URL: https://i-tunes.org.ua/
Submission Tags: @phishunt_io
Submission: On March 08 via api from ES

Summary

This website contacted 17 IPs in 6 countries across 16 domains to perform 63 HTTP transactions. The main IP is 185.179.191.72, located in Russian Federation and belongs to WEBHOST1-AS, RU. The main domain is i-tunes.org.ua.
TLS certificate: Issued by R3 on December 31st 2020. Valid for: 3 months.
This is the only time i-tunes.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
14 i-tunes.org.ua i-tunes.org.ua
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 pagead2.googlesyndication.com i-tunes.org.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 cm.g.doubleclick.net googleads.g.doubleclick.net
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 rtb.openx.net 2 redirects
2 id.rlcdn.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 counter.yadro.ru 1 redirects i-tunes.org.ua
1 googlecm.hit.gemius.pl 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 www.google.com 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
63 20

This site contains links to these domains. Also see Links.

Domain
secure-appldnld.apple.com
tinyurl.com
www.liveinternet.ru
Subject Issuer Validity Valid
i-tunes.org.ua
R3
2020-12-31 -
2021-03-31
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
counter.yadro.ru
R3
2021-01-13 -
2021-04-13
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.google.de
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.innovid.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh

This page contains 9 frames:

Primary Page: https://i-tunes.org.ua/
Frame ID: 3ECA9E589D1D4326A9CD82A4B4F64E7E
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Frame ID: F34B873BF9A94770FE165C5CDCA24121
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&adk=1812271804&adf=3025194257&lmt=1610294746&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fi-tunes.org.ua%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615164974811&bpp=1&bdt=93&idt=135&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=140
Frame ID: E6E111E31D5FC1DF6B1D89C090B4D649
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Frame ID: FE399485E4F300BFEA955AF1550A9193
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6BF01A4EC673D346E467D03E25049067
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
Frame ID: C967F3538D7A03D2F88A8580F0637A8A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF032561E68DB892F7663501D7F7DE8B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
Frame ID: 95C82DEF40BDFDC712C9AA39220A5EFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 47DFAADF2A2A867B6B6AF1C97D77C4CA
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

63
Requests

100 %
HTTPS

59 %
IPv6

16
Domains

20
Subdomains

17
IPs

6
Countries

977 kB
Transfer

1626 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//i-tunes.org.ua/;0.2637128680116272 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//i-tunes.org.ua/;0.2637128680116272
Request Chain 45
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 51
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJ_rrCZktrc5TEfYQICqtZXDRirHXlejyFcXrLd4R1CKIKkQuHTLakEdrvKCMvUw7IA8Y94D1hJziIYFUZ99I-c807_gY6tGg&google_gid=CAESEN6pImGwbadIY91dqi9eiOw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVWMkx3QUFBUGk3OTB0NA&google_push=AQvitUJ_rrCZktrc5TEfYQICqtZXDRirHXlejyFcXrLd4R1CKIKkQuHTLakEdrvKCMvUw7IA8Y94D1hJziIYFUZ99I-c807_gY6tGg
Request Chain 52
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJxRtC_-nLI8fxWuLu7C1QJoXqRP5RnlgAoVTpKPfC7wim40GfL2Fi9YKMQOvY8z_jXuAaRPyZlJSScSNCM8LpUiGVhFRTcHg&google_gid=CAESEKzGdJHgMdrH2Vv9cDu7664&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK_slYIGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVKeFJ0Q18tbkxJOGZ4V3VMdTdDMVFKb1hxUlA1Um5sZ0FvVlRwS1BmQzd3aW00MEdmTDJGaTlZS01RT3ZZOHpfalh1QWFSUHlabEpTU2NTTkNNOExwVWlHVmhGUlRjSGc HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYW5CR2dUc3daM2dvYzJHWWM0QkpIZElWMjcwZ1ZpZElDTDdDWVo2ak9ncw==&google_push
Request Chain 53
  • https://rtb.openx.net/sync/dds?google_gid=CAESED-8evAiQZo2z3elB9ZFG-M&google_cver=1&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESED-8evAiQZo2z3elB9ZFG-M&google_cver=1&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI&google_hm=dVQDfsvWzc8kFO0jn8-ubg==
Request Chain 54
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_cver=1&google_push=AQvitUIjUdsXek7Ute1rrwpeBhwgc3awBWc6B-0EtWmUd-0kilpbASFcRNjV7PzGxu9RL48L7Pf9NYth9GabeqTZq7eUFTcacLKhgg HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_cver=1&google_push=AQvitUIjUdsXek7Ute1rrwpeBhwgc3awBWc6B-0EtWmUd-0kilpbASFcRNjV7PzGxu9RL48L7Pf9NYth9GabeqTZq7eUFTcacLKhgg&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEV2Lyk4vE9YltSgRYGBhgAABIQAAAAB&google_cver=1&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_push=AQvitUIjUdsXek7Ute1rrwpeBhwgc3awBWc6B-0EtWmUd-0kilpbASFcRNjV7PzGxu9RL48L7Pf9NYth9GabeqTZq7eUFTcacLKhgg
Request Chain 56
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO85-_Dj55OxXFzkrfCIcCo&google_cver=1&google_push=AQvitUJ1pZUFPT-wAJIwm4S_fCcyLdkJ7qcNKz7DonXuDUhBC8VYwWjf3FHDNv48LGWm4PkY8fF3MJ_MPc_qpMIdkMjzkFhcDlDY90s HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ1pZUFPT-wAJIwm4S_fCcyLdkJ7qcNKz7DonXuDUhBC8VYwWjf3FHDNv48LGWm4PkY8fF3MJ_MPc_qpMIdkMjzkFhcDlDY90s&google_hm=

