www.italkmoney.com Open in urlscan Pro
198.144.120.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.italkmoney.com/
Effective URL:
https://www.italkmoney.com/
Submission: On September 10 via manual (September 10th 2021, 11:58:18 pm UTC) from TN — Scanned from DE

Summary HTTP 49 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 49 HTTP transactions. The main IP is 198.144.120.79, located in United States and belongs to GTT-BACKBONE GTT, US. The main domain is www.italkmoney.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 5th 2021. Valid for: 3 months.

This is the only time www.italkmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	198.144.120.79 198.144.120.79	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	99.86.89.91 99.86.89.91	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4007:80e::2002	15169 (GOOGLE) (GOOGLE)
1	52.84.193.206 52.84.193.206	16509 (AMAZON-02) (AMAZON-02)
2	46.105.202.39 46.105.202.39	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4007:807::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.178.130 142.250.178.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4007:807::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:80d::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:808::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4007:80c::2004	15169 (GOOGLE) (GOOGLE)
49	15

18 198.144.120.79 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

www.italkmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.89.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-89-91.cdg50.r.cloudfront.net

www.alexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.193.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-193-206.cdg52.r.cloudfront.net

xslt.alexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.39 (France)

ASN16276 (OVH, FR)

u.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4007:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.130 (United States)

ASN15169 (GOOGLE, US)
PTR: par21s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:813::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:812::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4007:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80d::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80c::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	italkmoney.com 1 redirects www.italkmoney.com	92 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	221 KB
5	doubleclick.net googleads.g.doubleclick.net	41 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.com 1 redirects adservice.google.com www.google.com	883 B
2	heatmap.it u.heatmap.it	11 KB
2	alexa.com www.alexa.com xslt.alexa.com	10 KB
1	2mdn.net s0.2mdn.net	63 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	662 B
0	adsbypf.com Failed adsbypf.com Failed
49	12

	Domain	Requested by
18	www.italkmoney.com	1 redirects www.italkmoney.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.italkmoney.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	pagead2.googlesyndication.com	www.italkmoney.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	u.heatmap.it	www.italkmoney.com u.heatmap.it
1	www.google.com	1 redirects
1	fonts.googleapis.com	tpc.googlesyndication.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	xslt.alexa.com	www.italkmoney.com
1	www.alexa.com	www.italkmoney.com
0	adsbypf.com Failed	www.italkmoney.com
49	16

This site contains links to these domains. Also see Links.

Domain
www.alexa.com
monitor.italkmoney.com
forum.italkmoney.com
www.make100poundsaday.com
www.getbestloanstoday.com
www.omelhordommn.com
www.jacarandafinance.com.au
www.monzi.com.au
unick-forex.com
dokupoker.info
dragon99bet.net
poker369.vegas
bacc688.com

Subject Issuer	Validity	Valid
italkmoney.com cPanel, Inc. Certification Authority	`2021-08-05` - `2021-11-03`	3 months	crt.sh
www.alexa.com Amazon	`2021-01-13` - `2022-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.heatmap.it Sectigo RSA Domain Validation Secure Server CA	`2020-06-13` - `2022-06-26`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.italkmoney.com/
Frame ID: 49A833812E23F090E252D8D38D95DF36
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 67CF3F2CA4EAF8CDFA0794D9673D6F58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5783658135774562&output=html&h=90&slotname=3165886731&adk=1855803487&adf=2834633373&pi=t.ma~as.3165886731&w=728&lmt=1591832865&psa=0&format=728x90&url=https%3A%2F%2Fwww.italkmoney.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631318272977&bpp=3&bdt=5177&idt=85&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=302497023723&frm=20&pv=2&ga_vid=1171406319.1631318273&ga_sid=1631318273&ga_hid=1892371184&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C31062297&oid=3&pvsid=4026598715675435&pem=269&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hUS7NeIRPE&p=https%3A//www.italkmoney.com&dtd=99
Frame ID: 9ABE382E88BA8EFA7C982390417C7ED6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html
Frame ID: F37379058485E200F669E0D6591F7671
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6071B3C25B5E258C286E6DF6BCE41AD7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to the ITalkMoney Community!

