcha/api2/ Frame 0D82 783 B
531 B 15ms
15ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AmgScEodj7kEseuXDWI4xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zitauto.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zitauto.com/

Response headers

expires: Wed, 09 Jun 2021 02:01:38 GMT
date: Wed, 09 Jun 2021 02:01:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AmgScEodj7kEseuXDWI4xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 en.js
embed.tawk.to/_s/v4/app/60bf24e0c17/languages/ 16 KB
4 KB 38ms
25ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60bf24e0c17/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/60bf24e0c17/js/twk-chunk-common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 02:01:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63699
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a901a0bb900000605c984c000000001
last-modified: Tue, 08 Jun 2021 08:07:17 GMT
server: cloudflare
etag: W/"133bcacb50bf5f4a58b8c02869f01375"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 65c6c5f2ca400605-FRA

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame D609 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 20:19:30 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
15ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210603&jk=1245260949648976&bg=!T0ylTAjNAAY6sG-_OrA7ACkAdvg8WvB4hfEez27xHJ8aigdX-d4WyWUeE5LqTvsAsquUyLbqZk4OWAIAAABnUgAAAAxoAQcKAINb3eSZn09NbUu94nUBXleeikBfrtRryQYgt50siRbMxg91WHHGiPimCyteI3oLHc3kRQW1JtV_7bjAav7hqL7xCl0GhBHxgGqeBTIHpQiySIA2FSAX3tzUcIiW-kvT-osuLhoFg7B1ER1dVxxuMWvEfBo4buEasNFKSKvEBq1GUty7BJkChMdB7vkTmrlNEj8hrhcoO8DCxdTH7cdio3CCaaHv1Fpqp6E0gT7weS46ID98tdbsdwqGFraoUJ4kmf43F65ajcNRw6COc1aA-4a_pzrcm8t4hCUaFHkxzoUA-zARKeHKnhzubXGt-cqOjmS9PUri95zP47UKe5i_9g65BZgjwCJWuOgAgqACCuZtn36sEWZk9cq5dv3R76ZQd6dK1f4faZkhxtW6rNy-3F4jtdJqcdQstoOV-oq0RoShR4G2_iXkCpI7cmGvsqnO0FfLGlSCw70XgxtuoE4LWcfvo-vw2uxnEUuIvEbvlQFFnChddVE6LC9ani2XZphsLHgZM1_3G5C1ChP-zDtvmF9jV3fNMlMZa8e8W-6WuWJQ9JTKd16SY9HivmXZFxEftwegG04sGyYKjWOjVI58GCXw0nO8vBK9wBAXYfaTkSYmoozGo5XydYHUH58-rB7H6R_Az8aWQC-mtTBvoZo4wmS6HIZ4dfL7wFczHYP4Zdbu9i-ly1DI_09yahroblBTtDf87FztfBt9UVO7qLF-KFHahgUl5HQBL6p7bemrpYdl3lnUVvMenqNogG0ENKITkyWrnR9Ce8Y6o-jha4YByuZJgGkQsIWotGhf66NMOjl9mRCbVFhMB7OShYrf8Fr3tqJklHi5ZLUUJi9UgSsqbpNyAYRgBNijF6eMwsWqK7MIsb8ZANLalVuGT-jflKVgJIdf1S5vsGH_6iy0nU3KEGhVWttyZSpsJ8h7qKym5HtXUKiTDbSQmnGsPUoza4iPIc2wSaRGV1FZw0kFLeRaiPVvF3YL6PXUZtYr5qzFJ_UpeyGA7KWL50qjL8Q8PDW1TvSl-Z66aYJIiA2r

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zitauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 02:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: query.yahooapis.com
URL: https://query.yahooapis.com/v1/public/yql?q=select%20*%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text%3D%22Faro%2C%20Portugal%22)%20and%20u%3D%22c%22&format=json&diagnostics=true&env=store%3A%2F%2Fdatatables.org%2Falltableswithkeys&callback=return_weather

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMAhAlasA08hthf1uiktvgAABJwAAAIB&google_cver=1&google_push=AYg5qPIw3ipMc5upA65K94sDoVoI770KYtOkxLGWJ_ximDTYoXLvQZlmjs6F_fzGxLSj1zFyP6BKzmHUNiKmfCMSuTqVKVO7yqU&google_gid=CAESEA-sZpBdskA09579usuJ6iE

