iwtsp.com Open in urlscan Pro
2606:4700:3108::ac42:2b09 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u33060736.ct.sendgrid.net/ls/click?upn=o3hRE6WvAAwqFhHAd5UwXWlGSm4MRkgTaK1dRc9XncOplEGSgOe-2BnVqo-2BdoMj6N8WBE38hH-2F8XqIm...
Effective URL:
https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Submission: On June 12 via api (June 12th 2023, 4:37:25 am UTC) from TR — Scanned from DE

Summary HTTP 70 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b09, located in United States and belongs to CLOUDFLARENET, US. The main domain is iwtsp.com. The Cisco Umbrella rank of the primary domain is 792119.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 14th 2023. Valid for: a year.

This is the only time iwtsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.54 167.89.115.54	11377 (SENDGRID) (SENDGRID)
1 1	212.83.149.54 212.83.149.54	12876 (Online SAS) (Online SAS)
12	2606:4700:310... 2606:4700:3108::ac42:2b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
70	20

1 167.89.115.54 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net

u33060736.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.149.54 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: classic.easysendy.com

app15.easysendyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3108::ac42:2b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iwtsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1941 www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 106 mts0.google.com — Cisco Umbrella Rank: 5009	60 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154	265 KB
12	iwtsp.com iwtsp.com — Cisco Umbrella Rank: 792119	47 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 121	45 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57 region1.google-analytics.com — Cisco Umbrella Rank: 1892	21 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	109 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 ajax.googleapis.com — Cisco Umbrella Rank: 422	37 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	55 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1086	600 B
1	google.de www.google.de — Cisco Umbrella Rank: 5056	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	85 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1114	7 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 993	7 KB
1	easysendyapp.com 1 redirects app15.easysendyapp.com	536 B
1	sendgrid.net 1 redirects u33060736.ct.sendgrid.net	322 B
70	15

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	iwtsp.com	iwtsp.com static.cloudflareinsights.com
11	pagead2.googlesyndication.com	iwtsp.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	iwtsp.com fonts.googleapis.com
2	www.google.com	tpc.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	iwtsp.com www.google-analytics.com
2	fonts.googleapis.com	iwtsp.com googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	iwtsp.com
1	ajax.googleapis.com	iwtsp.com
1	static.cloudflareinsights.com	iwtsp.com
1	maxcdn.bootstrapcdn.com	iwtsp.com
1	app15.easysendyapp.com	1 redirects
1	u33060736.ct.sendgrid.net	1 redirects
70	23

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
twitter.com
www.instagram.com
www.facebook.com
www.snapchat.com

Subject Issuer	Validity	Valid
iwtsp.com Cloudflare Inc ECC CA-3	`2023-04-14` - `2024-04-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Frame ID: 7B7BC97AD8B0391A6C6F7B4532E378E8
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: 36002E85B2B9A165A6C1C6E15C6CE531
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8986422483977215&output=html&adk=1812271804&adf=3025194257&lmt=1686540732&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686544640625&bpp=3&bdt=144&idt=113&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7720150112954&frm=20&pv=2&ga_vid=574975649.1686544641&ga_sid=1686544641&ga_hid=293168686&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44788441&oid=2&pvsid=2239772222742740&tmod=1241596952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273
Frame ID: 0AACE40306BB74FD313C7F75207198B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8986422483977215&output=html&h=280&slotname=5804293463&adk=553816739&adf=3718493517&pi=t.ma~as.5804293463&w=1200&fwrn=4&fwrnh=100&lmt=1686540732&rafmt=1&format=1200x280&url=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686544640625&bpp=2&bdt=145&idt=153&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7720150112954&frm=20&pv=1&ga_vid=574975649.1686544641&ga_sid=1686544641&ga_hid=293168686&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44788441&oid=2&pvsid=2239772222742740&tmod=1241596952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ao1dHkeRZy&p=https%3A//iwtsp.com&dtd=277
Frame ID: 21483DA853602681031E3F1CAFF122B0
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A91214EE9B56D1AD3E1DE54F9D7FA1FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 292CEB22D322465CBC16D141145567EE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: 537DD78521B2C3BBA57B5E17000AB970
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