Page URL History Show full URLs

http://www.italkmoney.com/ HTTP 301
https://www.italkmoney.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

67 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

536 kB
Transfer

1354 kB
Size

3
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alexa.com/siteinfo/https://www.italkmoney.com?p=rwidget#reviews

Search URL Search Domain Scan URL

URL: https://monitor.italkmoney.com/

Search URL Search Domain Scan URL

URL: https://forum.italkmoney.com/

Search URL Search Domain Scan URL

URL: https://forum.italkmoney.com/cp/1-forum-rules/

Search URL Search Domain Scan URL

URL: https://forum.italkmoney.com/cp/2-advertise-with-us/

Search URL Search Domain Scan URL

URL: http://www.make100poundsaday.com/
Title: earn 100 pounds a day online

Search URL Search Domain Scan URL

URL: http://www.getbestloanstoday.com/
Title: Personal Loans in Singapore

Search URL Search Domain Scan URL

URL: http://www.omelhordommn.com/imarketslive
Title: Imarketslive

Search URL Search Domain Scan URL

URL: https://www.jacarandafinance.com.au/loan/small-loans/
Title: https://www.jacarandafinance.com.au/loan/small-loans/

Search URL Search Domain Scan URL

URL: https://www.monzi.com.au/cash-advance/
Title: Monzi cash advance

Search URL Search Domain Scan URL

URL: https://unick-forex.com/
Title: UNICK FOREX

Search URL Search Domain Scan URL

URL: http://dokupoker.info/
Title: Bandar Ceme

Search URL Search Domain Scan URL

URL: https://dragon99bet.net/
Title: DRAGON99BET

Search URL Search Domain Scan URL

URL: https://poker369.vegas/
Title: IDN POKER

Search URL Search Domain Scan URL

URL: https://bacc688.com/gclub/%e0%b8%97%e0%b8%b2%e0%b8%87%e0%b9%80%e0%b8%82%e0%b9%89%e0%b8%b2-gclub/
Title: Gclub

Search URL Search Domain Scan URL

URL: https://www.alexa.com/siteinfo/https://www.italkmoney.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.italkmoney.com/ HTTP 301
https://www.italkmoney.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.italkmoney.com/
Redirect Chain

http://www.italkmoney.com/
https://www.italkmoney.com/

10 KB
3 KB

49ms
15ms

Document
text/html

198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3660fa896c35093d6b7957d9db24e53e0319f793b7cd706b550d069d9fff2fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.italkmoney.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Wed, 10 Jun 2020 23:47:45 GMT
etag: "264e-5ee17121-a753327c521737e8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2728
date: Fri, 10 Sep 2021 23:57:46 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: strict-origin
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 10 Sep 2021 23:57:46 GMT
server: LiteSpeed
location: https://www.italkmoney.com/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: strict-origin

GET
H/1.1 200
OK v1-234x60.png
www.alexa.com/images/widgets/blue/light/ 9 KB
9 KB 5177ms
112ms Image
image/png 99.86.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alexa.com/images/widgets/blue/light/v1-234x60.png

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-89-91.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

f71897907efb05584cbac981aa72e9d761e763562370de2b02ac063fad9df5a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 10 Sep 2021 23:57:52 GMT
Via: 1.1 38f98563ce0383d146e2eef6f867b715.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Dec 2020 22:04:45 GMT
Server: nginx
X-Amz-Cf-Pop: CDG50-C1
ETag: "5fea567d-234d"
X-Frame-Options: SAMEORIGIN
X-Cache: Miss from cloudfront
Content-Type: image/png
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9037
X-Amz-Cf-Id: yPJZO0q0RiZSeRxBA5Ozzo8N2Z0xTJLxUXv84PxVsLKaYCi1vQvS2g==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 5114ms
38ms Script
text/javascript 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

447ff98f128ca95b0fabfdc37d51eea7d636099914a1ac6b45a0a297b8f2b00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49469
x-xss-protection: 0
server: cafe
etag: 11213794403900176994
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 23:57:52 GMT

