itunesadvisor.com Open in urlscan Pro
198.143.149.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://itunesadvisor.com/
Submission Tags: @phishunt_io
Submission: On July 22 via api (July 22nd 2021, 10:16:34 pm UTC) from DE

Summary HTTP 124 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 18 domains to perform 124 HTTP transactions. The main IP is 198.143.149.60, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is itunesadvisor.com.
TLS certificate: Issued by R3 on July 22nd 2021. Valid for: 3 months.

This is the only time itunesadvisor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	198.143.149.60 198.143.149.60	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:dd1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	198.145.13.12 198.145.13.12	2044 (DF-PTL01) (DF-PTL01)
25	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	79.137.69.91 79.137.69.91	16276 (OVH) (OVH)
124	20

37 198.143.149.60 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: kvm01-phx.stablehost.com

itunesadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.145.13.12 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.91 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	itunesadvisor.com itunesadvisor.com	385 KB
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	230 KB
16	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	69 KB
13	ampproject.org cdn.ampproject.org	226 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	131 KB
4	google.com 1 redirects adservice.google.com www.google.com	718 B
3	getclicky.com static.getclicky.com in.getclicky.com	6 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	googletagservices.com www.googletagservices.com	65 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	339 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	openx.net 1 redirects rtb.openx.net	407 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	463 B
1	exactag.com m.exactag.com	1 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	412 B
124	18

	Domain	Requested by
37	itunesadvisor.com	itunesadvisor.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
13	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	itunesadvisor.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
6	cm.g.doubleclick.net	itunesadvisor.com googleads.g.doubleclick.net
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.googleapis.com	itunesadvisor.com googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	in.getclicky.com	static.getclicky.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	m.exactag.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.getclicky.com	itunesadvisor.com
124	23

This site contains links to these domains. Also see Links.

Domain
secure.store.apple.com

Subject Issuer	Validity	Valid
itunesadvisor.com R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://itunesadvisor.com/
Frame ID: 92D41806653E1C46BA30724651E322ED
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: 79E87B9E8A16BBCDC69D9203D84DF238
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&adk=1812271804&adf=3025194257&lmt=1626992157&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fitunesadvisor.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157236&bpp=9&bdt=2400&idt=197&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7199185722904&frm=20&pv=2&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
Frame ID: 2CE0EEE33B7FF342D95A474A294A5354
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=6158928539&adk=1020137168&adf=1551189282&pi=t.ma~as.6158928539&w=336&lmt=1626992157&psa=0&format=336x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157245&bpp=88&bdt=2408&idt=268&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQ59c7YMvQ&p=https%3A//itunesadvisor.com&dtd=275
Frame ID: B45E6DE5B112D37A1202431843EF0939
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=1725684538&adk=3400310372&adf=59338513&pi=t.ma~as.1725684538&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157333&bpp=3&bdt=2497&idt=191&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fmGtNKmMWa&p=https%3A//itunesadvisor.com&dtd=194
Frame ID: 27F1627FA70773DE270EB1E1535969E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=3202417733&adk=2542246661&adf=2423744242&pi=t.ma~as.3202417733&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157336&bpp=2&bdt=2500&idt=196&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C600x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGjPAmKoVb&p=https%3A//itunesadvisor.com&dtd=207
Frame ID: EEA16A8A421DF8FCE364C334004E0EC8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: F9BF63791541DDB30D4D1B4DCE0439CC
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C5257D8C525FA8D026D07B8F5ED63A15
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4A96A1D953A897E815FB87BB67E6BE7
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 9325B5E8E9316A07AA60E57C817BB458
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
Frame ID: B569784CF327BEB30FDBF9E4FBCDFAE3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F49F536CC6C892954A39CC8AAB388CA4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7DF2C3F301D606955F29BF1F5E34724D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

124
Requests

99 %
HTTPS

58 %
IPv6

18
Domains

23
Subdomains

20
IPs

5
Countries

1120 kB
Transfer

3104 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.store.apple.com/shop/account/setup/start
Title: Apple Store Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJpx1RRrQoIoBUkTNjSiFNPgNlr7qxzUZVigeWef-EcCzm8Ppxdztb0l-N5sgaywPPys8GBTjXFgxx_9R6WygN4lRvr8Lq0&google_gid=CAESEOxgmL3jLSI3r9zC1zHDDFE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBudUlRQUFBYnFvcTBlRg&google_push=AYg5qPJpx1RRrQoIoBUkTNjSiFNPgNlr7qxzUZVigeWef-EcCzm8Ppxdztb0l-N5sgaywPPys8GBTjXFgxx_9R6WygN4lRvr8Lq0

Request Chain 105

https://rtb.openx.net/sync/dds?google_gid=CAESEE0L9-Xlt8lTvJfWz8oOIjg&google_cver=1&google_push=AYg5qPIUllY7vsb767fQSWIGhMEeyqyyDGFCo56om6cb8pAbpisPSzaqhoZdY309az-V6jXylZaY2qAwN-_BZ4IbEeqveftSDL-Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUllY7vsb767fQSWIGhMEeyqyyDGFCo56om6cb8pAbpisPSzaqhoZdY309az-V6jXylZaY2qAwN-_BZ4IbEeqveftSDL-Z&google_hm=PdTYXWIcjN6O08ts3d9AKA==

Request Chain 106

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKYeShI8ktnbhYXw6lhP2v8&google_cver=1&google_push=AYg5qPKsoNNNIMlKwN6imlUIvoqr7h3BAkD7mcA9GTQbbnYMA_Xe0KChbELJUJvwUwfpPClSFP0Td9W8dzH943EueeubItkpWIQq HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKYeShI8ktnbhYXw6lhP2v8&google_cver=1&google_push=AYg5qPKsoNNNIMlKwN6imlUIvoqr7h3BAkD7mcA9GTQbbnYMA_Xe0KChbELJUJvwUwfpPClSFP0Td9W8dzH943EueeubItkpWIQq&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hM31r44tSxavJtVrPis7sA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKsoNNNIMlKwN6imlUIvoqr7h3BAkD7mcA9GTQbbnYMA_Xe0KChbELJUJvwUwfpPClSFP0Td9W8dzH943EueeubItkpWIQq

Request Chain 107

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRXbQE4L-KY6x-0hTiSHxg&google_cver=1&google_push=AYg5qPJ6ftT4gg2rEQzpkSqDal4pP0AVNnjzBzV62kFixYRvb5rNND6sc2JnnElqmwMZ9gXSPZ84UBHcErVvE8jdm1xd3M-iwB0c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGSDRHREUtUS1NRTVQ&google_push=AYg5qPJ6ftT4gg2rEQzpkSqDal4pP0AVNnjzBzV62kFixYRvb5rNND6sc2JnnElqmwMZ9gXSPZ84UBHcErVvE8jdm1xd3M-iwB0c

Request Chain 108

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ

Request Chain 109

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFDVhBtj9-JWSj3wsqa3Wm0&google_cver=1&google_push=AYg5qPLxHpAwymXBSpVK6wnSQxJAmgSUKbsoFKpFl2TR_X_PDOSZPAi2Z1JcNVH3k_K5sG7DoYmTZ9sbOuFQIlnxXhH1BiyaA_I5mg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLxHpAwymXBSpVK6wnSQxJAmgSUKbsoFKpFl2TR_X_PDOSZPAi2Z1JcNVH3k_K5sG7DoYmTZ9sbOuFQIlnxXhH1BiyaA_I5mg&google_hm=

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

124 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
itunesadvisor.com/ 65 KB
12 KB 1659ms
1322ms Document
text/html 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 2ba68d824479789c8d4c93107d162fc582b36d6e65e356e8bfc64b025f195df5