آيواتساب 971504044421

Page URL History Show full URLs

https://u33060736.ct.sendgrid.net/ls/click?upn=o3hRE6WvAAwqFhHAd5UwXWlGSm4MRkgTaK1dRc9XncOplEGSgOe-2BnVqo-2Bdo... HTTP 302
http://app15.easysendyapp.com/campaigns/cv2077cz3n499/track-url/ov808jd7gyfc4/a0e571092c3a447afa79727ab20b... HTTP 301
https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

100 %
HTTPS

90 %
IPv6

15
Domains

23
Subdomains

20
IPs

4
Countries

739 kB
Transfer

2025 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=971504044421
Title: متابعة للدردشة

Search URL Search Domain Scan URL

URL: https://twitter.com/iwtspcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/iwtspcom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iwtspcom

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/iwtsp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u33060736.ct.sendgrid.net/ls/click?upn=o3hRE6WvAAwqFhHAd5UwXWlGSm4MRkgTaK1dRc9XncOplEGSgOe-2BnVqo-2BdoMj6N8WBE38hH-2F8XqIm37e59jOcKZTO3HslB7J7kvjkUUUzVeemZ0DUqk3-2FCfgajzFqpKgrDHLNZ6ayKuAME7W-2BB3OLfeGQtdwK9T2iox-2B2g4jcIY-3DFQVt_hwjpEj1F1VZKjByrsjnHW5qYRNvUAhXtuUCF4xDn7P2tswv1OXOH9baAUgOFWrfREEyClBAvxxh2SJSsibECjP4c4dksEZ-2B8oXeYUpBsIoiJKstUVDqLfitjxRW6reSkDdEfWK7cLKEGwhLZ0HDfEHm8zWJMvsQzsdEvhcE0DoxINoHny-2FrF-2FiwkfynGlxzp0OS-2BmYh-2BAxo9LCuMtZ1fhSOQp8uz1xUEadQ5jyfUXwIsrFsWnKJAmQIp-2B-2FnOe5UTYvEPX0TdJ-2FNFWX5SCY-2FwQ1rDzZ9GljyDnEoMSc99bZAX3uITNuTJmoraj86CI9H7oZMsYFn7cR1S4hbaazvO8bHYO-2BbSV7EFOOABnT-2F2EfE-3D HTTP 302
http://app15.easysendyapp.com/campaigns/cv2077cz3n499/track-url/ov808jd7gyfc4/a0e571092c3a447afa79727ab20b7fbf1c320ee9 HTTP 301
https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 971504044421 Show response
iwtsp.com/
Redirect Chain

https://u33060736.ct.sendgrid.net/ls/click?upn=o3hRE6WvAAwqFhHAd5UwXWlGSm4MRkgTaK1dRc9XncOplEGSgOe-2BnVqo-2BdoMj6N8WBE38hH-2F8XqIm37e59jOcKZTO3HslB7J7kvjkUUUzVeemZ0DUqk3-2FCfgajzFqpKgrDHLNZ6ayKuAME...
http://app15.easysendyapp.com/campaigns/cv2077cz3n499/track-url/ov808jd7gyfc4/a0e571092c3a447afa79727ab20b7fbf1c320ee9
https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d

13 KB
4 KB

63ms
22ms

Document
text/html

2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee167b87d89082d4619cc2455c685b718a7bb2a6577a5cc4efddbaf5ac63e7a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3782
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=2678400
cf-cache-status: HIT
cf-ray: 7d5f65e2ddf81976-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Jun 2023 04:37:20 GMT
last-modified: Mon, 12 Jun 2023 03:32:12 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Jun 2023 04:37:20 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 12 Jun 2023 04:37:20 GMT
Location: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
X-XSS-Protection: 1; mode=block

GET
H2 200 bootstrap.min-ar.css
iwtsp.com/assets/css/ 120 KB
20 KB 24ms
23ms Stylesheet
text/css 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iwtsp.com/assets/css/bootstrap.min-ar.css
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955e07418ea1a7ca3df4deca3be2939cb74592fa13939ba5e8cd4ad0d9c675cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1974690
cf-polished: origSize=147781
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
cf-ray: 7d5f65e30e1a1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 33ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 11323655
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7d5f65e31aab195c-FRA
cdn-requestpullsuccess: True