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
i-tunes.org.ua/
13 KB
6 KB
Document
General
Full URL
https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
01138ea5711e355869f3f56b2c20e679c71c98ac3cfa4d783ee32eb458883c80

Request headers

:method
GET
:authority
i-tunes.org.ua
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 08 Mar 2021 00:56:14 GMT
content-type
text/html
last-modified
Sun, 10 Jan 2021 16:05:46 GMT
etag
W/"33d5-5b88df66046ab"
content-encoding
gzip
style.css
i-tunes.org.ua/
245 B
341 B
Stylesheet
General
Full URL
https://i-tunes.org.ua/style.css
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
193713060776d2e8b5d604de46b2ec928b36e80ee00c64da85aed5e109cc7924

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
content-encoding
gzip
last-modified
Fri, 13 Dec 2019 18:03:07 GMT
server
nginx
etag
W/"5df3d25b-f5"
content-type
text/css
cache-control
max-age=2592000
expires
Wed, 07 Apr 2021 00:56:14 GMT
besplatno-aituns-ipad.jpg
i-tunes.org.ua/
2 KB
2 KB
Image
General
Full URL
https://i-tunes.org.ua/besplatno-aituns-ipad.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
95097d2d1484d8e6fe87a87decb33528c7323b5f93b1268f8a920194c0729beb

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:08 GMT
server
nginx
etag
"5df3d25c-641"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1601
expires
Wed, 07 Apr 2021 00:56:14 GMT
ituns-skachat-tunets.jpg
i-tunes.org.ua/
4 KB
4 KB
Image
General
Full URL
https://i-tunes.org.ua/ituns-skachat-tunets.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
85ab8fc2d4de37709f4c28296fa8c6b54427a05594711c0b1900134e4605da59

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:09 GMT
server
nginx
etag
"5df3d25d-e66"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3686
expires
Wed, 07 Apr 2021 00:56:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
140 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50479
x-xss-protection
0
server
cafe
etag
13215137272821469477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 00:56:14 GMT
itunes-12-skachat.jpg
i-tunes.org.ua/
4 KB
4 KB
Image
General
Full URL
https://i-tunes.org.ua/itunes-12-skachat.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
70f75b3cb0d8d095c6eaf23d8c70b39009e543723a968feb31e2cfb11c834447

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:09 GMT
server
nginx
etag
"5df3d25d-106e"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4206
expires
Wed, 07 Apr 2021 00:56:14 GMT
skachat-itunes-11.jpg
i-tunes.org.ua/
4 KB
4 KB
Image
General
Full URL
https://i-tunes.org.ua/skachat-itunes-11.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
56fdba66525224bce8f4c22daa195590c968807aee225d7ef182c843bf411ca8

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:10 GMT
server
nginx
etag
"5df3d25e-1033"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4147
expires
Wed, 07 Apr 2021 00:56:14 GMT
skachat-ajtyuns-10-7.jpg
i-tunes.org.ua/
4 KB
4 KB
Image
General
Full URL
https://i-tunes.org.ua/skachat-ajtyuns-10-7.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
3dcb5d8d7fd0bf77fc321466009359e7157a4d0903c71859a24c6126aa2b25fa