Request headers

:method: GET
:authority: itunesadvisor.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
link: <https://itunesadvisor.com/wp-json/>; rel="https://api.w.org/" <https://itunesadvisor.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Jul 2021 22:15:53 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 style.min.css
itunesadvisor.com/wp-includes/css/dist/block-library/ 25 KB
4 KB 454ms
152ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.10
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.1.10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:53 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 00:06:04 GMT
server: LiteSpeed
etag: "629d-6078d4ec-bd0d739ef378aa69;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3977
expires: Thu, 29 Jul 2021 22:15:53 GMT

GET
H2 200 styles.css
itunesadvisor.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
641 B 589ms
287ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:53 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 10:00:43 GMT
server: LiteSpeed
etag: "695-5ce3cc4b-eb9c28377b87e423;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 557
expires: Thu, 29 Jul 2021 22:15:53 GMT

GET
H2 200 screen.min.css
itunesadvisor.com/wp-content/plugins/table-of-contents-plus/ 1 KB
463 B 589ms
287ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

:path: /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:53 GMT
content-encoding: br
last-modified: Sat, 06 Apr 2019 17:40:28 GMT
server: LiteSpeed
etag: "484-5ca8e48c-af1da9c4c9dd48da;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 378
expires: Thu, 29 Jul 2021 22:15:53 GMT

GET
H2 200 eael-post-141.min.css
itunesadvisor.com/wp-content/uploads/essential-addons-elementor/ 54 KB
3 KB 589ms
287ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/uploads/essential-addons-elementor/eael-post-141.min.css?ver=2.10.5
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: ef7017f44e22bf9c2476760ae3365a1021065a5b7972180f352f61bd231f62f5

Request headers

:path: /wp-content/uploads/essential-addons-elementor/eael-post-141.min.css?ver=2.10.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:53 GMT
content-encoding: br
last-modified: Thu, 13 May 2021 01:07:12 GMT
server: LiteSpeed
etag: "d8cf-609c7bc0-8cdd88ac462e32c3;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3483
expires: Thu, 29 Jul 2021 22:15:53 GMT

GET
H2 200 unsemantic-grid.min.css
itunesadvisor.com/wp-content/themes/generatepress/css/ 12 KB
2 KB 589ms
288ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/themes/generatepress/css/unsemantic-grid.min.css?ver=2.2.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56

Request headers

:path: /wp-content/themes/generatepress/css/unsemantic-grid.min.css?ver=2.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:53 GMT
content-encoding: br
last-modified: Sat, 08 Jun 2019 06:54:24 GMT
server: LiteSpeed
etag: "3107-5cfb5ba0-bcd0647b18004841;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1654
expires: Thu, 29 Jul 2021 22:15:53 GMT

GET
H2 200 style.min.css
itunesadvisor.com/wp-content/themes/generatepress/ 25 KB
5 KB 589ms
288ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/themes/generatepress/style.min.css?ver=2.2.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 33a8dac2523e255f32bcaaa7d9ace73f6616133ee745bd05da30dbfed5b2cc55

Request headers

:path: /wp-content/themes/generatepress/style.min.css?ver=2.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:53 GMT
content-encoding: br
last-modified: Sat, 08 Jun 2019 06:54:23 GMT
server: LiteSpeed
etag: "63ca-5cfb5b9f-80c1a1ad8bf1e750;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5453
expires: Thu, 29 Jul 2021 22:15:53 GMT

GET
H2 200 wp-emoji-release.min.js Show response
itunesadvisor.com/wp-includes/js/ 12 KB
4 KB 450ms
149ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.10
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.1.10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:54 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 00:06:04 GMT
server: LiteSpeed
etag: "2eaf-6078d4ec-5409b87a1b92e264;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4060
expires: Thu, 29 Jul 2021 22:15:54 GMT

GET
H2 200 mobile.min.css
itunesadvisor.com/wp-content/themes/generatepress/css/ 4 KB
1 KB 459ms
151ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/themes/generatepress/css/mobile.min.css?ver=2.2.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: c41f130fac83aab5327bcf2414219ad5e98bff3ccf1ed137551b427390c9badd

Request headers

:path: /wp-content/themes/generatepress/css/mobile.min.css?ver=2.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Sat, 08 Jun 2019 06:54:24 GMT
server: LiteSpeed
etag: "1064-5cfb5ba0-a85f66b2b2f8963d;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1064
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 default.min.css
itunesadvisor.com/wp-content/plugins/tablepress/css/ 6 KB
3 KB 459ms
151ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635

Request headers

:path: /wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Sat, 06 Apr 2019 17:39:21 GMT
server: LiteSpeed
etag: "16ef-5ca8e449-c04eb8fb6e51d7c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2521
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 elementor-icons.min.css
itunesadvisor.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 11 KB
2 KB 458ms
152ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=4.3.0
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 3b4cfe724d0ef7840099ced8aa63bee82833a04358b8102a2b0df13ee7b98655

Request headers

:path: /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=4.3.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "2cfa-5ce394f3-f777ee98af5cffa4;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2315
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 font-awesome.min.css
itunesadvisor.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 460ms
153ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "7918-5ce394f3-4c35d7953ff5270f;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6658
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 animations.min.css
itunesadvisor.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
2 KB 589ms
283ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.5.15
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

:path: /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.5.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "4824-5ce394f3-2607d56f9077f3fb;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2442
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 frontend.min.css
itunesadvisor.com/wp-content/plugins/elementor/assets/css/ 93 KB
12 KB 589ms
283ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.5.15
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 7ab9f722f57bb54d23b45364de036ef7a928152a833dc5ac32a358da42802286

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.5.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:36 GMT
server: LiteSpeed
etag: "17272-5ce394f4-c3808d5c330e6715;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12329
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 global.css
itunesadvisor.com/wp-content/uploads/elementor/css/ 8 KB
1 KB 593ms
288ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/uploads/elementor/css/global.css?ver=1558453070
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 1a0fe86d69d4d574e9142634e734c85d806d5717d2bf9119131e4d3c47a378a8

Request headers

:path: /wp-content/uploads/elementor/css/global.css?ver=1558453070
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 15:37:50 GMT
server: LiteSpeed
etag: "21f2-5ce41b4e-cab5c710f5dadca6;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1000
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 post-141.css
itunesadvisor.com/wp-content/uploads/elementor/css/ 6 KB
829 B 594ms
287ms Stylesheet
text/css 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/uploads/elementor/css/post-141.css?ver=1567262243
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: d78a9904e5ab2482a0e8ed1ee4061c53633a4a83efdba1f14e104550126ae5c9

Request headers

:path: /wp-content/uploads/elementor/css/post-141.css?ver=1567262243
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Sat, 31 Aug 2019 14:37:23 GMT
server: LiteSpeed
etag: "171f-5d6a8623-9e708ed9436e7b10;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 741
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 42 KB
2 KB 21ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.1.10

Requested by

Host: itunesadvisor.com
URL: https://itunesadvisor.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 21:53:48 GMT
server: ESF
date: Thu, 22 Jul 2021 22:15:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jul 2021 22:15:56 GMT

GET
H2 200 jquery.js Show response
itunesadvisor.com/wp-includes/js/jquery/ 95 KB
32 KB 594ms
287ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Thu, 05 Sep 2019 09:59:22 GMT
server: LiteSpeed
etag: "17a69-5d70dc7a-cb41a96e70f4fefa;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32853
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
itunesadvisor.com/wp-includes/js/jquery/ 10 KB
4 KB 725ms
419ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 18:41:28 GMT
server: LiteSpeed
etag: "2748-573f5a58-ee6f94faefeeb978;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3823
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: itunesadvisor.com
URL: https://itunesadvisor.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45e736677a3954922b5157fbe11db8464434ac31d9190bf5c94973413625a6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49297
x-xss-protection: 0
server: cafe
etag: 7603761842610517477
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 22:15:57 GMT

GET
H2 200 iTunes-Login-Official-Account.jpg
itunesadvisor.com/wp-content/uploads/2018/04/ 19 KB
19 KB 181ms
173ms Image
image/jpeg 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itunesadvisor.com/wp-content/uploads/2018/04/iTunes-Login-Official-Account.jpg
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 2d094785eaf284df1a4d6d385923bc77fd25866ea51f1fd638caea9287e5d401