GET
H2 200 home-style.css
iwtsp.com/assets/css/ 3 KB
905 B 26ms
26ms Stylesheet
text/css 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iwtsp.com/assets/css/home-style.css
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 918cc97b2af24b9eb50817ab7a0aa755099551da82942c5fe4667752926fadc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1975149
cf-polished: origSize=3869
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
cf-ray: 7d5f65e30e1b1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Comfortaa:300,400,700|Lato:300,300i,400,400i,700,700i|Raleway:300,300i,400,400i,500,500i,700,700i

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dc69898804a7002375165bda69b05f18e6d3335286e259daf633581fd3cc6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 04:37:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 04:37:20 GMT

GET
H2 200 logo.webp
iwtsp.com/ 2 KB
2 KB 21ms
20ms Image
image/webp 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iwtsp.com/logo.webp
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a1c63574dbc08cad3ecc5688e29821af425281cff2798005e240b8c82c3e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 15:26:57 GMT
server: cloudflare
age: 1974690
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7d5f65e30e1d1976-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2036

GET
H2 200 twitter.svg
iwtsp.com/assets/images/ 1 KB
450 B 22ms
21ms Image
image/svg+xml 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iwtsp.com/assets/images/twitter.svg
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653b2956f467785d11687af511e93423b9854cd3e199e2ac1ab7b40ec0f98243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1975148
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 7d5f65e30e1e1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 instagram.svg
iwtsp.com/assets/images/ 966 B
449 B 22ms
21ms Image
image/svg+xml 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iwtsp.com/assets/images/instagram.svg
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc5936c49ba430944eb73b0be0150a01fe2a22624d36d90a59ae001581baf38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1974590
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 7d5f65e30e1f1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 facebook-f.svg
iwtsp.com/assets/images/ 472 B
369 B 21ms
21ms Image
image/svg+xml 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iwtsp.com/assets/images/facebook-f.svg
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80860d362fc1095284d3e472d04b5fc24606e7aa802e54e60de9d8cea26f3d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1974689
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 7d5f65e30e201976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 snapchat.svg
iwtsp.com/assets/images/ 3 KB
1 KB 21ms
21ms Image
image/svg+xml 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iwtsp.com/assets/images/snapchat.svg
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d09cd7a794a1924a4cc75d95f5d6a0cb514af099b1746ad150578f487ec18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1975148
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 7d5f65e30e211976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
iwtsp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iwtsp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Jun 2023 11:54:19 GMT
server: cloudflare
etag: W/"647f1e6b-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7d5f65e30e221976-FRA
expires: Wed, 14 Jun 2023 04:37:20 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 74ms
57ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://iwtsp.com/
Origin: https://iwtsp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d5f65e319da18b9-FRA

GET
H3 200 fastclick.min.js Show response
iwtsp.com/assets/js/plugins/fastclick/ 9 KB
3 KB 23ms
23ms Script
application/javascript 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iwtsp.com/assets/js/plugins/fastclick/fastclick.min.js
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1975183
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7d5f65e35ce59295-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
iwtsp.com/assets/js/ 36 KB
10 KB 24ms
23ms Script
application/javascript 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iwtsp.com/assets/js/bootstrap.min.js
Requested by: Host: iwtsp.com
URL: https://iwtsp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 00:07:46 GMT
server: cloudflare
age: 1975183
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7d5f65e35ce79295-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 07:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 07:58:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
85 KB 51ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D54D24ZC9H

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1885a80b149d49af7c942f1b942b90742837f52d105fe94a08cd621c5407ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Jun 2023 04:37:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 51ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8986422483977215

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5ba30a88bac1af8702dcd236411c53046433f3e9a75346defdd9c7ab7442069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
Origin: https://iwtsp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47449
x-xss-protection: 0
server: cafe
etag: 1144627114481998731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 04:37:20 GMT