GET
H2 200 index_01.jpg
www.italkmoney.com/images/ 47 KB
47 KB 189ms
185ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_01.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e72ed84509456637b37c501aa5414ddfb5f308d683e919d2822f595dd0dcaf7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_01.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:34:11 GMT
server: LiteSpeed
etag: "ba4c-4f04e1f3-fd2b4c7c96360c39;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 47692
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 spacer.gif
www.italkmoney.com/images/ 43 B
135 B 502ms
499ms Image
image/gif 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/spacer.gif

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/spacer.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:30 GMT
server: LiteSpeed
etag: "2b-4f04e242-a948c117e434686;;;"
x-frame-options: DENY
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_02.jpg
www.italkmoney.com/images/ 462 B
548 B 506ms
502ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_02.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8beed351c2b4031d2fae8010497de994c1288b45470349659463cc33e9126856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_02.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:34:17 GMT
server: LiteSpeed
etag: "1ce-4f04e1f9-6b07efcca985dc33;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 462
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:47 GMT

GET
H2 200 splash.italkmoney_monitor.jpg
www.italkmoney.com/images/ 8 KB
8 KB 506ms
503ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/splash.italkmoney_monitor.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ba13716bb7257490230086d92c1cc56e25ba73136176d6d2887cfc887ad41e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/splash.italkmoney_monitor.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:36:03 GMT
server: LiteSpeed
etag: "1e62-4f04e263-d52ecef1abe1595e;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7778
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:47 GMT

GET
H2 200 index_04.jpg
www.italkmoney.com/images/ 469 B
555 B 504ms
501ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_04.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

564a0f16fb7db59bba6b4ae642ae193266233e2631cf0ddfb62349f0440881a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_04.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:34:25 GMT
server: LiteSpeed
etag: "1d5-4f04e201-6b21c1d98b8dba90;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 469
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 splash.italkmoney_forum.jpg
www.italkmoney.com/images/ 5 KB
5 KB 502ms
500ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/splash.italkmoney_forum.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

761f7a831189a2168608aaa332e67ebcc09c10f6d071cae992ca2e8e30a604d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/splash.italkmoney_forum.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:43 GMT
server: LiteSpeed
etag: "135b-4f04e24f-2d8a0a6098c73fc4;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4955
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_06.jpg
www.italkmoney.com/images/ 11 KB
11 KB 503ms
500ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_06.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

22e76aeda3a67ea662432fd59ea95e615cfe08e2aa4f55ee98da012fb64b0285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_06.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:34:33 GMT
server: LiteSpeed
etag: "2a8e-4f04e209-41a19a9e06b26d43;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10894
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_07.jpg
www.italkmoney.com/images/ 325 B
416 B 505ms
503ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_07.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3ef9e56345728a5388c9ae634c22f0407b3fb98b9003c89916ad84457ba4b867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_07.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:34:46 GMT
server: LiteSpeed
etag: "145-4f04e216-61125f47757c41fe;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 325
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:47 GMT

GET
H2 200 index_08.jpg
www.italkmoney.com/images/ 363 B
449 B 503ms
501ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_08.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f60ed5437578fc244f2ea31a8f629183d75d1e3768e8b0160eed0bcec359f6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_08.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:34:51 GMT
server: LiteSpeed
etag: "16b-4f04e21b-1e6d2644c5b521a4;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 363
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 splash.italkmoney_forum_rules.jpg
www.italkmoney.com/images/ 2 KB
2 KB 504ms
501ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/splash.italkmoney_forum_rules.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3061e80c62db945e3aa741892538fa31771cb110cc29a89d301379617a2bcb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/splash.italkmoney_forum_rules.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:57 GMT
server: LiteSpeed
etag: "6bb-4f04e25d-a908904f67ef5407;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1723
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_10.jpg
www.italkmoney.com/images/ 652 B
738 B 504ms
502ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_10.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

321487d51898e245edd449818496a4a7f7cb106b654976f83f8b8c267174c226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_10.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:34:57 GMT
server: LiteSpeed
etag: "28c-4f04e221-aa82c0c07513e533;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 652
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:47 GMT

GET
H2 200 splash.italkmoney_forum_advertising.jpg
www.italkmoney.com/images/ 2 KB
2 KB 503ms
501ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/splash.italkmoney_forum_advertising.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