Request headers

:path: /wp-content/uploads/2018/04/iTunes-Login-Official-Account.jpg
pragma: no-cache
cookie: __gads=ID=5e9fe0b8c9fdb204-2251a1ec81c800dc:T=1626992157:RT=1626992157:S=ALNI_MafURGBf_9Z3XkjIigMnaNc_nSI4Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
last-modified: Thu, 26 Apr 2018 11:26:02 GMT
server: LiteSpeed
etag: "4d2a-5ae1b74a-d71964874378b0db;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19754
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 iTunes-Sign-In-on-PC.jpeg
itunesadvisor.com/wp-content/uploads/2018/04/ 47 KB
47 KB 201ms
193ms Image
image/jpeg 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itunesadvisor.com/wp-content/uploads/2018/04/iTunes-Sign-In-on-PC.jpeg
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 6e1382bea3a18f50aa0a1204cae7697034eb6e54a08c2582e4986e34ec55edd1

Request headers

:path: /wp-content/uploads/2018/04/iTunes-Sign-In-on-PC.jpeg
pragma: no-cache
cookie: __gads=ID=5e9fe0b8c9fdb204-2251a1ec81c800dc:T=1626992157:RT=1626992157:S=ALNI_MafURGBf_9Z3XkjIigMnaNc_nSI4Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
last-modified: Thu, 26 Apr 2018 11:26:00 GMT
server: LiteSpeed
etag: "bbee-5ae1b748-4dcdc04147f7d226;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 48110
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 Recover-iTunes-Account-Login-password.jpg
itunesadvisor.com/wp-content/uploads/2018/04/ 25 KB
25 KB 298ms
290ms Image
image/jpeg 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itunesadvisor.com/wp-content/uploads/2018/04/Recover-iTunes-Account-Login-password.jpg
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 203cf8bdf4c81540004da0b9bd1510badfcdd6be797004cf2d0d47550d2019ee

Request headers

:path: /wp-content/uploads/2018/04/Recover-iTunes-Account-Login-password.jpg
pragma: no-cache
cookie: __gads=ID=5e9fe0b8c9fdb204-2251a1ec81c800dc:T=1626992157:RT=1626992157:S=ALNI_MafURGBf_9Z3XkjIigMnaNc_nSI4Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
last-modified: Thu, 26 Apr 2018 11:26:01 GMT
server: LiteSpeed
etag: "6260-5ae1b749-8f5d712539940508;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25184
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 Itunes-logo-button.png
itunesadvisor.com/wp-content/uploads/2019/05/ 33 KB
33 KB 297ms
292ms Image
image/png 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itunesadvisor.com/wp-content/uploads/2019/05/Itunes-logo-button.png
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 61978337958bc897e54ca82350fa8c5247fe7c9bda6c0da4c6ddffb526a94f04

Request headers

:path: /wp-content/uploads/2019/05/Itunes-logo-button.png
pragma: no-cache
cookie: __gads=ID=5e9fe0b8c9fdb204-2251a1ec81c800dc:T=1626992157:RT=1626992157:S=ALNI_MafURGBf_9Z3XkjIigMnaNc_nSI4Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
last-modified: Tue, 21 May 2019 15:35:48 GMT
server: LiteSpeed
etag: "829b-5ce41ad4-4f6d37717c50718c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33435
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 34ms
17ms Script
text/javascript 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:57 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 171785
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 29 Jul 2021 22:15:57 GMT
cache-control: public, max-age=604800
cf-ray: 673007d60e8dd725-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 scripts.js Show response
itunesadvisor.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 150ms
150ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 10:00:43 GMT
server: LiteSpeed
etag: "3868-5ce3cc4b-ea71d7cf02203324;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3752
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 front.min.js Show response
itunesadvisor.com/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 150ms
149ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path: /wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Sat, 06 Apr 2019 17:40:28 GMT
server: LiteSpeed
etag: "17cb-5ca8e48c-44cf46a37f75c695;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2181
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 eael-post-141.min.js Show response
itunesadvisor.com/wp-content/uploads/essential-addons-elementor/ 144 B
228 B 152ms
149ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/uploads/essential-addons-elementor/eael-post-141.min.js?ver=2.10.5
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: f44aa30853513f5852732da53b8b94e71207278c2a6eadcc0631a75cab3cc100

Request headers

:path: /wp-content/uploads/essential-addons-elementor/eael-post-141.min.js?ver=2.10.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
last-modified: Thu, 13 May 2021 01:07:12 GMT
server: LiteSpeed
etag: "90-609c7bc0-5c18c5d5e6cb1210;;;"
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 144
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 menu.min.js Show response
itunesadvisor.com/wp-content/themes/generatepress/js/ 4 KB
1 KB 152ms
150ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/themes/generatepress/js/menu.min.js?ver=2.2.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 0f39d3bfd77bd9b83cebee50aa8b613675f2482ec939d86abff740ad3babead7

Request headers

:path: /wp-content/themes/generatepress/js/menu.min.js?ver=2.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Sat, 08 Jun 2019 06:54:23 GMT
server: LiteSpeed
etag: "100d-5cfb5b9f-fdf72bc9fb0a2cd8;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 958
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 a11y.min.js Show response
itunesadvisor.com/wp-content/themes/generatepress/js/ 2 KB
743 B 153ms
150ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/themes/generatepress/js/a11y.min.js?ver=2.2.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 6404610009e3864939a057aec317ba947aff11e5b7002dcaaf362c3dc0fd6377

Request headers

:path: /wp-content/themes/generatepress/js/a11y.min.js?ver=2.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Sat, 08 Jun 2019 06:54:23 GMT
server: LiteSpeed
etag: "80d-5cfb5b9f-ffdd92a9794839e4;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 656
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 wp-embed.min.js Show response
itunesadvisor.com/wp-includes/js/ 1 KB
701 B 153ms
151ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-includes/js/wp-embed.min.js?ver=5.1.10
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.1.10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 00:06:04 GMT
server: LiteSpeed
etag: "56f-6078d4ec-62761693dd924ed4;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 638
expires: Thu, 29 Jul 2021 22:15:55 GMT

GET
H2 200 jquery.datatables.min.js Show response
itunesadvisor.com/wp-content/plugins/tablepress/js/ 80 KB
27 KB 270ms
268ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=1.9.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925

Request headers

:path: /wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=1.9.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
content-encoding: br
last-modified: Sat, 06 Apr 2019 17:39:21 GMT
server: LiteSpeed
etag: "141eb-5ca8e449-7496b0c1083b6855;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27114
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 frontend-modules.min.js Show response
itunesadvisor.com/wp-content/plugins/elementor/assets/js/ 11 KB
4 KB 352ms
351ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.5.15
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 51b3ee4b981dbbd0e2ea54b2fafd15f7ef6bfebb165cb4a6fdd7cd8e6f343024

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.5.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "2b87-5ce394f3-2420d9b02497cd8f;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3486
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 position.min.js Show response
itunesadvisor.com/wp-includes/js/jquery/ui/ 6 KB
2 KB 353ms
352ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Request headers

:path: /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 00:06:04 GMT
server: LiteSpeed
etag: "1926-6078d4ec-60a5c7ec8933972a;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2302
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 dialog.min.js Show response
itunesadvisor.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
3 KB 353ms
353ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.1
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 226493c7f7a033b43e24d0ce2115ef8d2be36fe6de4dbf6a3cbba6dca53be7c3

Request headers

:path: /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "2948-5ce394f3-6e2664f6377e1204;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3240
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 waypoints.min.js Show response
itunesadvisor.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 344ms
342ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

:path: /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "2fa6-5ce394f3-6384a7f84e169ff9;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2867
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 swiper.min.js Show response
itunesadvisor.com/wp-content/plugins/elementor/assets/lib/swiper/ 123 KB
31 KB 177ms
168ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7