GET
H2 200 NotoKufiArabic-Bold.woff2
fonts.gstatic.com/ea/notokufiarabic/v2/ 31 KB
31 KB 44ms
15ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/notokufiarabic/v2/NotoKufiArabic-Bold.woff2

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1081075f06dd31d8515a532bf74019b8a4e9f3ad86b25f32348a33ac1552374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
Origin: https://iwtsp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31318
x-xss-protection: 0
last-modified: Tue, 05 Aug 2014 21:54:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:24:43 GMT

GET
H2 200 NotoKufiArabic-Regular.woff2
fonts.gstatic.com/ea/notokufiarabic/v2/ 30 KB
31 KB 37ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/notokufiarabic/v2/NotoKufiArabic-Regular.woff2

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fb73d94d7f0c98f2ab73fc6a3ddcb83b8199f0bb4bf9c3f71c188f812686b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
Origin: https://iwtsp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 23:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30868
x-xss-protection: 0
last-modified: Tue, 05 Aug 2014 21:54:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 23:21:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iwtsp.com
URL: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 03:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5552
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 12 Jun 2023 05:04:48 GMT

POST
H3 204 rum Show response
iwtsp.com/cdn-cgi/ 0
136 B 14ms
13ms XHR
text/plain 2606:4700:3108::ac42:2b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iwtsp.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://iwtsp.com/971504044421?sc=103960757ca88cbbbe574bf94b19ea34226a6662d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://iwtsp.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d5f65e3dd2c9295-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ 352 KB
118 KB 64ms
47ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8986422483977215&plah=iwtsp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8986422483977215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a68fe9a384bdf737cef6ffc6f1221378397c2755d4ae7bae60bc62a1c76ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121046
x-xss-protection: 0
server: cafe
etag: 2108466045744977652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 04:37:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame 3600 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8986422483977215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 18:54:38 GMT
etag: 15057649708203361565
expires: Sun, 25 Jun 2023 18:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D54D24ZC9H&gtm=45je3671&_p=293168686&cid=574975649.1686544641&ul=en-us&_geo=1&_rdi=1&ngs=1&_s=1&sid=1686544640&sct=1&seg=0&dl=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&dt=%D8%A2%D9%8A%D9%88%D8%A7%D8%AA%D8%B3%D8%A7%D8%A8%20971504044421&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D54D24ZC9H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iwtsp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
204 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=293168686&t=pageview&_s=1&dl=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&ul=en-us&de=UTF-8&dt=%D8%A2%D9%8A%D9%88%D8%A7%D8%AA%D8%B3%D8%A7%D8%A8%20971504044421&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=856183401&gjid=482055538&cid=574975649.1686544641&tid=UA-39052218-4&_gid=309581920.1686544641&_r=1&_slc=1&z=520840136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iwtsp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-39052218-4&cid=574975649.1686544641&jid=856183401&gjid=482055538&_gid=309581920.1686544641&_u=IADAAEAAAAAAACAAI~&z=75993430

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Jun 2023 04:37:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iwtsp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-8986422483977215 Show response
fundingchoicesmessages.google.com/i/ 140 KB
47 KB 91ms
55ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8986422483977215?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8986422483977215&plah=iwtsp.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f29354bfa3cf0f5421ce3c122baf9a1690f9fcabc538497aecf4561ef9a9a480

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PviW3t1BB-BWNePpKsLN9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-PviW3t1BB-BWNePpKsLN9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 43ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-39052218-4&cid=574975649.1686544641&jid=856183401&_u=IADAAEAAAAAAACAAI~&z=1880090320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 42ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-39052218-4&cid=574975649.1686544641&jid=856183401&_u=IADAAEAAAAAAACAAI~&z=1880090320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 40ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=iwtsp.com&callback=_gfp_s_&client=ca-pub-8986422483977215