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:10 GMT
server
nginx
etag
"5df3d25e-f94"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3988
expires
Wed, 07 Apr 2021 00:56:14 GMT
apple-itunes-opisanie.gif
i-tunes.org.ua/
3 KB
3 KB
Image
General
Full URL
https://i-tunes.org.ua/apple-itunes-opisanie.gif
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
8f4ac4e8a095cae1d5faaa2115ec4ec93109a45086eaceeef2844607a9cd7b6b

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:07 GMT
server
nginx
etag
"5df3d25b-a11"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2577
expires
Wed, 07 Apr 2021 00:56:14 GMT
itunes-iphone.png
i-tunes.org.ua/
962 B
1 KB
Image
General
Full URL
https://i-tunes.org.ua/itunes-iphone.png
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
acc4f74ea110c75ab5891b963f3845b1fdafe4862fdafa065d65bf0890faa0e2

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:11 GMT
server
nginx
etag
"5df3d25f-3c2"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
962
expires
Wed, 07 Apr 2021 00:56:14 GMT
aituns-skachat-na-russkom.jpg
i-tunes.org.ua/
72 KB
72 KB
Image
General
Full URL
https://i-tunes.org.ua/aituns-skachat-na-russkom.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
8fe36d3a7335a995df4d56d04498994292be89191ac381242ae17751a52a529d

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:08 GMT
server
nginx
etag
"5df3d25c-11fb4"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
73652
expires
Wed, 07 Apr 2021 00:56:14 GMT
itunes-skachat-besplatno.jpg
i-tunes.org.ua/
99 KB
100 KB
Image
General
Full URL
https://i-tunes.org.ua/itunes-skachat-besplatno.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
f4aeadb4d3f0e8f440cc8cd40a0780d4504b28e910f54b98d6c603071562e458

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:09 GMT
server
nginx
etag
"5df3d25d-18cfb"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
101627
expires
Wed, 07 Apr 2021 00:56:14 GMT
skachat-itunes-bez-sms.png
i-tunes.org.ua/
4 KB
4 KB
Image
General
Full URL
https://i-tunes.org.ua/skachat-itunes-bez-sms.png
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
f4f603569428774685f88f4992f5c5d7215c23f10cce01a8577177e6f9e04f55

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:12 GMT
server
nginx
etag
"5df3d260-1090"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4240
expires
Wed, 07 Apr 2021 00:56:14 GMT
itunes-download-free.jpg
i-tunes.org.ua/
2 KB
2 KB
Image
General
Full URL
https://i-tunes.org.ua/itunes-download-free.jpg
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
887686f014c7ff1583f93ea3db623a0ee0d32797c28ab6b83639e4ca88e65eff

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:09 GMT
server
nginx
etag
"5df3d25d-7f8"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2040
expires
Wed, 07 Apr 2021 00:56:14 GMT
logo-itunes-10-7.png
i-tunes.org.ua/
323 KB
324 KB
Image
General
Full URL
https://i-tunes.org.ua/logo-itunes-10-7.png
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.179.191.72 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS
s09-1.mx.webhost1.ru
Software
nginx /
Resource Hash
24e48242ec81765984b5a3cda69fa409d742b3f0bfc6908a9e1b6f114c756f1c