Request headers

:path: /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "1ea8a-5ce394f3-b88797c8910ff688;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31247
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 frontend.min.js Show response
itunesadvisor.com/wp-content/plugins/elementor/assets/js/ 40 KB
10 KB 157ms
149ms Script
application/javascript 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.5.15
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 2d539fbc94dc2803e51413d3d57bfb0e7e04e1484ccbf21ce44602bd92f7a4e3

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.5.15
pragma: no-cache
cookie: __gads=ID=5e9fe0b8c9fdb204-2251a1ec81c800dc:T=1626992157:RT=1626992157:S=ALNI_MafURGBf_9Z3XkjIigMnaNc_nSI4Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:56 GMT
content-encoding: br
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
etag: "9fd2-5ce394f3-6ec4975dad9d0f3b;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10127
expires: Thu, 29 Jul 2021 22:15:56 GMT

GET
H2 200 generatepress.woff2
itunesadvisor.com/wp-content/themes/generatepress/fonts/ 1 KB
1 KB 149ms
149ms Font
font/woff2 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/themes/generatepress/fonts/generatepress.woff2
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/wp-content/themes/generatepress/style.min.css?ver=2.2.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

:path: /wp-content/themes/generatepress/fonts/generatepress.woff2
pragma: no-cache
origin: https://itunesadvisor.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/wp-content/themes/generatepress/style.min.css?ver=2.2.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://itunesadvisor.com
Referer: https://itunesadvisor.com/wp-content/themes/generatepress/style.min.css?ver=2.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
last-modified: Sat, 08 Jun 2019 06:54:23 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "4f0-5cfb5b9f-af5eb6023be51fb3;;;"
content-length: 1264
content-type: font/woff2

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.1.10

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itunesadvisor.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 272973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:24 GMT

GET
H2 200 fontawesome-webfont.woff2
itunesadvisor.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
75 KB 150ms
149ms Font
font/woff2 198.143.149.60
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: itunesadvisor.com
URL: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.143.149.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: kvm01-phx.stablehost.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://itunesadvisor.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: itunesadvisor.com
referer: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://itunesadvisor.com
Referer: https://itunesadvisor.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:55 GMT
last-modified: Tue, 21 May 2019 06:04:35 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "12d68-5ce394f3-5d4436f3fd73866d;;;"
content-length: 77160
content-type: font/woff2

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itunesadvisor.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 190710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 17:17:27 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itunesadvisor.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 209756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:00:01 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 250 KB
93 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6041202449463566&plah=itunesadvisor.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95151
x-xss-protection: 0
server: cafe
etag: 4826816153601596757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 22:15:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame 79E8 10 KB
5 KB 11ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210720/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itunesadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itunesadvisor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 22 Jul 2021 01:27:57 GMT
expires: Thu, 05 Aug 2021 01:27:57 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 74880
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
412 B 59ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=itunesadvisor.com&callback=_gfp_s_&client=ca-pub-6041202449463566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6041202449463566&plah=itunesadvisor.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f9a884509d4fdff2f7ad2abb7033e405479f4cc237032f61464eb56a53a4e245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 42ms
42ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=itunesadvisor.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 22:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 42ms
41ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itunesadvisor.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 22:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CE0 0
16 B 112ms
112ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&adk=1812271804&adf=3025194257&lmt=1626992157&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fitunesadvisor.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157236&bpp=9&bdt=2400&idt=197&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7199185722904&frm=20&pv=2&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6041202449463566&output=html&adk=1812271804&adf=3025194257&lmt=1626992157&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fitunesadvisor.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157236&bpp=9&bdt=2400&idt=197&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7199185722904&frm=20&pv=2&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itunesadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmE7VncZ0BxXDd-H_3g2QIvkb4_Ff2-zybgXC33C8iYCS9pUCDUgITYvEkBLqs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itunesadvisor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 22 Jul 2021 22:15:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867007956318"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27997
x-xss-protection: 0
expires: Thu, 22 Jul 2021 22:15:57 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B45E 72 KB
26 KB 542ms
542ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=6158928539&adk=1020137168&adf=1551189282&pi=t.ma~as.6158928539&w=336&lmt=1626992157&psa=0&format=336x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157245&bpp=88&bdt=2408&idt=268&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQ59c7YMvQ&p=https%3A//itunesadvisor.com&dtd=275

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96602af025a90cac2446b52c482f1f4a3d753edffd40531e435c74462d814210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=6158928539&adk=1020137168&adf=1551189282&pi=t.ma~as.6158928539&w=336&lmt=1626992157&psa=0&format=336x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157245&bpp=88&bdt=2408&idt=268&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQ59c7YMvQ&p=https%3A//itunesadvisor.com&dtd=275
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itunesadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmE7VncZ0BxXDd-H_3g2QIvkb4_Ff2-zybgXC33C8iYCS9pUCDUgITYvEkBLqs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itunesadvisor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Jul 2021 22:15:58 GMT
server: cafe
content-length: 26093
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27F1 61 KB
12 KB 849ms
849ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=1725684538&adk=3400310372&adf=59338513&pi=t.ma~as.1725684538&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157333&bpp=3&bdt=2497&idt=191&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fmGtNKmMWa&p=https%3A//itunesadvisor.com&dtd=194

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24ef016975f79f14b13ff3b7113560ff24cfc60efcf4a6b17ec291849246172b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=1725684538&adk=3400310372&adf=59338513&pi=t.ma~as.1725684538&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157333&bpp=3&bdt=2497&idt=191&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fmGtNKmMWa&p=https%3A//itunesadvisor.com&dtd=194
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itunesadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmE7VncZ0BxXDd-H_3g2QIvkb4_Ff2-zybgXC33C8iYCS9pUCDUgITYvEkBLqs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itunesadvisor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Jul 2021 22:15:58 GMT
server: cafe
content-length: 12636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EEA1 237 KB
25 KB 472ms
472ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=3202417733&adk=2542246661&adf=2423744242&pi=t.ma~as.3202417733&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157336&bpp=2&bdt=2500&idt=196&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C600x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGjPAmKoVb&p=https%3A//itunesadvisor.com&dtd=207

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d51f967fd943ba360bd29fd26390f72564c2ded8c807d7397d3a463f7ae43f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=3202417733&adk=2542246661&adf=2423744242&pi=t.ma~as.3202417733&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157336&bpp=2&bdt=2500&idt=196&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C600x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGjPAmKoVb&p=https%3A//itunesadvisor.com&dtd=207
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itunesadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmE7VncZ0BxXDd-H_3g2QIvkb4_Ff2-zybgXC33C8iYCS9pUCDUgITYvEkBLqs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itunesadvisor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Jul 2021 22:15:58 GMT
server: cafe
content-length: 25952
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 in.php Show response
in.getclicky.com/ 139 B
435 B 475ms
161ms Script
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101168026&type=pageview&href=%2F&title=Simple%20Guide%20to%20Login%20to%20your%20iTunes%20Account%3F%20-%20iTunes%20Advisor&res=1600x1200&lang=en&jsuid=4006790125&mime=js&x=0.11370073843046269
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: b5786f786a65f1e850e2f3428388cec1a249f46141c09fef1f3bf8bc4cca3b1b

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72e23882b180037972c27408c198d97026a5cb3f6be62878749a069f289b73e

Request headers

Origin: https://itunesadvisor.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame EEA1 67 B
171 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=3202417733&adk=2542246661&adf=2423744242&pi=t.ma~as.3202417733&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157336&bpp=2&bdt=2500&idt=196&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C600x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGjPAmKoVb&p=https%3A//itunesadvisor.com&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 12:06:16 GMT
x-content-type-options: nosniff
server: cafe
age: 36582
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Fri, 23 Jul 2021 12:06:16 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame F9BF 188 KB
54 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame F9BF 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame F9BF 87 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame F9BF 71 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 277619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16734
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b05480813bd9b7e9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:59 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame F9BF 4 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame F9BF 40 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
DATA 200
OK truncated
/ Frame F9BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2660736305b4615665ac8904440c0be90f7f05e74507e85bc138f81219ae674d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 txt1.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b159722b91f7663d33ce1f0e95de72389955edfa5a12cfe6c94b6705468ae805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:00:29 GMT
x-content-type-options: nosniff
age: 173729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1896
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 22:00:29 GMT