57ffd58f87ec3286d8b39ef88bdde71ff7e1001d441d394fc1307d88bc2a7ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/splash.italkmoney_forum_advertising.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:51 GMT
server: LiteSpeed
etag: "893-4f04e257-7b314b09ef8ef2d9;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2195
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_12.jpg
www.italkmoney.com/images/ 5 KB
5 KB 502ms
500ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_12.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

190a41394e289212d4e73ded53dddc6f42c701f986def0d96a06dc44f639e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_12.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:04 GMT
server: LiteSpeed
etag: "1312-4f04e228-3193054710b45924;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4882
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_13.jpg
www.italkmoney.com/images/ 3 KB
3 KB 501ms
499ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_13.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6d545f54f9d549ca7c1706933f56e9f17b15b61fd24aae2eac0213c4dfefb51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_13.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:11 GMT
server: LiteSpeed
etag: "aca-4f04e22f-23e0ea6b0e9c78b2;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2762
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_14.jpg
www.italkmoney.com/images/ 3 KB
3 KB 501ms
499ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_14.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

610397a543ae6c2d038bd25515d59fda94b4f9c9e8c958b48ec90ccb21805856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_14.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:15 GMT
server: LiteSpeed
etag: "c90-4f04e233-8ac8f251d27ee15f;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3216
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:46 GMT

GET
H2 200 index_15.jpg
www.italkmoney.com/images/ 1 KB
1 KB 503ms
502ms Image
image/jpeg 198.144.120.79
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.italkmoney.com/images/index_15.jpg

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.144.120.79 , United States, ASN3257 (GTT-BACKBONE GTT, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

93c4efff234d670c205f92b10e28b48001d46067fe500473b8e5a032ee07a1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /images/index_15.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.italkmoney.com
referer: https://www.italkmoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:46 GMT
referrer-policy: strict-origin
last-modified: Wed, 04 Jan 2012 23:35:23 GMT
server: LiteSpeed
etag: "48b-4f04e23b-d0cd4ae27bbbc8cf;;;"
x-frame-options: DENY
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1163
x-content-type-options: nosniff
expires: Fri, 17 Sep 2021 23:57:47 GMT

GET
H/1.1 200
OK c Show response
xslt.alexa.com/site_stats/js/s/ 151 B
623 B 5092ms
22ms Script
binary/octet-stream 52.84.193.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xslt.alexa.com/site_stats/js/s/c?url=https://www.italkmoney.com
Requested by: Host: www.italkmoney.com
URL: https://www.italkmoney.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.193.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-193-206.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 10 Sep 2021 01:30:11 GMT
Via: 1.1 fb7dd4ab7d279a5ac003ba27474cf5ef.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Oct 2017 21:53:09 GMT
Server: AmazonS3
Age: 80861
ETag: "394d6f2c6c2041a2fbcdaad0e525aa7b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
X-Amz-Cf-Pop: CDG52-P1
Accept-Ranges: bytes
Content-Length: 151
X-Amz-Cf-Id: OjKIYtxNISE5KWrd_i2suHw7epbaajD4kvmAdCWMCjYFUJTVYu4eSA==

GET rotator.js
adsbypf.com/ 0
0

GET
H2 200 log.js Show response
u.heatmap.it/ 27 KB
11 KB 5068ms
10ms Script
application/x-javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/log.js
Requested by: Host: www.italkmoney.com
URL: https://www.italkmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 09:22:03 GMT
content-encoding: br
last-modified: Mon, 22 Jun 2020 07:05:45 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"5ef05849-6b2c"
x-cacheable: Matched cache
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=3600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 10533
x-request-id: 171411626
expires: Mon, 06 Sep 2021 10:22:03 GMT