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
last-modified
Fri, 13 Dec 2019 18:03:12 GMT
server
nginx
etag
"5df3d260-50cbf"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
330943
expires
Wed, 07 Apr 2021 00:56:14 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//i-tunes.org.ua/;0.2637128680116272
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//i-tunes.org.ua/;0.2637128680116272
128 B
582 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//i-tunes.org.ua/;0.2637128680116272
Requested by
Host: i-tunes.org.ua
URL: https://i-tunes.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c7c1a62965c048b5ee07fd408223360a5ce6f4bb91a25dce97a783c2892b38a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 00:56:14 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
128
Expires
Sat, 07 Mar 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 00:56:14 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//i-tunes.org.ua/;0.2637128680116272
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 07 Mar 2020 21:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/
227 KB
86 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 00:56:14 GMT
cookie.js
partner.googleadservices.com/gampad/
204 B
643 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=i-tunes.org.ua&callback=_gfp_s_&client=ca-pub-6432275440541275
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a98f46b0161b1e560927908696ebd4d8ce47b33d709a53112ee9b7a01206738f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=i-tunes.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 00:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=i-tunes.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 00:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F34B
71 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0c9d2cd337c0fd95122df7f93d221627fcc27aa42c36fae22ee2fb2b4ef6118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://i-tunes.org.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://i-tunes.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 08 Mar 2021 00:56:15 GMT
server
cafe
content-length
26014
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 01:11:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Mar 2021 00:56:15 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Mon, 08 Mar 2021 00:56:14 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E6E1
1 KB
646 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&adk=1812271804&adf=3025194257&lmt=1610294746&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fi-tunes.org.ua%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615164974811&bpp=1&bdt=93&idt=135&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8d3d682ceb086c5c1cd290da21af4eaa0f81b89025722f321b176ca920df2ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6432275440541275&output=html&adk=1812271804&adf=3025194257&lmt=1610294746&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fi-tunes.org.ua%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615164974811&bpp=1&bdt=93&idt=135&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=140
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://i-tunes.org.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://i-tunes.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 08 Mar 2021 00:56:15 GMT
server
cafe
content-length
443
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 01:11:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Mar 2021 00:56:15 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/
107 B
777 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=i-tunes.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 00:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=i-tunes.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 00:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FE39
75 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1e5dfee8b0e2d5c4eacf1e004b88f5d22dd46010e50b95ed53a413c416398af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://i-tunes.org.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://i-tunes.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 08 Mar 2021 00:56:15 GMT
server
cafe
content-length
25493
x-xss-protection
0
set-cookie
IDE=AHWqTUmaXNWEaT_W6EPB_NMuZTCfzb5ZBRLpj0m4dG_zQQE8GghRyXHO_hnwJXSvIio; expires=Sat, 02-Apr-2022 00:56:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Mar 2021 00:56:15 GMT
cache-control
private
16067422286305056994
tpc.googlesyndication.com/simgad/ Frame F34B
12 KB
12 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16067422286305056994?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmOFP7VSbA3s5XVrDiherTijY-fgg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44ea2fb8d5c936b2c950c2a5a8dde33f3affed6c2efd51db623fa76380f7262e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 23:05:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 13:49:41 GMT