GET
H3-29 200 txt2.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 1 KB
1 KB 14ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93aea7e3c21a5bc34e432149592dfbe6a432f4039a8f93bdb6b43db00b8d40c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:48:18 GMT
x-content-type-options: nosniff
age: 228460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1434
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:48:18 GMT

GET
H3-29 200 puls.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 236 B
265 B 20ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/puls.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ca6dd97b62c2f6e9263710d88f9ccb54612bdccd98c08ead481a0347e9a4e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:25:18 GMT
x-content-type-options: nosniff
age: 208240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:25:18 GMT

GET
H3-29 200 txt3.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 1009 B
1 KB 25ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e3eac1b2c0f5c2d934241ee44a85b4a1a1f3c7c85e05381e2c4b622fe5501d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 11:56:49 GMT
x-content-type-options: nosniff
age: 209949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 11:56:49 GMT

GET
H3-29 200 txt4.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 863 B
892 B 27ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt4.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5189658b1f2daae71ab3b070b6e0b54f412ed79e468c14a1d16c92824a3b2af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:28:19 GMT
x-content-type-options: nosniff
age: 215259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 10:28:19 GMT

GET
H3-29 200 txt5.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 1 KB
1 KB 26ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt5.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50cd1f9a7d3ab95391225b3a8d36eca059105990afdada14ca150953df3f6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:25:18 GMT
x-content-type-options: nosniff
age: 208240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1373
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:25:18 GMT

GET
H3-29 200 preisButt.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 3 KB
3 KB 27ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/preisButt.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a1c951a818174eaaaf001a306bad640b788f504b3b55a86970c8c49220bdb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:17:09 GMT
x-content-type-options: nosniff
age: 208729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3292
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:17:09 GMT

GET
H3-29 200 ll.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 622 B
651 B 28ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ll.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f69adcb2ca28e3e811ad5b88d7b6d86a68d736c715bca3d4953f0566d1447321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:01:41 GMT
x-content-type-options: nosniff
age: 260057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 622
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:41 GMT

GET
H3-29 200 CTA.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 761 B
790 B 28ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/CTA.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8db9f853525deceda9c0749a25a9f2639355d88231b31d6e2b9cc22c206ff41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:01:41 GMT
x-content-type-options: nosniff
age: 260057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 761
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:41 GMT

GET
H3-29 200 DBx.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame F9BF 946 B
975 B 27ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/DBx.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7dcbf991e3140883fbb0cea57b778db313c0ee8f57205404257ac98e1aa1444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:54:15 GMT
x-content-type-options: nosniff
age: 206503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 946
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:54:15 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F9BF 2 KB
2 KB 25ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 24085
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 23 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F9BF 295 B
330 B 25ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 34705
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Jul 2021 12:37:33 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame F9BF 43 B
1 KB 174ms
41ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586220&cb=2383440429

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 22 Jul 2021 10:15:58 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 22 Jul 2021 22:15:58 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9BF 0
17 B 82ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiYDEHe75YNuDIpv53gOVtZLwDPyRochjnrOpxuwNj5DH15IOEAEg4OSRKGCViriCyAegAYuuwOQDyAEJqQI14cShLMCzPqgDAcgDCKoE2gFP0OhqiK2vauzhK3k38P-zOKKs8jjtOpLYMh-ujoTMsKS3Pjx01BYsLxiZ8zOJme4QirjIBEiD7gZLC0X60LTX9xTkvDFWrZ-o_q9uV_jWbuJXHpGBroLjClHdRP6TQahkq-ssAElh_SOXgzU3bc8d4_ecd7u6u8sqS39F2uC2MXCJ69PaztBfuLjCMDdpJxR7UV1FyvZi1g0J_AvVAFU5CM4HjVBFaLWXIp2kKpt4TZNeCXVmxBn93WQSkRWkWTBRDGoCnUN9-w-YheVfTn5H5lwK5oEQnGaci8AEjM_I06wDkgUECAQYAZIFBAgFGASgBi6AB93RvxuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQyqoh0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTYwNDEyMDI0NDk0NjM1NjY&sigh=25N4E4c5Q_Q&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=3202417733&adk=2542246661&adf=2423744242&pi=t.ma~as.3202417733&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157336&bpp=2&bdt=2500&idt=196&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C600x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGjPAmKoVb&p=https%3A//itunesadvisor.com&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Jul 2021 22:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame B45E 3 KB
578 B 63ms
54ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=6158928539&adk=1020137168&adf=1551189282&pi=t.ma~as.6158928539&w=336&lmt=1626992157&psa=0&format=336x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157245&bpp=88&bdt=2408&idt=268&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQ59c7YMvQ&p=https%3A//itunesadvisor.com&dtd=275

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 21:49:17 GMT
server: ESF
date: Thu, 22 Jul 2021 22:15:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jul 2021 22:15:58 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame B45E 1 KB
869 B 17ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 21:54:26 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame B45E 18 KB
7 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 22:09:33 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame B45E 2 KB
1 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 22:15:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B45E 124 KB
37 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867014740240"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Thu, 22 Jul 2021 22:15:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame B45E 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 22:13:02 GMT

GET
H2 200 4661e2b537cafc373934756b83790a75.js Show response
www.gstatic.com/mysidia/ Frame B45E 26 KB
11 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 11:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10780
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 05:53:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 11:23:58 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B45E 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUyHqHe75YOrcIJCCjuwP9KuYoAHV-vbyY47Qk_PzDbKR5ZvWARABIODkkShglYq4gsgHoAG8y82SA8gBAakC6REG3AK8sz6oAwHIA8sEqgTgAU_QrXj6bw8dYUrPJk4KBef1_Sci-FAzV8c9u6ttuxT8Ddhd2RnrmKocmBQnMFKZryDRC7QGsLnOuhkICSTec5FmAyHoX1RhZaobJbOyHd4B7dtTsU8lNZMa6cAu66cUdyPw83KWUjT4h5-t9zu-RStpkOu_m1YmIGBHkSvycxcA5Yg5lsn3aDt7NC-ixgXi6i5KycZoccwYaXHniDNy-JUz-5oaezkW0M6tFrWj62QTbZgGcm-97rO-S9jDG9pS5EdtNIArdAc1PVg4QMhtP4jnOwrXcuRnyILDdTbCQY21wASykaW92QOSBQQIBBgBkgUECAUYBIAHrLSybagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCd2T7SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjA0MTIwMjQ0OTQ2MzU2Ng&sigh=JNliVa4rvDo

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=6158928539&adk=1020137168&adf=1551189282&pi=t.ma~as.6158928539&w=336&lmt=1626992157&psa=0&format=336x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157245&bpp=88&bdt=2408&idt=268&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQ59c7YMvQ&p=https%3A//itunesadvisor.com&dtd=275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Jul 2021 22:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C525 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=6158928539&adk=1020137168&adf=1551189282&pi=t.ma~as.6158928539&w=336&lmt=1626992157&psa=0&format=336x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157245&bpp=88&bdt=2408&idt=268&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQ59c7YMvQ&p=https%3A//itunesadvisor.com&dtd=275
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmE7VncZ0BxXDd-H_3g2QIvkb4_Ff2-zybgXC33C8iYCS9pUCDUgITYvEkBLqs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=6158928539&adk=1020137168&adf=1551189282&pi=t.ma~as.6158928539&w=336&lmt=1626992157&psa=0&format=336x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157245&bpp=88&bdt=2408&idt=268&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MQ59c7YMvQ&p=https%3A//itunesadvisor.com&dtd=275