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec5e305c38f5189dc358fe1100c84d69bee4f8a2ea2c7f87635c87043f71faf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 39ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=iwtsp.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=footer_link&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=navbar%20navbar-inverse%20navbar-fixed-top%20bs-docs-nav&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AAC 1 KB
422 B 115ms
114ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8986422483977215&output=html&adk=1812271804&adf=3025194257&lmt=1686540732&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686544640625&bpp=3&bdt=144&idt=113&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7720150112954&frm=20&pv=2&ga_vid=574975649.1686544641&ga_sid=1686544641&ga_hid=293168686&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44788441&oid=2&pvsid=2239772222742740&tmod=1241596952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92caceb80914740ff956fa54cc2098c5f2f368dd565f7db5679b9f4ea3bdfcdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 399
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 04:37:21 GMT
expires: Mon, 12 Jun 2023 04:37:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2148 130 KB
40 KB 341ms
341ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8986422483977215&output=html&h=280&slotname=5804293463&adk=553816739&adf=3718493517&pi=t.ma~as.5804293463&w=1200&fwrn=4&fwrnh=100&lmt=1686540732&rafmt=1&format=1200x280&url=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686544640625&bpp=2&bdt=145&idt=153&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7720150112954&frm=20&pv=1&ga_vid=574975649.1686544641&ga_sid=1686544641&ga_hid=293168686&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44788441&oid=2&pvsid=2239772222742740&tmod=1241596952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ao1dHkeRZy&p=https%3A//iwtsp.com&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b7afc20198f729d4b74624cbe2fcd201289a98f20642307ced79df57cc39140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40682
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 04:37:21 GMT
expires: Mon, 12 Jun 2023 04:37:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 24ms
23ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa444934c6cfaab4d3c4359e35d37ab4f1898fd6e78998080c78a8d4075ef59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11321
x-xss-protection: 0

GET
H2 200 AGSKWxUu8ETXLa9xhk1uccAX50F54PbJ7z3xznyJCX4VN4u03aL6KyJf00diJSr5gC4HjsTWITfhXmK5qxRG5dnE7A== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUu8ETXLa9xhk1uccAX50F54PbJ7z3xznyJCX4VN4u03aL6KyJf00diJSr5gC4HjsTWITfhXmK5qxRG5dnE7A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2NTQ0NjQwLDkwODAwMDAwMF0sIjM4NTY2OUU2LTlGQ0ItNDk4NC1COUY0LUU3QkFGM0YyNkNBRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vaXd0c3AuY29tLzk3MTUwNDA0NDQyMSIsbnVsbCxbWzgsInBZT2o1QmdzekpFIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.pYOj5BgszJE.es5.O/d=1/rs=AJlcJMx3zXCYIMXndwgSB1WNFu57Wy1oZw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42058f9b39097f00ed7050271dd9eef9b7dc68c9deb646b9a69f7c8c9bccf50d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KD_OA05YWqpbyfCnVel0EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-KD_OA05YWqpbyfCnVel0EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 04:37:20 GMT

POST
H3 204 AGSKWxVremPUrXr2YcsRxM2ixzryGi7SjXZvWrAh_g6ixQp4cruRbTxxfPqm6cqe1lIkIVtrmuQky-Bx_xk3CgDW4Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
20ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVremPUrXr2YcsRxM2ixzryGi7SjXZvWrAh_g6ixQp4cruRbTxxfPqm6cqe1lIkIVtrmuQky-Bx_xk3CgDW4Q==?pvid=385669E6-9FCB-4984-B9F4-E7BAF3F26CAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tnhWu2xpbuptdtaNGCweIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-tnhWu2xpbuptdtaNGCweIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://iwtsp.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWZkpMutyT68bGDIaGq72K5oV6p3RcrO81-kCsaey1zc5uSW3djXe24GrnbUXPmSOd22Mh084IA_wqY--mLGhJlhiq9AhsGBdMmhUf-LO6TuBIviWYU35svfpDwaLyyH656aTVe Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZkpMutyT68bGDIaGq72K5oV6p3RcrO81-kCsaey1zc5uSW3djXe24GrnbUXPmSOd22Mh084IA_wqY--mLGhJlhiq9AhsGBdMmhUf-LO6TuBIviWYU35svfpDwaLyyH656aTVe?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2NTQ0NjQwLDk2MDAwMDAwMF0sIjM4NTY2OUU2LTlGQ0ItNDk4NC1COUY0LUU3QkFGM0YyNkNBRSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXV0sImh0dHBzOi8vaXd0c3AuY29tLzk3MTUwNDA0NDQyMSIsbnVsbCxbWzgsInBZT2o1QmdzekpFIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