GET
H2 204 www.italkmoney.com.js Show response
u.heatmap.it/conf/ 0
211 B 74ms
74ms Script
text/javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/conf/www.italkmoney.com.js
Requested by: Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:52 GMT
x-cacheable: Cacheable
x-cdn-pop-ip: 137.74.120.0/27
content-type: text/javascript;charset=UTF-8
cache-control: max-age=60
x-cdn-pop: sbg
x-request-id: 993952471
expires: Sat, 11 Sep 2021 00:02:54 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 251 KB
93 KB 48ms
47ms Script
text/javascript 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5783658135774562&plah=www.italkmoney.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95420
x-xss-protection: 0
server: cafe
etag: 5659919450890713277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 23:57:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 67CF 10 KB
5 KB 5096ms
22ms Document
text/html 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210831/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.italkmoney.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 10 Sep 2021 17:26:13 GMT
expires: Fri, 24 Sep 2021 17:26:13 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 23505
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
662 B 5101ms
28ms Script
text/javascript 142.250.178.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.italkmoney.com&callback=_gfp_s_&client=ca-pub-5783658135774562

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5783658135774562&plah=www.italkmoney.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par21s22-in-f2.1e100.net

Software

cafe /

Resource Hash

fa05559508973be34bbabd0e53d752dd6754419cc05711c601933b67f5c555a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 5108ms
30ms Script
application/javascript 2a00:1450:4007:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.italkmoney.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 23:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 5101ms
28ms Script
application/javascript 2a00:1450:4007:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.italkmoney.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:812::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 23:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9ABE 101 KB
36 KB 5423ms
439ms Document
text/html 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5783658135774562&output=html&h=90&slotname=3165886731&adk=1855803487&adf=2834633373&pi=t.ma~as.3165886731&w=728&lmt=1591832865&psa=0&format=728x90&url=https%3A%2F%2Fwww.italkmoney.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631318272977&bpp=3&bdt=5177&idt=85&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=302497023723&frm=20&pv=2&ga_vid=1171406319.1631318273&ga_sid=1631318273&ga_hid=1892371184&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C31062297&oid=3&pvsid=4026598715675435&pem=269&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hUS7NeIRPE&p=https%3A//www.italkmoney.com&dtd=99

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1179e1506ee2f67e34c519a87127579addd751f33de6d6cf7fa79177cddbb1e8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMKJ7JPO9fICFUMW0wodrJoMsw&gqi=BvE7YamzBNehnsEPj8WCQA&layout=/sadbundle/%24csp%253Der3%24/6729528151881015335/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5783658135774562&output=html&h=90&slotname=3165886731&adk=1855803487&adf=2834633373&pi=t.ma~as.3165886731&w=728&lmt=1591832865&psa=0&format=728x90&url=https%3A%2F%2Fwww.italkmoney.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631318272977&bpp=3&bdt=5177&idt=85&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=302497023723&frm=20&pv=2&ga_vid=1171406319.1631318273&ga_sid=1631318273&ga_hid=1892371184&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C31062297&oid=3&pvsid=4026598715675435&pem=269&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hUS7NeIRPE&p=https%3A//www.italkmoney.com&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.italkmoney.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMKJ7JPO9fICFUMW0wodrJoMsw&gqi=BvE7YamzBNehnsEPj8WCQA&layout=/sadbundle/%24csp%253Der3%24/6729528151881015335/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 10 Sep 2021 23:57:58 GMT
server: cafe
content-length: 35786
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 00:12:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 10 Sep 2021 23:57:58 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 5109ms
33ms Script
text/javascript 2a00:1450:4007:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.italkmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273431406706"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
expires: Fri, 10 Sep 2021 23:57:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 9ABE 18 KB
8 KB 5110ms
30ms Script
text/javascript 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5783658135774562&output=html&h=90&slotname=3165886731&adk=1855803487&adf=2834633373&pi=t.ma~as.3165886731&w=728&lmt=1591832865&psa=0&format=728x90&url=https%3A%2F%2Fwww.italkmoney.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631318272977&bpp=3&bdt=5177&idt=85&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=302497023723&frm=20&pv=2&ga_vid=1171406319.1631318273&ga_sid=1631318273&ga_hid=1892371184&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C31062297&oid=3&pvsid=4026598715675435&pem=269&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hUS7NeIRPE&p=https%3A//www.italkmoney.com&dtd=99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7641
x-xss-protection: 0
server: cafe
etag: 14368791910870210898
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Sep 2021 23:49:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9ABE 2 KB
1 KB 5107ms
27ms Script
text/javascript 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Sep 2021 23:29:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9ABE 125 KB
38 KB 31ms
30ms Script
text/javascript 2a00:1450:4007:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:57:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273423644667"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38649
x-xss-protection: 0
expires: Fri, 10 Sep 2021 23:57:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9ABE 14 KB
7 KB 5104ms
24ms Script
text/javascript 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Sep 2021 23:18:44 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/ Frame F373 6 KB
4 KB 5103ms
28ms Document
text/html 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8754796d58b4be3a142b4d7b783bddbf519b5027e307b1e799783213a906d21