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 22 Jul 2021 21:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C4A9 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 22 Jul 2021 03:09:05 GMT
expires: Fri, 23 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 68813
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B45E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76407a2ed1ecd487fdba85bdb290638ec1b34c724d436cb8f3b78fecdb8fff51

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107130206000/ 20 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efbfaee418ddbc99a9dd6ba614d9288ef68ab53d89a06a782905ce47c11e450a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 277620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "231829aeddfa638c"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B45E 21 KB
21 KB 50ms
49ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 244420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 02:22:18 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B45E 21 KB
21 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 203376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:46:22 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 9325 188 KB
54 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=1725684538&adk=3400310372&adf=59338513&pi=t.ma~as.1725684538&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157333&bpp=3&bdt=2497&idt=191&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fmGtNKmMWa&p=https%3A//itunesadvisor.com&dtd=194

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9325 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9325 87 KB
27 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9325 4 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9325 40 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9325 6 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732580f1a0900ddfcb8243048e05542286c0fe8f2e7cd737856025264e4fec42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 277619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2396
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4a818ee3bd6ee6b9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9325 9 KB
876 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e00f6c2716f039999bc8973a543bb471c3437f8c49891a292d8c24fcbbe41a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 20:19:43 GMT
server: ESF
date: Thu, 22 Jul 2021 22:15:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jul 2021 22:15:58 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9325 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 24085
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 23 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9325 295 B
330 B 9ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 34705
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Jul 2021 12:37:33 GMT

GET
DATA 200
OK truncated
/ Frame 9325 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9c3e98341e6b8149b2d189ac08a9c3b80294d22f7ade6c710bf56ab5f9acc4f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9325 0
0 22ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqGreDTpDH1jp05PDD4tUN8y3egikmiMeUdUqlo9ZVedr8JMa1wZoZX6rUdUHqUiVie9Z-HLdeI351jrUHdUUiIT4_sg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=1725684538&adk=3400310372&adf=59338513&pi=t.ma~as.1725684538&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157333&bpp=3&bdt=2497&idt=191&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fmGtNKmMWa&p=https%3A//itunesadvisor.com&dtd=194
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9325 0
17 B 57ms
49ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct-8WHe75YMyLIYul3wP7tYb4DKDyvOphmZTYxvgMyJX5w4sOEAEg4OSRKGCViriCyAegAanV7MICyAEJqQLpEQbcAryzPqgDAcgDCKoE2wFP0KLHxSeU1a75GHL7fWW4LM6sb6SAbO-nn72lMynpk6WUKu0rYQf3wYrffyWo4UM7Ko1dJFUy2_EvuEXcRWmtfbJQCehHeDcUp2bMryfqKe1npzV-Z40tm3W7Q0p3midlhPr6lFx96XlOdDs4n7raFOzddArVsXD-pE7qAflaU4hBR9_xtwa0g8R3IqETcr9kMiwozDdQfeptNlmimYiT1S0drm3nQDQPSoxaD2y67TVaMa3pOi0v5NV1qACeCzU0YoU-6-dhVM3XkWjIIaO9rJJ-dZt3aRhJP3fABMj2ytKvA5IFBAgEGAGSBQQIBRgEoAYugAe_qpO9AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDToEXSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItNjA0MTIwMjQ0OTQ2MzU2Ng&sigh=e-8xseTB9kk&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=1725684538&adk=3400310372&adf=59338513&pi=t.ma~as.1725684538&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157333&bpp=3&bdt=2497&idt=191&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fmGtNKmMWa&p=https%3A//itunesadvisor.com&dtd=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Jul 2021 22:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 5f9ae68190dbfc0010f287cf.png
tpc.googlesyndication.com/sadbundle/13119740857447650715/ Frame 9325 3 KB
3 KB 17ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13119740857447650715/5f9ae68190dbfc0010f287cf.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b28df42cc7ec8031f4e74e816f9f44a6cc9ea0209cd271cc98bf143d3cf5c4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:07:13 GMT
x-content-type-options: nosniff
age: 216525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
last-modified: Fri, 18 Dec 2020 13:49:50 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 10:07:13 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C4A9 35 B
463 B 41ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENd8taOQfKwhSqyWyhBgnHM&google_cver=1&google_push=AYg5qPJ15SkmPNm6pM360B1448kGf54cymaOCjUvSNcvFpfPKv6o2kro8o6RkFRvUcIkISTT_YhKi9vJQw2LDy4B_l8AoYjBSlA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C4A9
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJpx1RRrQoIoBUkTNjSiFNPgNlr7qxzUZVigeW...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBudUlRQUFBYnFvcTBlRg&google_push=AYg5qPJpx1RRrQoIoBUkTNjSiFNPgNlr7qxzUZVigeWef-EcCzm8Ppxdztb0l-N5sgaywPPys8GBTjXFgxx_9R6WygN4lRvr8Lq0

170 B
232 B

51ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBudUlRQUFBYnFvcTBlRg&google_push=AYg5qPJpx1RRrQoIoBUkTNjSiFNPgNlr7qxzUZVigeWef-EcCzm8Ppxdztb0l-N5sgaywPPys8GBTjXFgxx_9R6WygN4lRvr8Lq0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:16:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBudUlRQUFBYnFvcTBlRg&google_push=AYg5qPJpx1RRrQoIoBUkTNjSiFNPgNlr7qxzUZVigeWef-EcCzm8Ppxdztb0l-N5sgaywPPys8GBTjXFgxx_9R6WygN4lRvr8Lq0
Date: Thu, 22 Jul 2021 22:16:01 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C4A9
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE0L9-Xlt8lTvJfWz8oOIjg&google_cver=1&google_push=AYg5qPIUllY7vsb767fQSWIGhMEeyqyyDGFCo56om6cb8pAbpisPSzaqhoZdY309az-V6jXylZaY2qAwN-_BZ4IbEeqveftSDL-Z
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUllY7vsb767fQSWIGhMEeyqyyDGFCo56om6cb8pAbpisPSzaqhoZdY309az-V6jXylZaY2qAwN-_BZ4IbEeqveftSDL-Z&google_hm=PdTYXWIcjN6O08ts3d9AKA==

170 B
188 B

215ms
212ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUllY7vsb767fQSWIGhMEeyqyyDGFCo56om6cb8pAbpisPSzaqhoZdY309az-V6jXylZaY2qAwN-_BZ4IbEeqveftSDL-Z&google_hm=PdTYXWIcjN6O08ts3d9AKA==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:58 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUllY7vsb767fQSWIGhMEeyqyyDGFCo56om6cb8pAbpisPSzaqhoZdY309az-V6jXylZaY2qAwN-_BZ4IbEeqveftSDL-Z&google_hm=PdTYXWIcjN6O08ts3d9AKA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 4q2ebjqo214cdbig6hsk9boim1apbl5j

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C4A9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hM31r44tSxavJtVrPis7sA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

100ms
99ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hM31r44tSxavJtVrPis7sA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKsoNNNIMlKwN6imlUIvoqr7h3BAkD7mcA9GTQbbnYMA_Xe0KChbELJUJvwUwfpPClSFP0Td9W8dzH943EueeubItkpWIQq

Requested by

Host: itunesadvisor.com
URL: https://itunesadvisor.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hM31r44tSxavJtVrPis7sA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKsoNNNIMlKwN6imlUIvoqr7h3BAkD7mcA9GTQbbnYMA_Xe0KChbELJUJvwUwfpPClSFP0Td9W8dzH943EueeubItkpWIQq
date: Thu, 22 Jul 2021 22:15:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C4A9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRXbQE4L-KY6x-0hTiSHxg&google_cver=1&google_push=AYg5qPJ6ftT4gg2rEQzpkSqDal4pP0AVNnjzBzV62kFixYRvb5rNND6sc2JnnElqmwMZ9gXSPZ8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGSDRHREUtUS1NRTVQ&google_push=AYg5qPJ6ftT4gg2rEQzpkSqDal4pP0AVNnjzBzV62kFixYRvb5rNND6sc2JnnElqmwMZ9gXSPZ84UBHcErVvE8jdm1xd3M-iwB0c

