URL: http://www.financialiceberg.com/
Submission: On September 10 via api from US — Scanned from DE

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 64 HTTP transactions. The main IP is 3.13.192.206, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.financialiceberg.com.
This is the only time www.financialiceberg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 3.13.192.206 16509 (AMAZON-02)
7 13.33.242.101 16509 (AMAZON-02)
6 93.184.220.66 15133 (EDGECAST)
11 185.44.104.99 34549 (MEER-AS m...)
3 72.246.168.118 16625 (AKAMAI-AS)
7 172.217.21.162 15169 (GOOGLE)
1 3.13.53.187 16509 (AMAZON-02)
1 13.248.135.239 16509 (AMAZON-02)
1 76.223.35.186 16509 (AMAZON-02)
7 142.250.74.130 15169 (GOOGLE)
1 142.250.74.98 15169 (GOOGLE)
2 216.58.207.194 15169 (GOOGLE)
5 172.217.21.161 15169 (GOOGLE)
1 1 142.250.74.132 15169 (GOOGLE)
2 198.145.13.11 2044 (DF-PTL01)
1 2 104.244.42.72 13414 (TWITTER)
64 16
Domain Requested by
8 www.financialiceberg.com www.financialiceberg.com
7 static.secure.website www.financialiceberg.com
static.secure.website
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 jg.revolvermaps.com www.financialiceberg.com
6 platform.twitter.com www.financialiceberg.com
platform.twitter.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
5 rg.revolvermaps.com jg.revolvermaps.com
www.financialiceberg.com
rg.revolvermaps.com
4 pagead2.googlesyndication.com www.financialiceberg.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
3 www.paypalobjects.com www.financialiceberg.com
2 syndication.twitter.com 1 redirects platform.twitter.com
2 stats.webstarts.com www.financialiceberg.com
stats.webstarts.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 www.google.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.webstarts.com embed.apps.webstarts.com
1 www.webstarts.com static.secure.website
1 embed.apps.webstarts.com www.financialiceberg.com
64 19
Subject Issuer Validity Valid
static.secure.website
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-07-08 -
2022-01-11
6 months crt.sh
www.webstarts.com
Amazon
2021-09-07 -
2022-10-06
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.google.de
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh
*.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
win.staticstuff.net
Sectigo RSA Domain Validation Secure Server CA
2021-02-09 -
2022-03-12
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh

This page contains 12 frames:

Primary Page: http://www.financialiceberg.com/
Frame ID: DCE5FE09C9B05818FEEC1CA8F7D6F474
Requests: 40 HTTP requests in this frame

Frame: http://rg.revolvermaps.com/5/f.php?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
Frame ID: 604610C0563A4B44DDC751AEA47FF595
Requests: 5 HTTP requests in this frame

Frame: http://rg.revolvermaps.com/w/1/a/a.php?i=6oqbg1aazvr&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Frame ID: 339D3759EE7215EDAA2099AED4DBB3BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 61C5DBD6A59CF716C3155237F590DBDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Frame ID: 51D9DE5229E97C1CBEE1224DCC2EEEB5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A23B0B17FCEF3D2D4A7B74A00DD1355B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HnbG7550cEFPwEcIWrjaIv4px_gX-25lqkC2fOkJQZY.js
Frame ID: 1E721F516B21CC00BBB91D282D758F80
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fwww.financialiceberg.com
Frame ID: DF18D9A15FD47D1151940C49F4193628
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&adk=1812271804&adf=3025194257&lmt=1631234265&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.financialiceberg.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631234265181&bpp=1&bdt=8617&idt=1&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De01ad89b4af68b9c-22c81b1304c900fd%3AT%3D1631234257%3ART%3D1631234257%3AS%3DALNI_MZfswPsVAAY5dEqzRrdDhDmeQi-zw&prev_fmts=300x600&nras=1&correlator=8784823362769&frm=20&pv=1&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&psts=AGkb-H-yGJf1lSzCSA1XGbmKw1b6TZetLvwE-HaR1tRKQM1kR2OAr_JFZl-Cc08OJsVC-UnXrXvRw9F1COaD1g&pvsid=4341907040605007&pem=972&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Frame ID: 6689906B9B1CB529A4036B625935F547
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: 81FC883D1EA0433F7B182E4E9AF8221B
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: BEB2FD14C12A028236E6198B973F099B
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 90C7479EF53BCC1800DB898BA0D76E4D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Financial Iceberg

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.revolvermaps\.com

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

64
Requests

61 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

16
IPs

3
Countries

1210 kB
Transfer

2268 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 66
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.financialiceberg.com/
124 KB
22 KB
Document
General
Full URL
http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4287328e94d35e58b6c03252fa44711a23f86fd328178290abe6acaf8e15bf9e