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6729528151881015335/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2316
date: Wed, 08 Sep 2021 07:07:02 GMT
expires: Thu, 08 Sep 2022 07:07:02 GMT
last-modified: Thu, 15 Apr 2021 13:50:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 233461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9ABE 0
0 30ms
29ms Fetch
text/html 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtCjtBvE7YcLuBMOszAastbKYC_zTisJj89vUzt0N_u2-4HYQASDMhrIeYJXikIKgB6AB_4St7QPIAQmoAwHIA0iqBLgBT9An4NHsmWHF_4dw7_AUY9nhZxm-3Y-JlxjJmpE_RyCjQG5gD9EFSrJcTx8vCn6xpENfAoScNKvMqheZFkptjzW5kRmGmP8QrSjJ22HOd3pSXjfXAC7LXMEeUCmrDZACb9Kmc56MfUG2rsEfq8YN0AxB0gXRu0ZFY9mLBqORNAqi2mEqUy-hjKoCq9LPt28PIRcWHjcxCTLs8cW9VJpPoNjTDJXUlQCOewRluUk6SzZs4OM1cvxeecAE9IHHwvgCkgUECAQYAZIFBAgFGASgBi6AB5L7mh2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEENWAG9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01NzgzNjU4MTM1Nzc0NTYyGAA&sigh=OgGrMuCEjqc&uach_m=[UACH]&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5783658135774562&output=html&h=90&slotname=3165886731&adk=1855803487&adf=2834633373&pi=t.ma~as.3165886731&w=728&lmt=1591832865&psa=0&format=728x90&url=https%3A%2F%2Fwww.italkmoney.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631318272977&bpp=3&bdt=5177&idt=85&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=302497023723&frm=20&pv=2&ga_vid=1171406319.1631318273&ga_sid=1631318273&ga_hid=1892371184&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C31062297&oid=3&pvsid=4026598715675435&pem=269&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hUS7NeIRPE&p=https%3A//www.italkmoney.com&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 10 Sep 2021 23:57:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Sep 2021 23:57:58 GMT

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F373 9 KB
3 KB 26ms
25ms Script
text/javascript 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 11 Sep 2021 00:41:44 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F373 26 KB
10 KB 27ms
26ms Script
text/javascript 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 06:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 11 Sep 2021 06:31:50 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F373 236 KB
63 KB 5115ms
28ms Script
text/javascript 2a00:1450:4007:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 23:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 23:58:08 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame F373 84 KB
30 KB 5104ms
25ms Script
text/javascript 2a00:1450:4007:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 08:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 08:10:52 GMT

GET
H2 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/ Frame F373 74 KB
14 KB 30ms
29ms Script
application/x-javascript 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee3a167970e20c9ffdc58c06d3987fc10ce45a8e5de0536ef7d2370b3e1d3606