170 B
188 B

144ms
144ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGSDRHREUtUS1NRTVQ&google_push=AYg5qPJ6ftT4gg2rEQzpkSqDal4pP0AVNnjzBzV62kFixYRvb5rNND6sc2JnnElqmwMZ9gXSPZ84UBHcErVvE8jdm1xd3M-iwB0c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGSDRHREUtUS1NRTVQ&google_push=AYg5qPJ6ftT4gg2rEQzpkSqDal4pP0AVNnjzBzV62kFixYRvb5rNND6sc2JnnElqmwMZ9gXSPZ84UBHcErVvE8jdm1xd3M-iwB0c
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame C4A9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCf...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C4A9
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFDVhBtj9-JWSj3wsqa3Wm0&google_cver=1&google_push=AYg5qPLxHpAwymXBSpVK6wnS...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLxHpAwymXBSpVK6wnSQxJAmgSUKbsoFKpFl2TR_X_PDOSZPAi2Z1JcNVH3k_K5sG7DoYmTZ9sbOuFQIlnxXhH1BiyaA_I5mg&google_hm=

170 B
232 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLxHpAwymXBSpVK6wnSQxJAmgSUKbsoFKpFl2TR_X_PDOSZPAi2Z1JcNVH3k_K5sG7DoYmTZ9sbOuFQIlnxXhH1BiyaA_I5mg&google_hm=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:16:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:16:01 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLxHpAwymXBSpVK6wnSQxJAmgSUKbsoFKpFl2TR_X_PDOSZPAi2Z1JcNVH3k_K5sG7DoYmTZ9sbOuFQIlnxXhH1BiyaA_I5mg&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 21 Jul 2021 22:16:01 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame C4A9 0
12 B 157ms
124ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jc6LDB8dXPtbkwSaORoTpQ6hd9Gm4k27zrxUKW7PIbYWXO-o9M9t-dvMl8pjxDDyBRQ5qWuQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v14/ Frame 9325 16 KB
16 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v14/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 23:29:46 GMT
x-content-type-options: nosniff
age: 168372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 21:25:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 23:29:46 GMT

GET
H3-29 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v14/ Frame 9325 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v14/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 23:29:29 GMT
x-content-type-options: nosniff
age: 168389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 21:27:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 23:29:29 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C525
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmE7VncZ0BxXDd-H_3g2QIvkb4_Ff2-zybgXC33C8iYCS9pUCDUgITYvEkBLqs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 22 Jul 2021 22:15:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 22-Jul-2021 23:15:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 22 Jul 2021 22:15:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 22 Jul 2021 22:15:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js Show response
pagead2.googlesyndication.com/bg/ Frame B569 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13214
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 16:12:50 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9325 2 KB
2 KB 38ms
37ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 24085
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 23 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9325 295 B
330 B 38ms
37ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 34705
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Jul 2021 12:37:33 GMT

GET
H3-29 200 5f9ae68190dbfc0010f287cf.png
tpc.googlesyndication.com/sadbundle/13119740857447650715/ Frame 9325 3 KB
3 KB 37ms
37ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13119740857447650715/5f9ae68190dbfc0010f287cf.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b28df42cc7ec8031f4e74e816f9f44a6cc9ea0209cd271cc98bf143d3cf5c4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:07:13 GMT
x-content-type-options: nosniff
age: 216525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
last-modified: Fri, 18 Dec 2020 13:49:50 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 10:07:13 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 46ms
45ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d7e5083ed6517423d465640289887109e38780ddeeed074321c126a9341a6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 22:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8459
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 22:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 22 Jul 2021 22:15:58 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F49F 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itunesadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itunesadvisor.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 22 Jul 2021 20:16:06 GMT
expires: Fri, 22 Jul 2022 20:16:06 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7DF2 783 B
533 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

001c918ce59485251d26dfc37f0f5d26c97e1d849690f8b781dac9cacd7b281b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o3v7OLNXWnqQnaog/rWW/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itunesadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itunesadvisor.com/

Response headers

expires: Thu, 22 Jul 2021 22:15:58 GMT
date: Thu, 22 Jul 2021 22:15:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-o3v7OLNXWnqQnaog/rWW/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js Show response
pagead2.googlesyndication.com/bg/ Frame F49F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13214
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 16:12:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=2965431684753476&bg=!MDOlM3fNAAbnC78O5ws7ACkAdvg8WiUsgEh2iDd9EqkTmn7DwdiomcPPfadHfyGBV0yT2wzBqlkmZgIAAADOUgAAAA9oAQeZAnhpJclOIgZ_ggA1FcfmWJSuQPHZFRVPboO2hyZX0qGWEbVbm0SBH1Pvj7IkuA6exJkKS2ZD-peWThBjk9QO8KsXrJ6zeoNQKOhl5OMEMiOWfzpoSFpP_OaL1tajgNZyuubOTA6uIjJM2M2SCM6D58sg9uWswf3YbMmqCxr7cW_pU_4OHDncA7f3vV9pv8uxuESn1Bh938FEd3k6xEwxN1Ctuf_Pk7Mch7ROajOwK5ybpd5VZHXghvcfQcEUbYCQm9pJi0G8IYGJbzlr2choVy5rt0kVsjwiPKX6VnuSRvtrJTOYtbqHKgREjVnEDZeuPe5kOCgHvvO3AUbz7PBtpYgEXeAgDxZ3lrWQNO3swThpcb6GaoaX5QjGDuakoQ345GdNib6hB3k6p2HdsR1Q6N72W-GIXa_qKEZPeKKrnPm3Gs2Y2L_W__FbY_uKA2Lq4Nm4nv5lE4KRv5pAzJ2n7cjPnJM7GrMF4iXjC4nrZ71f8po3j53ACtFYX-SDVaIo2FHGlxzC3huMpIFT4K9hdvspfKfNKdqAXcHdMwAAtSfAizAHiE7v4iCIbMAMpw7XGGTgskkMAKrUv_MrHZn7ksrspJBDZLPu166bV6E7AT9dQXZ7YnsZmgEY0PhMG21Bu9Lh2oSp_s8RjYoza2wsFhrsr47j2QQYF87LB_zbjXjG4xX_KLHknNohgaV9CG9co4LChMkraw_lGyQrAz9CEbhk9_-qCqYjB8hxDcTHC6wuyRMv8qfh5i6FyGktjzBLhsvVH-o1r6oub56kGW73o2iAc4jDVsemWVTExsmF-gYmeE_S5F91EM0mEUML-4YT7g1BzBK4Pqhgkg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B45E 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucqjU-TjfXkjT_PrIX2kjKJE9LW6fb0c96mS5-aLfX3UnVms7mN2UqxvSphNX37jaq-TAFDdL2MPfREUus7MgisTh-L-de4mxebGif4kNCNCaDiMzqqai6Q5l3RioO_witbFd00BIkEpL1wDgPbOvH&sai=AMfl-YRbHdgtg0CVX9ubb65BE6o8Kc3zT5-6khItnVfw9Vl99a8W4f7gn5MkUTab5A2SyPMMyEWP_kVtrLi6eqZ42NKH61SM74ti6vw&sig=Cg0ArKJSzKqRFX6OOyk0EAE&cid=CAASF-RoCcBZ9fk62TRJ3Icfb7kyVfiPRvzs&id=lidar2&mcvt=1001&p=394,500,674,836&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210721&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1020137168&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626992157523&dlt=608&rpt=189&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9325 42 B
64 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszEW_DiwkngAfkqqQSKp6DFL1WRfgCYyjYqjOf_pB9v9_c-dljAcLYTuZLCjUgUm60lvVtMMsk_nqUTFj8EUO59Caj94VgRyc0E6E6BTRbYgGtare-tTNQEIktLw&sai=AMfl-YRZLDQJsGqYabG0J2fCKvBQxxL0WNoNczujOaSQX1GyzxvfTnkCSFrBvht1Kwz2mJaP8SF6UqA-jPR6A8wrRhBqHGG7l4cMO-s&sig=Cg0ArKJSzOGRwUeNaXbXEAE&cid=CAASF-RoIo45VIEa_f1eucv1Jy6CfXPDXMg_&id=ampim&o=500,1037&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=238&tls=1240&g=58.21428298950195&h=58.21428298950195&tt=1240&r=v&avms=ampa&adk=3400310372