Request headers

Host
www.financialiceberg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:37:36 GMT
server
Apache
set-cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-length
21873
content-type
text/html; charset=UTF-8
h_vista.css
static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/css/h_vista.css
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-101.hel50.r.cloudfront.net
Software
Apache /
Resource Hash
04ca55868899d1e57f792dd694755d06833bc11a8e39c481f7cc68f60c74a0c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 22:50:07 GMT
content-encoding
gzip
age
2080049
x-cache
Hit from cloudfront
content-length
724
pragma
cache
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 11:49:10 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
via
1.1 b56f9b741cabfa29551ca2899d93a1e9.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
2gqE92InNe8ywiy41Hb_s80lxARWblGNgHhNCXfmMO6F8qzEaLAK3A==
expires
Wed, 15 Sep 2021 22:50:07 GMT
dropdown.js
static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/js/
94 KB
34 KB
Script
General
Full URL
https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/js/dropdown.js
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-101.hel50.r.cloudfront.net
Software
Apache /
Resource Hash
b5ba3a00b8660e0915dd6c8b0c1930b42e05d0c48c1242aa9715958f4488f542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:27:54 GMT
content-encoding
gzip
age
2084982
x-cache
Hit from cloudfront
content-length
33843
pragma
cache
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 11:49:10 GMT
server
Apache
vary
Accept-Encoding
content-type
text/plain; charset=us-ascii
via
1.1 b56f9b741cabfa29551ca2899d93a1e9.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
t6iqZC7TkoYuzXQWhWSqLtFOLTNFaPBQq_OSM0bRyYO1dVAIPFUqgQ==
expires
Wed, 15 Sep 2021 21:27:54 GMT
rollOverEffect.css
www.financialiceberg.com/css/
367 B
480 B
Stylesheet
General
Full URL
http://www.financialiceberg.com/css/rollOverEffect.css?t=1533465604
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7c02a683634501a68bdfba3ea1b335cda4cb009ea90f29d5fcc893efa11596d6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.financialiceberg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.financialiceberg.com/
Cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
content-length
190
expires
Thu, 19 Nov 1981 08:52:00 GMT
ws-common.js
static.secure.website/library/users/
4 KB
2 KB
Script
General
Full URL
https://static.secure.website/library/users/ws-common.js
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-101.hel50.r.cloudfront.net
Software
Apache /
Resource Hash
2d2630e648d139b7eca62292684b171a53883f49bab3f8676439da2c381afe5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 12:55:37 GMT
content-encoding
gzip
age
1078919
x-cache
Hit from cloudfront
content-length
1576
pragma
cache
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 11:50:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/plain; charset=us-ascii
via
1.1 b56f9b741cabfa29551ca2899d93a1e9.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
1fOQrSKQYsiNHzPwksVEn2uxB3Yx2mOI4zJMl7vfl8Mqaz9luuycPw==
expires
Mon, 27 Sep 2021 12:55:37 GMT
iceberg340.jpg
www.financialiceberg.com/uploads/
24 KB
23 KB
Image
General
Full URL
http://www.financialiceberg.com/uploads/iceberg340.jpg
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7fab01a489b2fe3152873c9fd5f7e35a09d8c0ef4767703bb5fa90da3e5e9ba1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.financialiceberg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.financialiceberg.com/
Cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
content-length
23660
expires
Thu, 19 Nov 1981 08:52:00 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/668C)
Age
1258
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
28ca28c64281411ca6b71a5a7e99502b.jpg
www.financialiceberg.com/uploads/
0
0

JUL13AT.jpg
www.financialiceberg.com/uploads/
104 KB
105 KB
Image
General
Full URL
http://www.financialiceberg.com/uploads/JUL13AT.jpg
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
928ece52d676b84059abf9e4e02427390d31b96f88011b7bbc48e4a219fa1682

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.financialiceberg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.financialiceberg.com/
Cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
transfer-encoding
chunked
expires
Thu, 19 Nov 1981 08:52:00 GMT
4.js
jg.revolvermaps.com/2/
2 KB
1 KB
Script
General
Full URL
http://jg.revolvermaps.com/2/4.js?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
8c9e245d0f4497b8770a777210b3462cb7870433856faa73a207d447bdc8c497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2013 13:05:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=290304000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=100
Content-Length
877
JUL14UC.jpg
www.financialiceberg.com/uploads/
83 KB
78 KB
Image
General
Full URL
http://www.financialiceberg.com/uploads/JUL14UC.jpg
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b41927a558698d5a22372db7a4dd864ef201308ad569287da93d9a0c026d59ae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.financialiceberg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.financialiceberg.com/
Cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
transfer-encoding
chunked
expires
Thu, 19 Nov 1981 08:52:00 GMT
JUL14RS.jpg
www.financialiceberg.com/uploads/
287 KB
275 KB
Image
General
Full URL
http://www.financialiceberg.com/uploads/JUL14RS.jpg
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
cace2f6b1c718efe47aeefa7243a70708ca164cd5331e033d23090f95631ed73