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 233460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14298
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:13 GMT
server: sffe
date: Wed, 08 Sep 2021 07:07:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 07:07:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F373 2 KB
1022 B 5116ms
30ms Stylesheet
text/css 2a00:1450:4007:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:55:15 GMT
server: ESF
date: Fri, 10 Sep 2021 23:58:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Sep 2021 23:58:08 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6071 143 B
226 B 21ms
21ms Document
text/html 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5783658135774562&output=html&h=90&slotname=3165886731&adk=1855803487&adf=2834633373&pi=t.ma~as.3165886731&w=728&lmt=1591832865&psa=0&format=728x90&url=https%3A%2F%2Fwww.italkmoney.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631318272977&bpp=3&bdt=5177&idt=85&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=302497023723&frm=20&pv=2&ga_vid=1171406319.1631318273&ga_sid=1631318273&ga_hid=1892371184&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C31062297&oid=3&pvsid=4026598715675435&pem=269&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hUS7NeIRPE&p=https%3A//www.italkmoney.com&dtd=99
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUn7cUIjuN8c8F4Dzvfq2UPTV9TSBj5DaI9zojGQtUp9HbZWXXB2zbWQ6p9CydM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5783658135774562&output=html&h=90&slotname=3165886731&adk=1855803487&adf=2834633373&pi=t.ma~as.3165886731&w=728&lmt=1591832865&psa=0&format=728x90&url=https%3A%2F%2Fwww.italkmoney.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631318272977&bpp=3&bdt=5177&idt=85&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=302497023723&frm=20&pv=2&ga_vid=1171406319.1631318273&ga_sid=1631318273&ga_hid=1892371184&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525%2C31062297&oid=3&pvsid=4026598715675435&pem=269&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hUS7NeIRPE&p=https%3A//www.italkmoney.com&dtd=99

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 10 Sep 2021 23:10:46 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9ABE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a69f8727f5a39dd96470a9e6c45de80843a3af0913b6405c06bc50c2ef1f618a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6071
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
167 B

26ms
26ms

Document
text/html

2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUn7cUIjuN8c8F4Dzvfq2UPTV9TSBj5DaI9zojGQtUp9HbZWXXB2zbWQ6p9CydM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 23:58:08 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 11-Sep-2021 00:58:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 10 Sep 2021 23:58:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 23:58:08 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9ABE 42 B
518 B 83ms
31ms Fetch
image/gif 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLh7nAYMPRxBFmcxA_tPQdrxjOkBkSSAfv_dYwzoXmm7_HBxmoOwNkzc_ElcisDKfg_hwrEVpbrmSYY1KAev_trhFgmjL8_tVsEm5VqbDhGr7xdZ84Nm11MeC6pg&sai=AMfl-YQdLZpVEnmglUsYd48YcusK9nFTBPqrxEkB0GYDX9t_wtB6g7gIx1TemyDnVHcfG49gQ6s99v3oQkNJ&sig=Cg0ArKJSzEHPTTL1fXSLEAE&id=lidar2&mcvt=1000&p=86,436,176,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1855803487&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631318273077&rpt=10605&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 23:58:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/ Frame F373 6 KB
6 KB 24ms
24ms Image
image/jpeg 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/_1.jpg?1585641815640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c972a37e959c619c507e2798a4a3549285b0323f2bbd7463b465b0d2db0d02e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6022
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:13 GMT
server: sffe
date: Wed, 08 Sep 2021 07:07:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 07:07:03 GMT

GET
H2 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame F373 35 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4007:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 19:31:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 19:31:50 GMT

GET
H2 200 _2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/ Frame F373 6 KB
6 KB 24ms
24ms Image
image/jpeg 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/_2.jpg?1585641815640

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d5c159efc03fafc806f78d7ed9f0b2ccdbd1dd98b5ed472229b316b91281ff1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6539
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:13 GMT
server: sffe
date: Wed, 08 Sep 2021 07:07:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 07:07:03 GMT

GET
H2 200 _3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/ Frame F373 6 KB
6 KB 25ms
25ms Image
image/jpeg 2a00:1450:4007:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6729528151881015335/_3.jpg?1585641815640

Requested by

Host: www.italkmoney.com
URL: https://www.italkmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ecb8aec8a7a61e244388ac7f1f01179f7f2f781bb65f80a17ab2a7cfa21638f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:50:13 GMT
server: sffe
date: Wed, 08 Sep 2021 07:07:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 07:07:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adsbypf.com
URL: https://adsbypf.com/rotator.js?1418419096