server
sffe
age
352262
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12176
x-xss-protection
0
expires
Thu, 03 Mar 2022 23:05:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame F34B
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 23:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 23:49:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F34B
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 23:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 23:50:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F34B
110 KB
34 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Mon, 08 Mar 2021 00:56:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F34B
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Mar 2021 00:11:22 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F34B
26 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 17:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10963
x-xss-protection
0
server
cafe
etag
5048180228173261443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 17:19:42 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F34B
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcdaHLnZFYMOsOpq_gQe4q6fwDYKts95hyYTYxvgM2uvfwagOEAEgv5fnFWCVAqABqdXswgLIAQKpAt9lTwLM-7M-qAMByAPJBKoE1gFP0ODKduq96IJq35f-CpXMWh0B8x8QuOl_TlKSmItObsD7xISgu560rqb0j5fpkZ-MFFsDCNA8Sus0gtjfQmAQ3ekU9tSo8xuNUt823VibIRPFzSBzX6Sprm-ZLuz7sJBfzr7FUGD4jebH9GjRZbNnmXc-DPNDqusIOxJAqYDp_5h-gn_cS9YdQ2kVcfAybF2oc4NsPgwJKN0s3-VyeK2JimaLjxievZbCmS4DapJ6_IWXOf8TWRo_GYcBpwb0ENpa_9FYLgcrRYXv59hbDLy4jHJZRH3pwATI9srSrwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHv6qTvQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ5YRc0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTY0MzIyNzU0NDA1NDEyNzU&sigh=Vcl_k1Ranu0&tpd=AGWhJmtByByOthen0oaws5bOEk8N0oMd-rAOm_PZ1k2EUZaQOw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 08 Mar 2021 00:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 08 Mar 2021 00:56:15 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6BF0
143 B
216 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmaXNWEaT_W6EPB_NMuZTCfzb5ZBRLpj0m4dG_zQQE8GghRyXHO_hnwJXSvIio
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 08 Mar 2021 00:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
891
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F34B
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20cd2929e70c9ed6e7f2ebeb7d40df99cc4e7655cfd8d35eb78a9083675b47bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame FE39
6 KB
765 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 23:21:51 GMT
server
ESF
date
Mon, 08 Mar 2021 00:56:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Mar 2021 00:56:15 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame FE39
2 KB
992 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Mar 2021 00:15:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame FE39
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 23:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 23:49:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame FE39
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 23:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 23:50:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE39
110 KB
33 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Mon, 08 Mar 2021 00:56:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame FE39
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Mar 2021 00:11:22 GMT
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame FE39
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 09:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 07:11:17 GMT
server
sffe
age
400221
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Tue, 01 Jun 2021 09:45:54 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4403286352500470823/ Frame FE39
21 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4403286352500470823/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f1d2687d363c2093f51e70c6a7a1cfd0291ad4fe8624d8623f3e4512d9caeea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 02:09:32 GMT
x-content-type-options
nosniff
age
254803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21966
x-xss-protection
0
last-modified
Tue, 03 Dec 2019 15:36:33 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 02:09:32 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11275278503810558012/ Frame FE39
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11275278503810558012/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e0dfd86a1b7b0c06a17278921a0e6ace0db592876d113dbd8c6f8607c7abb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 05:27:51 GMT
x-content-type-options
nosniff
age
242904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4874
x-xss-protection
0
last-modified
Mon, 27 Apr 2020 12:59:47 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 05:27:51 GMT