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.financialiceberg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.financialiceberg.com/
Cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
transfer-encoding
chunked
expires
Thu, 19 Nov 1981 08:52:00 GMT
1.js
jg.revolvermaps.com/2/
2 KB
2 KB
Script
General
Full URL
http://jg.revolvermaps.com/2/1.js?i=6oqbg1aazvr&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
8628816b47b5bda9d3a4f8f86139902934a808a96f0faaf104acc36973a53020

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Feb 2016 12:33:03 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=290304000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=100
Content-Length
1238
btn_subscribeCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
1 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_subscribeCC_LG.gif
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
06fb837ba0869e2d7848f438196e2af6fe615539feb100e421cdbc4442cc205a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:37 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
668
etag
"i6zNKTaJCWqB6fK8ESBpEI8nHVdGO1o4QfTFHhncDTo"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Mon, 06 Sep 2021 03:39:11 GMT
content-length
1528
server
Akamai Image Manager
expires
Fri, 10 Sep 2021 12:37:37 GMT
pixel.gif
www.paypalobjects.com/en_US/i/scr/
42 B
319 B
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:37 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
56
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-transform, max-age=43200
last-modified
Mon, 01 Mar 2021 03:24:09 GMT
content-length
42
server
Akamai Image Manager
expires
Fri, 10 Sep 2021 12:37:37 GMT
btn_unsubscribe_LG.gif
www.paypalobjects.com/en_US/i/btn/
1 KB
1 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_unsubscribe_LG.gif
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
27f1c091eccb178bd1558974a9f8622ce26d1136e9f0ae002f067e6ec42590ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:37 GMT
x-content-type-options
nosniff
last-modified
Sat, 04 Sep 2021 07:11:52 GMT
server
Akamai Image Manager
etag
"ehH6D1GuOXYYpW9kZkeSy9SvFk+suNpvENM1wIqAJl4"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
1036
expires
Fri, 10 Sep 2021 12:37:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
137 KB
49 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
87b6093fd64f04d053174c9da2ce15206665fa1c6a5f299559af1943db3a8e11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 10 Sep 2021 00:37:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4117266512730476412
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49427
X-XSS-Protection
0
Expires
Fri, 10 Sep 2021 00:37:37 GMT
odometer.js
static.secure.website/library/odometer/
21 KB
6 KB
Script
General
Full URL
http://static.secure.website/library/odometer/odometer.js
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
13.33.242.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-101.hel50.r.cloudfront.net
Software
Apache /
Resource Hash
f2d42bd39c82e14af877e5f03f576cc4344c0b0873f3050b04ed62886bcfccbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 20:57:59 GMT
Content-Encoding
gzip
Age
2086777
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5107
Pragma
cache
Access-Control-Allow-Origin
*
Last-Modified
Thu, 18 Mar 2021 11:49:15 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/plain; charset=us-ascii
Via
1.1 891326e51cae7827755c7a9147113a54.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
HEL50-C1
X-Amz-Cf-Id
bM15Igd0e12IKpvvvv0VcbPejBZ3Th1qI1Fa3jeGlNZWwQ3x5LZkBQ==
Expires
Wed, 15 Sep 2021 20:57:59 GMT
controller.js
embed.apps.webstarts.com/hitcounter/
2 KB
1 KB
Script
General
Full URL
http://embed.apps.webstarts.com/hitcounter/controller.js?ref=eiVGRSVDRHhiJUU3JUI4JUNF&v=digital&d=50&a=1
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.53.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-53-187.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
889fe411c2e51b85b80c0711b852e53408adf88c0ccc1a34d479c597717f4640

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:37:37 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1002
Expires
Thu, 19 Nov 1981 08:52:00 GMT
stats-tracking.js
www.financialiceberg.com/Scripts/
216 B
446 B
Script
General
Full URL
http://www.financialiceberg.com/Scripts/stats-tracking.js
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f4bc914405734cf3677161e64bf6aed4e05b2f89aca3ef71728d7e5c86ac3022

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.financialiceberg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://www.financialiceberg.com/
Cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
content-length
156
expires
Thu, 19 Nov 1981 08:52:00 GMT
ws-common.css
static.secure.website/library/users/
817 B
802 B
Stylesheet
General
Full URL
https://static.secure.website/library/users/ws-common.css
Requested by
Host: static.secure.website
URL: https://static.secure.website/library/users/ws-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-101.hel50.r.cloudfront.net
Software
Apache /
Resource Hash
8051810d7b77e098aeecdf1534aad922e13f5f4a1865e79dc88a1a7c05bb6f94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 23:13:42 GMT
content-encoding
gzip
age
1301034
x-cache
Hit from cloudfront
content-length
392
pragma
cache
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 11:50:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
via
1.1 b56f9b741cabfa29551ca2899d93a1e9.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
kJg7rwJ-ixRZwB2ua-FLAyrqiK6sI-NmPJfU98bKDohfRF9DJXs2ug==
expires
Fri, 24 Sep 2021 23:13:42 GMT
add.js
www.webstarts.com/library/users/
0
0
Script
General
Full URL
https://www.webstarts.com/library/users/add.js?from=www.financialiceberg.com
Requested by
Host: static.secure.website
URL: https://static.secure.website/library/users/ws-common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.135.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa060c25d492a72b0.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