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.italkmoney.com/	1970-01-20 06:30:14	Name: __gads Value: ID=fd6ef30bbdb98225-225280eaf0ca001b:T=1631318278:RT=1631318278:S=ALNI_MbV8M9VJv8mmME4gFLUkXhXgQp4xA
.doubleclick.net/	1970-01-20 06:30:14	Name: IDE Value: AHWqTUn7cUIjuN8c8F4Dzvfq2UPTV9TSBj5DaI9zojGQtUp9HbZWXXB2zbWQ6p9CydM
.doubleclick.net/	1970-01-19 21:08:41	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsbypf.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
u.heatmap.it
www.alexa.com
www.google.com
www.googletagservices.com
www.italkmoney.com
xslt.alexa.com
adsbypf.com
142.250.178.130
198.144.120.79
2a00:1450:4007:807::2001
2a00:1450:4007:807::2002
2a00:1450:4007:808::200a
2a00:1450:4007:80a::200a
2a00:1450:4007:80c::2004
2a00:1450:4007:80d::2006
2a00:1450:4007:80e::2002
2a00:1450:4007:80f::2002
2a00:1450:4007:812::2002
2a00:1450:4007:813::2002
46.105.202.39
52.84.193.206
99.86.89.91
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d5c159efc03fafc806f78d7ed9f0b2ccdbd1dd98b5ed472229b316b91281ff1
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1179e1506ee2f67e34c519a87127579addd751f33de6d6cf7fa79177cddbb1e8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190a41394e289212d4e73ded53dddc6f42c701f986def0d96a06dc44f639e7d8
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
22e76aeda3a67ea662432fd59ea95e615cfe08e2aa4f55ee98da012fb64b0285
3061e80c62db945e3aa741892538fa31771cb110cc29a89d301379617a2bcb54
321487d51898e245edd449818496a4a7f7cb106b654976f83f8b8c267174c226
3660fa896c35093d6b7957d9db24e53e0319f793b7cd706b550d069d9fff2fc4
3ecb8aec8a7a61e244388ac7f1f01179f7f2f781bb65f80a17ab2a7cfa21638f
3ef9e56345728a5388c9ae634c22f0407b3fb98b9003c89916ad84457ba4b867
447ff98f128ca95b0fabfdc37d51eea7d636099914a1ac6b45a0a297b8f2b00a
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
564a0f16fb7db59bba6b4ae642ae193266233e2631cf0ddfb62349f0440881a0
57ffd58f87ec3286d8b39ef88bdde71ff7e1001d441d394fc1307d88bc2a7ab0
610397a543ae6c2d038bd25515d59fda94b4f9c9e8c958b48ec90ccb21805856
6d545f54f9d549ca7c1706933f56e9f17b15b61fd24aae2eac0213c4dfefb51e
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
761f7a831189a2168608aaa332e67ebcc09c10f6d071cae992ca2e8e30a604d8
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643
8beed351c2b4031d2fae8010497de994c1288b45470349659463cc33e9126856
93c4efff234d670c205f92b10e28b48001d46067fe500473b8e5a032ee07a1ca
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69f8727f5a39dd96470a9e6c45de80843a3af0913b6405c06bc50c2ef1f618a
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba13716bb7257490230086d92c1cc56e25ba73136176d6d2887cfc887ad41e98
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c972a37e959c619c507e2798a4a3549285b0323f2bbd7463b465b0d2db0d02e4
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72ed84509456637b37c501aa5414ddfb5f308d683e919d2822f595dd0dcaf7a
e8754796d58b4be3a142b4d7b783bddbf519b5027e307b1e799783213a906d21
ee3a167970e20c9ffdc58c06d3987fc10ce45a8e5de0536ef7d2370b3e1d3606
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60ed5437578fc244f2ea31a8f629183d75d1e3768e8b0160eed0bcec359f6c8
f71897907efb05584cbac981aa72e9d761e763562370de2b02ac063fad9df5a1
fa05559508973be34bbabd0e53d752dd6754419cc05711c601933b67f5c555a0

www.italkmoney.com Open in urlscan Pro 198.144.120.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

67 %IPv6

12 Domains

16 Subdomains

15 IPs

3 Countries

536 kBTransfer

1354 kBSize

3 Cookies

16 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.italkmoney.com Open in urlscan Pro
198.144.120.79 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

67 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

536 kB
Transfer

1354 kB
Size

3
Cookies

49 HTTP transactions
1 data transactions