truncated
/ Frame FE39
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame FE39
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmRfrL3ZFYJCLBZuwx_APtfuYoArp37b1YJaGqcjAC5aCzYWIFhABIL-X5xVglQKgAa3h4PACyAEJqQLfZU8CzPuzPqgDAcgDywSqBNkBT9DF0Ckx43SwqaleiAP92oq72wqJVPw0gHBPAts2MmiTtVQ8af7gYN5XFaBjrmgV9yR3YATvCr7ogWaVpvc6ONAs1jD0bvimKu2_pzzvDF_RonInpTLaIuedkgierq8CO4KkvuNMZuLpMtadgBKhAG5PNewDCfExqZjOHGE4Hves16ikEYqh1GzBMkO6SHE1OR46WmzSZb40CWXAe2vFIThjjMFlY5BwEw-XgbnzwRYJJvfFEthS18gvbaBMbFfK4YBx9kYfxRhEHeHEgm7m61n6Dk1v8RHU-MAE-8C-g_YCkgUECAQYAZIFBAgFGASgBi6AB7uen48BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKOMMNIICQiA4YAQEAEYH4AKAcgLAdgTDYgUArIXGgoYCAASFHB1Yi02NDMyMjc1NDQwNTQxMjc1&sigh=EhDQNylgXTE&template_id=484&tpd=AGWhJmtvahdMQgpUi9id10-_HbAwZD3nu1lQQXWNxfh7xgmA2A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 08 Mar 2021 00:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6BF0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
110 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmaXNWEaT_W6EPB_NMuZTCfzb5ZBRLpj0m4dG_zQQE8GghRyXHO_hnwJXSvIio
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 08 Mar 2021 00:56:15 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 08-Mar-2021 01:56:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Mar 2021 00:56:15 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 08 Mar 2021 00:56:15 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
pagead2.googlesyndication.com/bg/ Frame C967
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=200&slotname=5321391906&adk=3727500122&adf=1583787941&pi=t.ma~as.5321391906&w=1200&fwrn=4&lmt=1610294746&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&wgl=1&dt=1615164974806&bpp=5&bdt=89&idt=112&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6105023324068&frm=20&pv=2&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qrCXG9n8d1&p=https%3A//i-tunes.org.ua&dtd=132
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 07:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
235091
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5632
x-xss-protection
0
expires
Sat, 05 Mar 2022 07:38:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FF03
1 KB
854 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 07 Mar 2021 03:14:09 GMT
expires
Mon, 08 Mar 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
78126
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FE39
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
414a8ea32f608c02f4c69dd53e606912e5bb15ef46f234c987ee9f09dba3b95b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame FE39
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
302375
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:40 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame FE39
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
363824
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 03 Mar 2022 19:52:31 GMT
pixel
cm.g.doubleclick.net/ Frame FF03
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJ_rrCZktrc5TEfYQICqtZXDRirHXlejyFcXrL...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVWMkx3QUFBUGk3OTB0NA&google_push=AQvitUJ_rrCZktrc5TEfYQICqtZXDRirHXlejyFcXrLd4R1CKIKkQuHTLakEdrvKCMvUw7IA8Y94D1hJziIYFUZ99I-c807_gY...
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVWMkx3QUFBUGk3OTB0NA&google_push=AQvitUJ_rrCZktrc5TEfYQICqtZXDRirHXlejyFcXrLd4R1CKIKkQuHTLakEdrvKCMvUw7IA8Y94D1hJziIYFUZ99I-c807_gY6tGg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVWMkx3QUFBUGk3OTB0NA&google_push=AQvitUJ_rrCZktrc5TEfYQICqtZXDRirHXlejyFcXrLd4R1CKIKkQuHTLakEdrvKCMvUw7IA8Y94D1hJziIYFUZ99I-c807_gY6tGg
Date
Mon, 08 Mar 2021 00:56:15 GMT
Server
Apache
Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame FF03
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJxRtC_-nLI8fxWuLu7C1QJoXqRP5RnlgAoVTpKPfC7wim40GfL2Fi9YKMQOvY8z_jXuAaRPyZlJSScSNCM8LpUiGVhFRTcHg&google_gid=CAESEKzGdJHgMdrH2Vv9cDu7664&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK_slYIGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVKeFJ0Q18tbkxJOGZ4V3VMdTdDMVFKb1hxUlA1Um5sZ0FvVlRwS1BmQzd3aW00MEdmTDJGaTlZS01RT3ZZOHpfalh1QWFSUHlabEpTU2NTTk...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYW5CR2dUc3daM2dvYzJHWWM0QkpIZElWMjcwZ1ZpZElDTDdDWVo2ak9ncw==&google_push
170 B
484 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYW5CR2dUc3daM2dvYzJHWWM0QkpIZElWMjcwZ1ZpZElDTDdDWVo2ak9ncw==&google_push
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 08 Mar 2021 00:56:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYW5CR2dUc3daM2dvYzJHWWM0QkpIZElWMjcwZ1ZpZElDTDdDWVo2ak9ncw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame FF03
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESED-8evAiQZo2z3elB9ZFG-M&google_cver=1&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI
  • https://rtb.openx.net/sync/dds?google_gid=CAESED-8evAiQZo2z3elB9ZFG-M&google_cver=1&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI&google_hm=dVQDfsvWzc8kFO0jn8-ubg==
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI&google_hm=dVQDfsvWzc8kFO0jn8-ubg==
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJYhxtNoxfpOZpOWr2MhPqlKsYDfJNZbKRD7JJLrq4wcavzZZWy5reoAuBWukfbVpVEHEeE1HvdOX8p9TJ-l0TMJunWZyvI&google_hm=dVQDfsvWzc8kFO0jn8-ubg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
61giqcbkrqgdd5lmpdokni21rh6uj84m
pixel
cm.g.doubleclick.net/ Frame FF03
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEV2Lyk4vE9YltSgRYGBhgAABIQAAAAB&google_cver=1&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_push=AQvitUIjUdsXek7Ute1rrwpeBhwgc3awBWc6B...
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEV2Lyk4vE9YltSgRYGBhgAABIQAAAAB&google_cver=1&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_push=AQvitUIjUdsXek7Ute1rrwpeBhwgc3awBWc6B-0EtWmUd-0kilpbASFcRNjV7PzGxu9RL48L7Pf9NYth9GabeqTZq7eUFTcacLKhgg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 00:56:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEV2Lyk4vE9YltSgRYGBhgAABIQAAAAB&google_cver=1&google_gid=CAESEB5fnDRLWFHeo8m9xqD65mE&google_push=AQvitUIjUdsXek7Ute1rrwpeBhwgc3awBWc6B-0EtWmUd-0kilpbASFcRNjV7PzGxu9RL48L7Pf9NYth9GabeqTZq7eUFTcacLKhgg
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
462
Expires
Mon, 08 Mar 2021 00:56:15 GMT
trk
ag.innovid.com/ Frame FF03
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESECj3oKLzKW952CyFg00Ja1g&google_cver=1&google_push=AQvitULF0hqeWf3EEkG68BiwfiWMSR9TC70Ky_PdXlOevB7t16bcNM8xplYZUJKrsiJVgg565SiVw3XjhIDr7SaGtHaQIY8DCytj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame FF03
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO85-_Dj55OxXFzkrfCIcCo&google_cver=1&google_push=AQvitUJ1pZUFPT-wAJIwm4S_...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ1pZUFPT-wAJIwm4S_fCcyLdkJ7qcNKz7DonXuDUhBC8VYwWjf3FHDNv48LGWm4PkY8fF3MJ_MPc_qpMIdkMjzkFhcDlDY90s&google_hm=
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ1pZUFPT-wAJIwm4S_fCcyLdkJ7qcNKz7DonXuDUhBC8VYwWjf3FHDNv48LGWm4PkY8fF3MJ_MPc_qpMIdkMjzkFhcDlDY90s&google_hm=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:15 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ1pZUFPT-wAJIwm4S_fCcyLdkJ7qcNKz7DonXuDUhBC8VYwWjf3FHDNv48LGWm4PkY8fF3MJ_MPc_qpMIdkMjzkFhcDlDY90s&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Sun, 07 Mar 2021 00:56:15 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FF03
0
59 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzbiW901kKAaDCV2CohAer5EwhXhOSn8_hDp8Lmd6XSvCPxu32mZg-G2QbN_5pQWE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:15 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9503457ef06820b9fc1072b7c817da25f78cc8d24439909d0b44b5319ecae29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 00:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6526
x-xss-protection
0
eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
pagead2.googlesyndication.com/bg/ Frame 95C8
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6432275440541275&output=html&h=280&adk=1037222511&adf=854766408&pi=t.aa~a.2670244497~i.34~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610294746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7241951833&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fi-tunes.org.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1615164975056&bpp=2&bdt=339&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D444d6d77c6dd42b3-2291056001a70037%3AT%3D1615164974%3ART%3D1615164974%3AS%3DALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA&prev_fmts=1200x200%2C0x0&nras=2&correlator=6105023324068&frm=20&pv=1&ga_vid=1091981242.1615164975&ga_sid=1615164975&ga_hid=434382566&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C31060352&oid=3&pvsid=3921350999241448&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TIOZbyMAou&p=https%3A//i-tunes.org.ua&dtd=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 07:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
235091
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5632
x-xss-protection
0
expires
Sat, 05 Mar 2022 07:38:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6432275440541275&plah=i-tunes.org.ua&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Mon, 08 Mar 2021 00:56:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 47DF
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://i-tunes.org.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://i-tunes.org.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 07 Mar 2021 17:46:21 GMT
expires
Mon, 07 Mar 2022 17:46:21 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25794
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
pagead2.googlesyndication.com/bg/ Frame 47DF
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 07:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