bg_blue_swoosh.jpg
www.financialiceberg.com/uploads/
83 KB
60 KB
Image
General
Full URL
http://www.financialiceberg.com/uploads/bg_blue_swoosh.jpg
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-192-206.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
80a53ffd9072e877397b2ab7ffa8c6ad4e8e87a51107b6db6fe891402c18337d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.financialiceberg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.financialiceberg.com/
Cookie
PHPSESSID=97ea6ccksavboa8ake3qo3275g
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
transfer-encoding
chunked
expires
Thu, 19 Nov 1981 08:52:00 GMT
vista.png
static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/images/
368 B
755 B
Image
General
Full URL
https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/images/vista.png
Requested by
Host: static.secure.website
URL: https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/css/h_vista.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-101.hel50.r.cloudfront.net
Software
Apache /
Resource Hash
94b8e0a908487764f257c26ea2a7675bfb02d8e44fab476f1354a58fe9d9a76d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/css/h_vista.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
cache
date
Mon, 16 Aug 2021 21:44:17 GMT
via
1.1 b56f9b741cabfa29551ca2899d93a1e9.cloudfront.net (CloudFront)
last-modified
Thu, 18 Mar 2021 11:49:10 GMT
server
Apache
age
2083999
x-cache
Hit from cloudfront
content-type
application/octet-stream; charset=binary
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C1
content-length
368
x-amz-cf-id
Wu3DVWDuSK8LhD0TXla2LL7nOnWyhHFI1Ked9CDbx5G0yv4rJ-wlsA==
expires
Wed, 15 Sep 2021 21:44:17 GMT
arrv_white.gif
static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/images/
826 B
1 KB
Image
General
Full URL
https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/images/arrv_white.gif
Requested by
Host: static.secure.website
URL: https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/css/h_vista.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-101.hel50.r.cloudfront.net
Software
Apache /
Resource Hash
2442be1043a1e24bd0c0231451d62b8bba6daa1d71c748baa4152834b91753dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.secure.website/library/menus/menu-v2.7/menu_dynamic_length/css/h_vista.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
cache
date
Mon, 16 Aug 2021 23:11:03 GMT
via
1.1 b56f9b741cabfa29551ca2899d93a1e9.cloudfront.net (CloudFront)
last-modified
Thu, 18 Mar 2021 11:49:10 GMT
server
Apache
age
2078793
x-cache
Hit from cloudfront
content-type
application/octet-stream; charset=binary
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C1
content-length
826
x-amz-cf-id
YEJJLrVu_XAgdOci2Xzc5NlYcwA6XQPZMJqsd1-zXr4fxKCJz8T48w==
expires
Wed, 15 Sep 2021 23:11:03 GMT
c.php
jg.revolvermaps.com/
43 B
289 B
Image
General
Full URL
http://jg.revolvermaps.com/c.php?i=6kjsh94nk0m
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Last-Modified
Fri, 10 Sep 2021 00:37:37 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=900
Connection
Keep-Alive
Keep-Alive
timeout=4, max=99
Content-Length
43
r.php
jg.revolvermaps.com/
43 B
215 B
Image
General
Full URL
http://jg.revolvermaps.com/r.php?i=6kjsh94nk0m&l=http%3A%2F%2Fwww.financialiceberg.com%2F&r=1631234257025
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=4, max=99
Content-Length
43
Content-Type
image/gif
c.php
jg.revolvermaps.com/
43 B
290 B
Image
General
Full URL
http://jg.revolvermaps.com/c.php?i=6oqbg1aazvr
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Last-Modified
Fri, 10 Sep 2021 00:37:37 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=900
Connection
Keep-Alive
Keep-Alive
timeout=4, max=100
Content-Length
43
r.php
jg.revolvermaps.com/
43 B
216 B
Image
General
Full URL
http://jg.revolvermaps.com/r.php?i=6oqbg1aazvr&l=http%3A%2F%2Fwww.financialiceberg.com%2F&r=1631234257025
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=4, max=100
Content-Length
43
Content-Type
image/gif
f.php
rg.revolvermaps.com/5/ Frame 6046
5 KB
3 KB
Document
General
Full URL
http://rg.revolvermaps.com/5/f.php?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
Requested by
Host: jg.revolvermaps.com
URL: http://jg.revolvermaps.com/2/4.js?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
cae5b400a223e224ec2638aeba65d3e56ee0f2f6902dfa32df591fb285b0f798