886f5e1ca9829564815ee792fe86d96e4121f725db7fb7626d7ae98234d941a1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5h2b2lit1fakwMgSMmWCLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5h2b2lit1fakwMgSMmWCLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A912 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:54:11 GMT
expires: Mon, 10 Jun 2024 13:54:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 292C 783 B
971 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

15e41e16b58dea79d102ca3478af207b1415da9a3ae0e3e6b87381b4997d1665

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8R5mJyFCzqDhq3Fw0geZmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iwtsp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-8R5mJyFCzqDhq3Fw0geZmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 04:37:20 GMT
expires: Mon, 12 Jun 2023 04:37:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame A912 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 464659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:33:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 292C 0
0 41ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=2239772222742740&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A912 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mujYwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2148 14 KB
1 KB 20ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8986422483977215&output=html&h=280&slotname=5804293463&adk=553816739&adf=3718493517&pi=t.ma~as.5804293463&w=1200&fwrn=4&fwrnh=100&lmt=1686540732&rafmt=1&format=1200x280&url=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686544640625&bpp=2&bdt=145&idt=153&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7720150112954&frm=20&pv=1&ga_vid=574975649.1686544641&ga_sid=1686544641&ga_hid=293168686&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44788441&oid=2&pvsid=2239772222742740&tmod=1241596952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ao1dHkeRZy&p=https%3A//iwtsp.com&dtd=277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 04:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 04:36:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 04:37:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 2148 2 KB
892 B 10ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 2148 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 2148 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 08:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 2148 20 KB
8 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2148 175 KB
55 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 04:37:21 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 2148 32 KB
14 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:20:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2148 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm54lAKGGZIe-OJrY7_UPobCKuAj2htqvaeG2nfCZEbrh6JnLARABIOmC1ipglcqugrQHoAHT5f6cKMgBCakCoCkZUMEIsj6oAwHIA8sEqgTfAU_Q0qWUkrxv9t2xQb4A3N8U9WMRIRzNjOHFY5QyQNJazCUKuqm5Vclh3IxOuBif3vzWWCRYjQOnuqh4GaifO8Hekvn_yaEcGm1zDhHCcnF2to7b3u_V0aEwoWY4NwMRzCje0WaIA5Ssi8NoffslfiZaXRjJmc6wOqlSgkTwPcFNtk9SjEfFI35MrbTnn5Rzl-YIQ8e_F_q5sX-q6yvdyYM5SiQqSYjQOEzhO4oH6bEmElH6cNHvv9Hj9iPAz04bIHhLSJ03t8_fXj_htYsRdNfE4jXrh9eBuO9XuMP5UZbABN_F0dzrA5IFBAgEGAGSBQQIBRgEoAYugAfTnc_8AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFENbZggHSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6gAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi04OTg2NDIyNDgzOTc3MjE1GAA&sigh=iGkzSULJhK0&uach_m=[UACH]&cid=CAQSGwBygQiD7DClCxCc9TEif_na03_UeDC8Bsg-FRgB&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8986422483977215&output=html&h=280&slotname=5804293463&adk=553816739&adf=3718493517&pi=t.ma~as.5804293463&w=1200&fwrn=4&fwrnh=100&lmt=1686540732&rafmt=1&format=1200x280&url=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686544640625&bpp=2&bdt=145&idt=153&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7720150112954&frm=20&pv=1&ga_vid=574975649.1686544641&ga_sid=1686544641&ga_hid=293168686&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44788441&oid=2&pvsid=2239772222742740&tmod=1241596952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ao1dHkeRZy&p=https%3A//iwtsp.com&dtd=277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Jun 2023 04:37:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 04:37:21 GMT