235091
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5632
x-xss-protection
0
expires
Sat, 05 Mar 2022 07:38:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
111 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=3921350999241448&bg=!mpmlmdrNAAWsVXnBrDsAKQB2-DxaW66SW0MmTb8vFCi_Qvf4Ki3otBw0YEyB_fLwwFMpzlCPiinZAgAAAElSAAAAC2gBBwoAxQxWIGeyQ1XurLiyOeL0MKuaI-e3YySrZqFAr-8HUxmUid07-42iq6I9xTEwsufn-xdmo2r1sKIDa29qIwWvXsq_jvMnXH57OMEXC8IMQ4_gIHhLeJlC9TghY5hUzDcFQaIZ51P7grQTKTpKeJncpSJOS0tK63HxQe3-9-rRpCbczFYaRbdHNtBkJA-_miMcCa2Pd63UXEe3ed5Ybf5373f82--kfbFA3Z9RKO04Crne5FKrZYJKfdF_4nKscFjXbGPbkrnomQIXaoOzfuu1k4HWYu0zHOZidtrupVGnb5zuZnb_b_HvTPvsm9vxv1ReMJB0Jlci1NpXH0xirclXFyPYfLG-Vn0G9LnVPIzhN0-ju7dDMMmDGqK3b5WNAct-GUvdkofoBqF3bR0bR4S1ZHHUuvISByp85qRrWMpx_CvihN-ulvtirjzXSRHoLTEIqyWtmLUSSjIWQFuk02BsyYQCoRtUTDgNhkOCiubKdsrsoh2DTBWFolYHj0Ulf16hdhqmVhATI8z8OGeq5--1omCuGDYZ6djVgP5abBNGi3m_tHI4aAimCkTUi6yao76-tSgJTLp345QaPzTnH1A5hNZEhcraTVH1wzPGZqnhZYXGJCAUqdfkVYkqClseM5-E02GsYaLcHhBh4mTm7j2n73gYnLAIY5EOC1lS18wEWuxN1XeBWGUQH6uglgSZUzze2d1Wykd5YKJLu-MPSNtO1fpoLQ7mkLO0hB9cMxTTs2iXUTJpuUkn3DAq9iqVfsr6W7vXuWvP4jedh_Bl1Q2DHPir32fxM-TPA2bajBNYVcep_WF_ejtXrddI8J9hPIOmCrUpfaI21inyDoxk2v9_ZIoAT0J-C1mG0vor8MlPSzcR98CMWBF2Iso1DkhqkuJKgt0Sc_VQIAh-VDCNwlEj1itDhL8d0s3zLvLX3QKjjjRbpH2HOTOVOkKz8i1yNz8--jf57smhgwQWxT1uonyWhA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://i-tunes.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F34B
42 B
155 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunpL-bXB4FXWK3VHwBlaJ9xkWXT6nNACb4U-XInUrQ0CTin1OB46YfPTHsy5ktAQMnOM5YcgCV02bNr6vKymtnQ1fWv117pfpUeWWwOXsbbSRE64iMxdebClswvg&sai=AMfl-YSzo8AqeIm-BhcuYhTOEndHLuHRbqjJw413I9cABPMYA7_UTH7AuOyPQnF4tZTQ9iiX1wn2z86X7f_g&sig=Cg0ArKJSzBKaO5uDM5UJEAE&id=osdim&mcvt=1000&p=413,412,613,1188&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3727500122&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615164974941&dlt=310&rpt=66&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:56:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmaXNWEaT_W6EPB_NMuZTCfzb5ZBRLpj0m4dG_zQQE8GghRyXHO_hnwJXSvIio
.i-tunes.org.ua/ Name: __gads
Value: ID=444d6d77c6dd42b3-2291056001a70037:T=1615164974:RT=1615164974:S=ALNI_MYpiW1yVW9RaLJCjabeoHiM-tNtEA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i-tunes.org.ua
id.rlcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.194
142.250.186.66
185.179.191.72
2.18.234.21
217.182.200.29
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
35.227.252.103
35.244.174.68
63.33.127.66
88.212.201.210
01138ea5711e355869f3f56b2c20e679c71c98ac3cfa4d783ee32eb458883c80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193713060776d2e8b5d604de46b2ec928b36e80ee00c64da85aed5e109cc7924
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
20cd2929e70c9ed6e7f2ebeb7d40df99cc4e7655cfd8d35eb78a9083675b47bb
24e48242ec81765984b5a3cda69fa409d742b3f0bfc6908a9e1b6f114c756f1c
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
3dcb5d8d7fd0bf77fc321466009359e7157a4d0903c71859a24c6126aa2b25fa
414a8ea32f608c02f4c69dd53e606912e5bb15ef46f234c987ee9f09dba3b95b
44ea2fb8d5c936b2c950c2a5a8dde33f3affed6c2efd51db623fa76380f7262e
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1d2687d363c2093f51e70c6a7a1cfd0291ad4fe8624d8623f3e4512d9caeea
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
56fdba66525224bce8f4c22daa195590c968807aee225d7ef182c843bf411ca8
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
70f75b3cb0d8d095c6eaf23d8c70b39009e543723a968feb31e2cfb11c834447
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
85ab8fc2d4de37709f4c28296fa8c6b54427a05594711c0b1900134e4605da59
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
887686f014c7ff1583f93ea3db623a0ee0d32797c28ab6b83639e4ca88e65eff
8f4ac4e8a095cae1d5faaa2115ec4ec93109a45086eaceeef2844607a9cd7b6b
8fe36d3a7335a995df4d56d04498994292be89191ac381242ae17751a52a529d
92e0dfd86a1b7b0c06a17278921a0e6ace0db592876d113dbd8c6f8607c7abb4
95097d2d1484d8e6fe87a87decb33528c7323b5f93b1268f8a920194c0729beb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7c1a62965c048b5ee07fd408223360a5ce6f4bb91a25dce97a783c2892b38a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a98f46b0161b1e560927908696ebd4d8ce47b33d709a53112ee9b7a01206738f
acc4f74ea110c75ab5891b963f3845b1fdafe4862fdafa065d65bf0890faa0e2
b0c9d2cd337c0fd95122df7f93d221627fcc27aa42c36fae22ee2fb2b4ef6118
b1e5dfee8b0e2d5c4eacf1e004b88f5d22dd46010e50b95ed53a413c416398af
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c8d3d682ceb086c5c1cd290da21af4eaa0f81b89025722f321b176ca920df2ef
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e9503457ef06820b9fc1072b7c817da25f78cc8d24439909d0b44b5319ecae29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4aeadb4d3f0e8f440cc8cd40a0780d4504b28e910f54b98d6c603071562e458
f4f603569428774685f88f4992f5c5d7215c23f10cce01a8577177e6f9e04f55