Request headers

Host
rg.revolvermaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.financialiceberg.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=290304000
Content-Length
2859
Keep-Alive
timeout=4, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
a.php
rg.revolvermaps.com/w/1/a/ Frame 339D
21 KB
8 KB
Document
General
Full URL
http://rg.revolvermaps.com/w/1/a/a.php?i=6oqbg1aazvr&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Requested by
Host: jg.revolvermaps.com
URL: http://jg.revolvermaps.com/2/1.js?i=6oqbg1aazvr&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
ec7513ff4bd8f68c3eb33b9ff3e0aa24a362e48bddaacf62e779221048ef7ea3

Request headers

Host
rg.revolvermaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.financialiceberg.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Server
Apache
Cache-Control
public, max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
7899
Keep-Alive
timeout=4, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 6046
786 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c23c07af6fbacbe4d12ab645f6b1a4c29f043ee69726f7c214096efce1acd2d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rg.revolvermaps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
0.jpg
rg.revolvermaps.com/d/m/512/ Frame 6046
31 KB
31 KB
Image
General
Full URL
http://rg.revolvermaps.com/d/m/512/0.jpg
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
37d1d399faf598e5bcde1770bab03d0b3c258231d34f5d5da3757e64b50b76dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rg.revolvermaps.com/5/f.php?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Last-Modified
Sun, 20 Feb 2011 15:36:38 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=99
Content-Length
31855
t.php
rg.revolvermaps.com/ Frame 6046
36 B
223 B
XHR
General
Full URL
http://rg.revolvermaps.com/t.php?i=6kjsh94nk0m&r=tf0m
Requested by
Host: rg.revolvermaps.com
URL: http://rg.revolvermaps.com/5/f.php?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
4b1112106ca1cc25a6b6bf16eb9c5b75b7527e2558744e7e7d9409657af92dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rg.revolvermaps.com/5/f.php?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=4, max=98
Content-Length
36
Content-Type
text/plain;charset=UTF-8
c.php
rg.revolvermaps.com/ Frame 6046
13 KB
6 KB
XHR
General
Full URL
http://rg.revolvermaps.com/c.php?i=6kjsh94nk0m&h=256&t=0
Requested by
Host: rg.revolvermaps.com
URL: http://rg.revolvermaps.com/5/f.php?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
Protocol
HTTP/1.1
Server
185.44.104.99 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
rsak.revolvermaps.com
Software
Apache /
Resource Hash
2d48b8584b24dd022e2b2a125bb581f8b6fc635e90bf536d66458c05567300c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rg.revolvermaps.com/5/f.php?i=6kjsh94nk0m&m=0&h=256&c=ff0000&r=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
Date
Fri, 10 Sep 2021 00:37:37 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/plain;charset=UTF-8
Cache-Control
max-age=43200
Connection
close
Content-Length
5393
odometer-theme-digital.css
static.webstarts.com/library/odometer/themes/
0
0
Stylesheet
General
Full URL
https://static.webstarts.com/library/odometer/themes/odometer-theme-digital.css
Requested by
Host: embed.apps.webstarts.com
URL: http://embed.apps.webstarts.com/hitcounter/controller.js?ref=eiVGRSVDRHhiJUU3JUI4JUNF&v=digital&d=50&a=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.35.186 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a23e8ffd6a08828ba.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/
251 KB
94 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95416
x-xss-protection
0
server
cafe
etag
8941794579414213630
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 00:37:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 61C5
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.financialiceberg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 09 Sep 2021 21:02:50 GMT
expires
Thu, 23 Sep 2021 21:02:50 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
12887
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
210 B
273 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.financialiceberg.com&callback=_gfp_s_&client=ca-pub-7292760068258292
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
53724a09f5801f9269033932c66155a367847190e31b25ec667c59ebc8e38a49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.financialiceberg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.financialiceberg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 51D9
67 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8ad33629448d2b8fc10783f47208ad53d81508b59b57b32c3a34b595dd6af01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.financialiceberg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 00:37:38 GMT
server
cafe
content-length
25236
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 00:52:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Sep 2021 00:37:38 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f2.1e100.net
Software
sffe /
Resource Hash
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631100470313954"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27651
x-xss-protection
0
expires
Fri, 10 Sep 2021 00:37:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 51D9