GET
H2 400 data=-AZ3ke_agcwUmemnGR5QjAgpnDBSVW9LSsfJlfgZqoSKbfHyQ6PjsZQ7efgaGKD-RbvsAJ5N4TV1el-jiKkQ5g
mts0.google.com/vt/ Frame 2148 0
0 52ms
15ms Image
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=-AZ3ke_agcwUmemnGR5QjAgpnDBSVW9LSsfJlfgZqoSKbfHyQ6PjsZQ7efgaGKD-RbvsAJ5N4TV1el-jiKkQ5g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8986422483977215&output=html&h=280&slotname=5804293463&adk=553816739&adf=3718493517&pi=t.ma~as.5804293463&w=1200&fwrn=4&fwrnh=100&lmt=1686540732&rafmt=1&format=1200x280&url=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686544640625&bpp=2&bdt=145&idt=153&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7720150112954&frm=20&pv=1&ga_vid=574975649.1686544641&ga_sid=1686544641&ga_hid=293168686&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44788441&oid=2&pvsid=2239772222742740&tmod=1241596952&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ao1dHkeRZy&p=https%3A//iwtsp.com&dtd=277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2148 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2148 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2148 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2148 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2148 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2070216ee8fbec26a7a9e6ddc37a299ef5e4398798ed0660b42332d58fc5ed12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D54D24ZC9H&gtm=45je3671&_p=293168686&cid=574975649.1686544641&ul=en-us&_eu=AEA&_geo=1&_rdi=1&ngs=1&_s=2&sid=1686544640&sct=1&seg=0&dl=https%3A%2F%2Fiwtsp.com%2F971504044421%3Fsc%3D103960757ca88cbbbe574bf94b19ea34226a6662d&dt=%D8%A2%D9%8A%D9%88%D8%A7%D8%AA%D8%B3%D8%A7%D8%A8%20971504044421&en=scroll&epn.percent_scrolled=90&_et=16
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D54D24ZC9H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iwtsp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2148 33 KB
33 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 465999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:10:42 GMT