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
invitejs.trustpilot.com
ip.seeip.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
query.yahooapis.com
rtb.openx.net
stats.g.doubleclick.net
tpc.googlesyndication.com
va.tawk.to
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zitauto.com
cm.g.doubleclick.net
query.yahooapis.com
143.204.98.72
143.204.98.92
172.217.16.130
172.217.23.98
185.64.189.115
216.58.212.162
2602:fed3:2:b74f:112:9a23:af4f:2219
2606:4700:10::ac43:2642
2606:4700::6810:135e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9b
35.186.253.211
52.18.11.109
52.59.79.213
69.173.144.139
94.46.13.117
0d2dff017bee7e4844a53e448299258388dc0170292e0d2e3c2b3289b224b703
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10cf2f0239a076753a1f5bfb1f515164c828a5f8e91e7668693c6a30efdf1540
12b7584afe9c60d4c49cb2aa744ac5d9c82a3ecc5a2d3f5bfca25e1199607cf3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
1f4a09a23422dd6ad4e6eb8ed9f87d198619286bbaf10ee1bac9954382079629
24daec53f4034d81068ebfc21bc6baf36820f5d7fddd7e8985af30c76e585e76
260aed12ac71ab9bf36c313c344a72b37ef02bf0450c31bab519f0bdaff43913
26ffb9c1e8b8cc2a1f8bb33a0fe1db19c5db1413acb2136ff9a2094a87411a13
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af245a0c8c42d80125c0e1e67379e3626cba969f30e958a6c3d3b379822fcf3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
32b6ef882eaefb472331bc0f03fddfc69cb626f8636530d6b470f2a418e27310
3448a1cc7f26f2798da600d4f376a66c16d2ddf2026d349a4fa8feed8ec0cc0e
35c5975e66e1a70d0e9ee6653c198e3b27afcec798c3125213937fa480389e97
3a0864b78126fc9bced36889f61b3f7adac88164edc38a2270568eb9474e3617
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3d1fd91d8a429d51fb8df45a0a16dbc19dfa4b89d40cab7ee81ba68edb6ad58d
43d664ff8fa70e1adb5687a83abfb0f8459867d7f8d437deeb5ddb87b845fba4
4a63148b338084385477e63e15e8d5379f528d0a289bf49db2c14c8f1e0977ce
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
56b9ad34701d1b38cdb1436d5981b9e71c44f710d3cf8805eb7c7fa6b297287d
6ac94ae77db80cf96c09b5e6bb322f5e76948d69604faed836710c1880ce49c4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
866f5ff3f77a2ca6269ce25c0b42e79726652ed29033ed540d91893bb497cbf5
8b17b12a46bcc8cfb1b0873fddf84dd8360ec0424ea090d0d7df5ba11f0e358a
8cad013d9042fff980bceebcf6bc4875f185a74e90acf06d4ab576ef88acc9d0
8e0318c345dffa23b41180b8a675fcb52e2f983ab28ed27d7707d230c8d266e6
91ed8b909c7841f868db32297ac0cbf2f772b088524cbd13a03e13853e0fb3f7
935dbcdac9d16cad1bb4c98abf1ee065ffec4f503da05ad1a561dcdc3964755b
93e933cda2759567f9067d8cd22f3dc10aca9aa5d69781ec9e3c12cc613f0657
97bd8342439af3d67fd67c50ae141bd62f62d621104f58e75f61f054d5c06983
9e4338ae7a1e6417e2a7b186f8e0cf41f3a308527588a59f124af290da06d338
9ecf0ccc7afe2aee46687d2f6b39d4c07e6cd0c61ddc19fdde71c3725f192d31
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a79306bae17474da5f4e6b86f41c023d9b1561851b1cf17f3c099a2666a2f425
ade4e100dcebbbc3065f81e25d2353d691d611eace08122e8f75b4123f8f3550
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
ceb3d8ae4e0944c270ea320e95e7128589deaa0e283543d266718ec127e1d40c
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59ff803d3b6886f3a09adbb3b080cc0b99162df5b8cb3a81293d7cbbca1892b
e940881c7d97f37cf4d49224da0610cb8df395b90ebdf0f345a09bb6e45ab379
ecb917e9dc3657d2cd9eb8d6d680063a3d5d2d29f837307523b7992a049627ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14ce15a3e1f2ded7a28cd779756e2f78993c50c961d2ab466347eaace7861b8
f183fc9001c7046d6ad947d727f3d88c6731e21ae14a3692fa5370631669470b
f737b71806882f07d9ccc5a06779f75b0ffe9d9b74f7a357eaf0407aab3ee782
f7e4982ab1b393c13e211fce09e0538a2c12c37b3c2650a47445c882ed34dd38

www.zitauto.com Open in urlscan Pro 94.46.13.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

98 %HTTPS

63 %IPv6

22 Domains

31 Subdomains

26 IPs

6 Countries

4657 kBTransfer

6550 kBSize

0 Cookies

0 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zitauto.com Open in urlscan Pro
94.46.13.117 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

98 %
HTTPS

63 %
IPv6

22
Domains

31
Subdomains

26
IPs

6
Countries

4657 kB
Transfer

6550 kB
Size

0
Cookies

129 HTTP transactions
4 data transactions