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CaW4Z0ag6YbC3IdW3YNCGirAHwaSRoGSGsoT6tA60w8D8mA4QASClyLwgYJXikIKgB6ABnK_7qALIAQKoAwHIA8kEqgTCAU_Q4qFG_zQ4uh0-MXFONG48nQldf5B29JNdXGxXs0MxwJ7m42InEzLeM3yCToUz27Ll5RyP6-hBB3ttPVykiTFFdl3JTQfEG_-fwFzpmmdZIdSlZRWq_vsSyYlCeOA5yV9Ks8FciU43MslrRyMaT_YYttBWm0jBFCzXvxINi1KrgmE0bhN6n-6rC5OrlRLuyPaDQCqVKCbSrqMebDF_OqZlX5UX5B9TwsdWQtIzwlzanh1nhfr4_ljK-hCWUmp3skI0wASs_tKi1AOSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcFEMXF-QHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzI5Mjc2MDA2ODI1ODI5MhgA&sigh=5OYTJTspzF0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 10 Sep 2021 00:37:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 10 Sep 2021 00:37:38 GMT
1768402385991500317
tpc.googlesyndication.com/simgad/ Frame 51D9
98 KB
98 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1768402385991500317?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm1NqIARjZUrI6uoUYpGhKRH-aA4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
sffe /
Resource Hash
550d633b38965bb90243de73cc6b97ed71315d9db534eac362d5671e1e3f5f96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 00:04:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Sep 2021 17:03:07 GMT
server
sffe
age
520370
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99882
x-xss-protection
0
expires
Sun, 04 Sep 2022 00:04:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 51D9
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 23:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Sep 2021 23:17:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 51D9
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 23:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Sep 2021 23:52:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51D9
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f2.1e100.net
Software
sffe /
Resource Hash
bfb4697e0d8e6829aa7b7c681e69d190a4995f787ba54bcd37e5dfa790fdde6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:38 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631100444800232"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Fri, 10 Sep 2021 00:37:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 51D9
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:35:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 00:35:10 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 51D9
26 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10845
x-xss-protection
0
server
cafe
etag
14737611871312058204
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Sep 2021 16:04:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A23B
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkcmIh4TWIPtfUsOmmcLr2d3MoDAf4axQiwyKR0UDJjT9k6ShQJyyPUMMBaf4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 10 Sep 2021 00:00:37 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 51D9
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2be4aa5537478215fe9b96d4dc89c327f8a857f26fbf4641bc8512a2140aabe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame A23B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkcmIh4TWIPtfUsOmmcLr2d3MoDAf4axQiwyKR0UDJjT9k6ShQJyyPUMMBaf4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 10 Sep 2021 00:37:38 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 10-Sep-2021 01:37:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Sep 2021 00:37:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 10 Sep 2021 00:37:38 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HnbG7550cEFPwEcIWrjaIv4px_gX-25lqkC2fOkJQZY.js
pagead2.googlesyndication.com/bg/ Frame 1E72
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HnbG7550cEFPwEcIWrjaIv4px_gX-25lqkC2fOkJQZY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&h=600&slotname=7998956768&adk=4031913057&adf=3635967207&pi=t.ma~as.7998956768&w=300&lmt=1631234257&psa=0&format=300x600&url=http%3A%2F%2Fwww.financialiceberg.com%2F&flash=0&wgl=1&dt=1631234257199&bpp=5&bdt=635&idt=293&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=8784823362769&frm=20&pv=2&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=915&ady=469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&pvsid=4341907040605007&pem=972&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rnezTdMCFJ&p=http%3A//www.financialiceberg.com&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
sffe /
Resource Hash
1e76c6ef9e7470414fc047085ab8da22fe29c7f817fb6e65aa40b67ce9094196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 19:21:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
191747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13217
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 19:21:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 51D9
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh5TimVAoaN-kSYVdDbgF-zOBdVTnw-6V2XJWoDjG2j88WiY1D6MZGgoeEH1gMUBN3HEnPBuEdAA9DsERvJvsRsgbQW34mxeNdbn6xKmY5Pp51dEloKQ&sai=AMfl-YTLPHzgNY0hGxcz2gmtxY7kI5KpH-0LR0yetOCLntet1R6abxRYZgNBi5OVxvkk6lsWypQspE1sE10z&sig=Cg0ArKJSzE9_O9-8YOm9EAE&id=lidar2&mcvt=1001&p=469,915,1069,1215&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210908&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4031913057&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1631234257507&rpt=990&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
100664759.js
stats.webstarts.com/
15 KB
5 KB
Script
General
Full URL
https://stats.webstarts.com/100664759.js
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/Scripts/stats-tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.11 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
651bce2c8370fe8050e879e8812d6695441576800f5a626109631db29b5539a0