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 22:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 in.php
in.getclicky.com/ 139 B
434 B 152ms
151ms Ping
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101168026&type=ping&jsuid=2985357097&mime=js&x=0.7495819555589793
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash

Request headers

Referer: https://itunesadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 22 Jul 2021 22:16:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPnuHir8vBe9jf7oqyAJigAABLcAAAAB&google_cver=1&google_push=AYg5qPL-17NFSRUJbZ6XW7iULZAxcRdNJUMQnsg-taWMamsOlhe_Grn1145qQK37bG3zE0GCAfCft2vvjR1ZV0FWxLmrtiuZwXI&google_gid=CAESEMdlp1dwzidRHgmbxAcqpUQ

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 05:18:08	Name: IDE Value: AHWqTUlxOX_i9mbb-cBQAzrH99AYXA6eHa-MT1R7TO44zM-6D_LajlJA8Q6cSu7TgM8

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://itunesadvisor.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=3202417733&adk=2542246661&adf=2423744242&pi=t.ma~as.3202417733&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157336&bpp=2&bdt=2500&idt=196&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C600x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KGjPAmKoVb&p=https%3A//itunesadvisor.com&dtd=207
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041202449463566&output=html&h=280&slotname=1725684538&adk=3400310372&adf=59338513&pi=t.ma~as.1725684538&w=600&fwrn=4&fwrnh=100&lmt=1626992157&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fitunesadvisor.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626992157333&bpp=3&bdt=2497&idt=191&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7199185722904&frm=20&pv=1&ga_vid=1746891831.1626992157&ga_sid=1626992157&ga_hid=1174438691&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061846&oid=2&pvsid=2965431684753476&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fmGtNKmMWa&p=https%3A//itunesadvisor.com&dtd=194

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
in.getclicky.com
itunesadvisor.com
m.exactag.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
static.getclicky.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
142.250.186.162
185.64.189.115
198.143.149.60
198.145.13.12
213.202.235.10
216.58.212.162
2606:4700::6810:dd1d
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
35.227.252.103
52.18.11.109
69.173.144.139
79.137.69.91
001c918ce59485251d26dfc37f0f5d26c97e1d849690f8b781dac9cacd7b281b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f39d3bfd77bd9b83cebee50aa8b613675f2482ec939d86abff740ad3babead7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0fe86d69d4d574e9142634e734c85d806d5717d2bf9119131e4d3c47a378a8
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
203cf8bdf4c81540004da0b9bd1510badfcdd6be797004cf2d0d47550d2019ee
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
226493c7f7a033b43e24d0ce2115ef8d2be36fe6de4dbf6a3cbba6dca53be7c3
24ef016975f79f14b13ff3b7113560ff24cfc60efcf4a6b17ec291849246172b
2660736305b4615665ac8904440c0be90f7f05e74507e85bc138f81219ae674d
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba68d824479789c8d4c93107d162fc582b36d6e65e356e8bfc64b025f195df5
2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317
2d094785eaf284df1a4d6d385923bc77fd25866ea51f1fd638caea9287e5d401
2d51f967fd943ba360bd29fd26390f72564c2ded8c807d7397d3a463f7ae43f7
2d539fbc94dc2803e51413d3d57bfb0e7e04e1484ccbf21ce44602bd92f7a4e3
2e00f6c2716f039999bc8973a543bb471c3437f8c49891a292d8c24fcbbe41a5
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
33a8dac2523e255f32bcaaa7d9ace73f6616133ee745bd05da30dbfed5b2cc55
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b4cfe724d0ef7840099ced8aa63bee82833a04358b8102a2b0df13ee7b98655
45e736677a3954922b5157fbe11db8464434ac31d9190bf5c94973413625a6ce
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4ca6dd97b62c2f6e9263710d88f9ccb54612bdccd98c08ead481a0347e9a4e1f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5189658b1f2daae71ab3b070b6e0b54f412ed79e468c14a1d16c92824a3b2af7
51b3ee4b981dbbd0e2ea54b2fafd15f7ef6bfebb165cb4a6fdd7cd8e6f343024
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
61978337958bc897e54ca82350fa8c5247fe7c9bda6c0da4c6ddffb526a94f04
6404610009e3864939a057aec317ba947aff11e5b7002dcaaf362c3dc0fd6377
6e1382bea3a18f50aa0a1204cae7697034eb6e54a08c2582e4986e34ec55edd1
732580f1a0900ddfcb8243048e05542286c0fe8f2e7cd737856025264e4fec42
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
76407a2ed1ecd487fdba85bdb290638ec1b34c724d436cb8f3b78fecdb8fff51
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ab9f722f57bb54d23b45364de036ef7a928152a833dc5ac32a358da42802286
7d7e5083ed6517423d465640289887109e38780ddeeed074321c126a9341a6a4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8a1c951a818174eaaaf001a306bad640b788f504b3b55a86970c8c49220bdb1e
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8
93aea7e3c21a5bc34e432149592dfbe6a432f4039a8f93bdb6b43db00b8d40c9
94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c
96602af025a90cac2446b52c482f1f4a3d753edffd40531e435c74462d814210
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b159722b91f7663d33ce1f0e95de72389955edfa5a12cfe6c94b6705468ae805
b28df42cc7ec8031f4e74e816f9f44a6cc9ea0209cd271cc98bf143d3cf5c4bc
b5786f786a65f1e850e2f3428388cec1a249f46141c09fef1f3bf8bc4cca3b1b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07
c41f130fac83aab5327bcf2414219ad5e98bff3ccf1ed137551b427390c9badd
c72e23882b180037972c27408c198d97026a5cb3f6be62878749a069f289b73e
c7e3eac1b2c0f5c2d934241ee44a85b4a1a1f3c7c85e05381e2c4b622fe5501d
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
c8db9f853525deceda9c0749a25a9f2639355d88231b31d6e2b9cc22c206ff41
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d78a9904e5ab2482a0e8ed1ee4061c53633a4a83efdba1f14e104550126ae5c9
d7dcbf991e3140883fbb0cea57b778db313c0ee8f57205404257ac98e1aa1444
d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7
d9c3e98341e6b8149b2d189ac08a9c3b80294d22f7ade6c710bf56ab5f9acc4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7017f44e22bf9c2476760ae3365a1021065a5b7972180f352f61bd231f62f5
efbfaee418ddbc99a9dd6ba614d9288ef68ab53d89a06a782905ce47c11e450a
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
f44aa30853513f5852732da53b8b94e71207278c2a6eadcc0631a75cab3cc100
f50cd1f9a7d3ab95391225b3a8d36eca059105990afdada14ca150953df3f6c4
f69adcb2ca28e3e811ad5b88d7b6d86a68d736c715bca3d4953f0566d1447321
f9a884509d4fdff2f7ad2abb7033e405479f4cc237032f61464eb56a53a4e245
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

itunesadvisor.com Open in urlscan Pro 198.143.149.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

124 Requests

99 %HTTPS

58 %IPv6

18 Domains

23 Subdomains

20 IPs

5 Countries

1120 kBTransfer

3104 kBSize

1 Cookies

1 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

itunesadvisor.com Open in urlscan Pro
198.143.149.60 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

99 %
HTTPS

58 %
IPv6

18
Domains

23
Subdomains

20
IPs

5
Countries

1120 kB
Transfer

3104 kB
Size

1
Cookies

124 HTTP transactions
4 data transactions