Request headers

Referer
http://www.financialiceberg.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 10 Sep 2021 00:37:45 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 17 Sep 2021 00:37:45 GMT
cache-control
max-age=604800
x-proxy-cache
MISS
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame DF18
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fwww.financialiceberg.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.financialiceberg.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7278
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 00:37:45 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.financialiceberg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 00:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.financialiceberg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 00:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6689
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7292760068258292&output=html&adk=1812271804&adf=3025194257&lmt=1631234265&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.financialiceberg.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631234265181&bpp=1&bdt=8617&idt=1&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De01ad89b4af68b9c-22c81b1304c900fd%3AT%3D1631234257%3ART%3D1631234257%3AS%3DALNI_MZfswPsVAAY5dEqzRrdDhDmeQi-zw&prev_fmts=300x600&nras=1&correlator=8784823362769&frm=20&pv=1&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&psts=AGkb-H-yGJf1lSzCSA1XGbmKw1b6TZetLvwE-HaR1tRKQM1kR2OAr_JFZl-Cc08OJsVC-UnXrXvRw9F1COaD1g&pvsid=4341907040605007&pem=972&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7292760068258292&plah=www.financialiceberg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7292760068258292&output=html&adk=1812271804&adf=3025194257&lmt=1631234265&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.financialiceberg.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631234265181&bpp=1&bdt=8617&idt=1&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De01ad89b4af68b9c-22c81b1304c900fd%3AT%3D1631234257%3ART%3D1631234257%3AS%3DALNI_MZfswPsVAAY5dEqzRrdDhDmeQi-zw&prev_fmts=300x600&nras=1&correlator=8784823362769&frm=20&pv=1&ga_vid=1889560358.1631234258&ga_sid=1631234258&ga_hid=108864670&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748553%2C31062297&oid=3&psts=AGkb-H-yGJf1lSzCSA1XGbmKw1b6TZetLvwE-HaR1tRKQM1kR2OAr_JFZl-Cc08OJsVC-UnXrXvRw9F1COaD1g&pvsid=4341907040605007&pem=972&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.financialiceberg.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkcmIh4TWIPtfUsOmmcLr2d3MoDAf4axQiwyKR0UDJjT9k6ShQJyyPUMMBaf4; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 10 Sep 2021 00:37:45 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
settings
syndication.twitter.com/ Frame DF18
287 B
453 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=f8f5c7c25e7bf0b9c1e2df25edb48dcc6fd31f9a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fwww.financialiceberg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
78078258a77fab030b24a53932c0c8d21a0f5ce6e8cee911a0d6d90b2898d233
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:37:44 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 00:37:45 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
6499e0e8b22708e7acdf754025e65e497765f05b82935b545cd83bc4e767a084
content-length
187
in.php
stats.webstarts.com/
139 B
687 B
Script
General
Full URL
http://stats.webstarts.com/in.php?site_id=100664759&type=pageview&href=%2F&title=Financial%20Iceberg&res=1600x1200&lang=en&jsuid=3844592934&mime=js&x=0.6073621304493546
Requested by
Host: stats.webstarts.com
URL: https://stats.webstarts.com/100664759.js
Protocol
HTTP/1.1
Server
198.145.13.11 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
7479e33bb9deb75b71af1b5cf120c455b33d770cca8b2b38e3345b5b0964c73c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:45 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
Expires
Mon, 26 Jul 1997 05:00:00 GMT
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:37:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/669F)
Age
7277
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame 81FC
36 KB
14 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.financialiceberg.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7273
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 00:37:45 GMT
Etag
"a237d70af6aab8c30f8fef9c8de02f69+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:41 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669F)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13651
tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame BEB2
32 KB
12 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.financialiceberg.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.financialiceberg.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7278
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 00:37:45 GMT
Etag
"909c8b457796b3e08dbae7ea22074354+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:46 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669F)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12257
truncated
/ Frame 81FC
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BEB2
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
jot.html
platform.twitter.com/ Frame 90C7
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
569 B
Document
General
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: www.financialiceberg.com
URL: http://www.financialiceberg.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
http://www.financialiceberg.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7276
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 00:37:45 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Mon, 02 Aug 2021 20:34:56 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669F)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Fri, 10 Sep 2021 00:37:45 GMT
pragma
no-cache
server
tsa_o
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Fri, 10 Sep 2021 00:37:45 GMT
x-transaction
bdd09da69638c53f
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-connection-hash
6499e0e8b22708e7acdf754025e65e497765f05b82935b545cd83bc4e767a084

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.financialiceberg.com
URL
http://www.financialiceberg.com/uploads/28ca28c64281411ca6b71a5a7e99502b.jpg

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect boolean| originAgentCluster boolean| accessDropdownScript undefined| $ function| jQuery function| $j string| addScript function| includeFile function| afterLoad function| mixedReturn function| getExt function| getFileFromPath function| getCurrentPath function| domReady function| queryString object| userBrowser object| __twttrll object| twttr object| __twttr object| adsbygoogle function| Odometer object| _rm5tat30bj_ function| ping_rm_ki101 object| odometerOptions object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| clicky_obj object| clicky object| clicky_custom undefined| test object| clicky_site_ids object| _genericStats object| _genericStatsCustom object| li_widths_c

6 Cookies

Domain/Path Name / Value
www.financialiceberg.com/ Name: PHPSESSID
Value: 97ea6ccksavboa8ake3qo3275g
.financialiceberg.com/ Name: __gads
Value: ID=e01ad89b4af68b9c-22c81b1304c900fd:T=1631234257:RT=1631234257:S=ALNI_MZfswPsVAAY5dEqzRrdDhDmeQi-zw
.doubleclick.net/ Name: IDE
Value: AHWqTUnkcmIh4TWIPtfUsOmmcLr2d3MoDAf4axQiwyKR0UDJjT9k6ShQJyyPUMMBaf4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.financialiceberg.com/ Name: _first_pageview
Value: 1
.financialiceberg.com/ Name: _jsuid
Value: 3844592934

4 Console Messages

Source Level URL
Text
network error URL: https://www.webstarts.com/library/users/add.js?from=www.financialiceberg.com
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://static.webstarts.com/library/odometer/themes/odometer-theme-digital.css
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: http://www.financialiceberg.com/Scripts/stats-tracking.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://stats.webstarts.com/100664759.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.financialiceberg.com/Scripts/stats-tracking.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://stats.webstarts.com/100664759.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
embed.apps.webstarts.com
googleads.g.doubleclick.net
jg.revolvermaps.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
rg.revolvermaps.com
static.secure.website
static.webstarts.com
stats.webstarts.com
syndication.twitter.com
tpc.googlesyndication.com
www.financialiceberg.com
www.google.com
www.googletagservices.com
www.paypalobjects.com
www.webstarts.com
www.financialiceberg.com
104.244.42.72
13.248.135.239
13.33.242.101
142.250.74.130
142.250.74.132
142.250.74.98
172.217.21.161
172.217.21.162
185.44.104.99
198.145.13.11
216.58.207.194
3.13.192.206
3.13.53.187
72.246.168.118
76.223.35.186
93.184.220.66
04ca55868899d1e57f792dd694755d06833bc11a8e39c481f7cc68f60c74a0c0
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639
06fb837ba0869e2d7848f438196e2af6fe615539feb100e421cdbc4442cc205a
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e76c6ef9e7470414fc047085ab8da22fe29c7f817fb6e65aa40b67ce9094196
2442be1043a1e24bd0c0231451d62b8bba6daa1d71c748baa4152834b91753dc
27f1c091eccb178bd1558974a9f8622ce26d1136e9f0ae002f067e6ec42590ed
2d2630e648d139b7eca62292684b171a53883f49bab3f8676439da2c381afe5f
2d48b8584b24dd022e2b2a125bb581f8b6fc635e90bf536d66458c05567300c1
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
37d1d399faf598e5bcde1770bab03d0b3c258231d34f5d5da3757e64b50b76dc
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
4287328e94d35e58b6c03252fa44711a23f86fd328178290abe6acaf8e15bf9e
4b1112106ca1cc25a6b6bf16eb9c5b75b7527e2558744e7e7d9409657af92dfb
53724a09f5801f9269033932c66155a367847190e31b25ec667c59ebc8e38a49
550d633b38965bb90243de73cc6b97ed71315d9db534eac362d5671e1e3f5f96
651bce2c8370fe8050e879e8812d6695441576800f5a626109631db29b5539a0
7479e33bb9deb75b71af1b5cf120c455b33d770cca8b2b38e3345b5b0964c73c
78078258a77fab030b24a53932c0c8d21a0f5ce6e8cee911a0d6d90b2898d233
7c02a683634501a68bdfba3ea1b335cda4cb009ea90f29d5fcc893efa11596d6
7fab01a489b2fe3152873c9fd5f7e35a09d8c0ef4767703bb5fa90da3e5e9ba1
8051810d7b77e098aeecdf1534aad922e13f5f4a1865e79dc88a1a7c05bb6f94
80a53ffd9072e877397b2ab7ffa8c6ad4e8e87a51107b6db6fe891402c18337d
8628816b47b5bda9d3a4f8f86139902934a808a96f0faaf104acc36973a53020
87b6093fd64f04d053174c9da2ce15206665fa1c6a5f299559af1943db3a8e11
889fe411c2e51b85b80c0711b852e53408adf88c0ccc1a34d479c597717f4640
8ad33629448d2b8fc10783f47208ad53d81508b59b57b32c3a34b595dd6af01d
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b
8c9e245d0f4497b8770a777210b3462cb7870433856faa73a207d447bdc8c497
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
928ece52d676b84059abf9e4e02427390d31b96f88011b7bbc48e4a219fa1682
94b8e0a908487764f257c26ea2a7675bfb02d8e44fab476f1354a58fe9d9a76d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2be4aa5537478215fe9b96d4dc89c327f8a857f26fbf4641bc8512a2140aabe
b41927a558698d5a22372db7a4dd864ef201308ad569287da93d9a0c026d59ae
b5ba3a00b8660e0915dd6c8b0c1930b42e05d0c48c1242aa9715958f4488f542
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfb4697e0d8e6829aa7b7c681e69d190a4995f787ba54bcd37e5dfa790fdde6d
c23c07af6fbacbe4d12ab645f6b1a4c29f043ee69726f7c214096efce1acd2d7
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cace2f6b1c718efe47aeefa7243a70708ca164cd5331e033d23090f95631ed73
cae5b400a223e224ec2638aeba65d3e56ee0f2f6902dfa32df591fb285b0f798
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7513ff4bd8f68c3eb33b9ff3e0aa24a362e48bddaacf62e779221048ef7ea3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d42bd39c82e14af877e5f03f576cc4344c0b0873f3050b04ed62886bcfccbb
f4bc914405734cf3677161e64bf6aed4e05b2f89aca3ef71728d7e5c86ac3022