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 537D 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 464660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:33:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=2239772222742740&bg=!UFOlUwfNAAaGYqkwpmI7ADkAdvg8WgpcK5gl4AoH_y5eB-PuH92Qn_9WzyKJX3UKl82r8Hv1o9hB-4iQFtJyqASgwECwzMerEV4CAAAAVlIAAAACaAEHCgB1dQ_-aDNxN_FnCQDdhD4ww_AjJQMoSp_8aNwcT3xXd6YxtsThyAczo4QzrCKxKv2chA0aUr5u9Hex2EiYImOcovyXbapqk_V8hWxFT3TfRtbpU3OcnkHC0aVxBqYTmj0Zs5k1aI-y-DzPxoDb5HHc7OLBzr4hmQLJO45oYlDqkqFGoS79hzSYGb4AsqEE9Sx30bu7K5f4L17CjJQGCtI0G486gd-Bzv_tsjnqGv09REpsRtuw-FQt8LvOHX44Dh0mFhbK3pG_2mjM47iOyIeZgENcOPKCkRq9a6vqtRNj0y1s06_UFN706ktlpAEX2j6EHuLSB0243irFe5Pfw1OR0beT7H45BFZDX3-7g1Xr1hWPkp2tTvUcyfZU-4ayKqfR1oMK1fU-r4XKOH5D0Z7aPqtPtUOMA5PQlF66y-stOtZSseyExSCGIoy1CEH2-s94zYnCFDh3f56-XOEHqtF95JUuHx9LS3bW48St_nMdG93e0QxYudyfssZMgbcLpxzXPL-7rIL0srqwYJAVQ-4BcGVNH3kmackae_Z1DOIO0CmHyzebamZCm8khePzm_ibHd_L0fDAQbp3xVz99bYuOHlhrKHnjtNRfXCcjHxsFBPtwSf6934HEsRSbbcA46ReMdKA00WX3O4A7n_3EQVUyZa4PxQ-ynRaTDN-6HcMVttpw1zKXyYq5q6c9ErZJf6i05nXAKjT3Evm0-X4tt1Gzh63M6ycurnAA8B5NVUVR3iv2AjfC3X-4mb71IkVJLy8K0lyX2O4L6UFBF-0O2B3K9faWcf695zIjrcArr3B3dKlDh0bpkeHYsjD3j4HqOmrsE5uJSTgXYM3h1Wy1sXf3Yr3bHdUCnZiJ8WdCX4IXMHWnd4gDk73jbNhKEDIHD6nI_1yYmD-kxA0hwdnoP21S5OBy8284-uK8E1fWCLt5BOaGft1ZAB81cgDOz-eEHm1tX9JrywBWQgwdQruxAqb6QFfE1oBg3JciDAnY58ZUgi57eRrr1rxS8qF1H0hdRVEyyurjHygpXKX664vN10-1eIG0nyAv10dbUY3k4jRaJ6paMBuLetuRYUl41KzsMrUiAF-_bHdtUFAHb6ZXDnDy1Zg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.752322163937152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-uFvFykjjvP1SDPZcQhIVgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-uFvFykjjvP1SDPZcQhIVgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 59ms
58ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.140846107142004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-in6vDjtnzRRYN4exs7WnwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-in6vDjtnzRRYN4exs7WnwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD Show response
fundingchoicesmessages.google.com/el/ 0
28 B 20ms
20ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z1fXXeWrr6qwMdth2x6F0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z1fXXeWrr6qwMdth2x6F0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://iwtsp.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2148 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3ObX6p1AEgv7vpzCKrkEroM71L01lux7tX0ReZ1JIa-zJzoPNjNz4u7TwMDHQamCo8mgof7Nyz1az9tfjNazUJVuUbrj03yVVMFvSMoSrMUdugAllpgMl0kgt2glhLFylmF25JzDAtx6y&sai=AMfl-YRehuj8gq7FUe8_w71pbJjM1z3pKF930-OwiM3vfQht5cLcQmMEcBCUwTsrbcb8r_jSxzQfVkaKtz2S&sig=Cg0ArKJSzNN0giieSs23EAE&cid=CAQSGwBygQiD7DClCxCc9TEif_na03_UeDC8Bsg-FRgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=553816739&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686544640903&rpt=502&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 04:37:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rightnavadsanswer.-160x600- Show response
fundingchoicesmessages.google.com/f/AGSKWxU8cGgNe5kX0AjprD7oqKPg8Z4Srox2Nyevx0DA8fMpkX7kkmEau9dhhLfySXFvzmIMMi1VNGb74S46cCMFKsk2ZN3XaklpcXOmf23sKM07g3jKPv8H8CY3Ag1z1dCBE3XIIz2FvSdeXIvSUijT6eKtSJ7hD... 54 B
109 B 23ms
22ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU8cGgNe5kX0AjprD7oqKPg8Z4Srox2Nyevx0DA8fMpkX7kkmEau9dhhLfySXFvzmIMMi1VNGb74S46cCMFKsk2ZN3XaklpcXOmf23sKM07g3jKPv8H8CY3Ag1z1dCBE3XIIz2FvSdeXIvSUijT6eKtSJ7hDJ2ndMGR06_sw58-EaZuAGgb7nJJCWw=/__footer_ad__popunder_.160x600_/rightnavadsanswer.-160x600-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.pYOj5BgszJE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMx3zXCYIMXndwgSB1WNFu57Wy1oZw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

850c587060748f47d09d33c1c140eae86a21c06bb15b6c3b0c8dfd93315d6d79

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-loT3nZeoNepp7m--b42Wug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-loT3nZeoNepp7m--b42Wug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 82 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2327a803e741c200fec07b424a33df13ca615a4f7158fc42becbbef5b861a09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29998
x-xss-protection: 0
server: cafe
etag: 14765198048567714956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 05:17:07 GMT

POST
H3 204 AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD Show response
fundingchoicesmessages.google.com/el/ 0
28 B 23ms
23ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MZExuDPFXaLp_IPokdV1MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MZExuDPFXaLp_IPokdV1MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://iwtsp.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
39ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0k7Lle1ITABHVzX14iXHTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-0k7Lle1ITABHVzX14iXHTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://iwtsp.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD Show response
fundingchoicesmessages.google.com/el/ 0
28 B 32ms
32ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NF_6T3EsFKyj-ADcxzd9Hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-NF_6T3EsFKyj-ADcxzd9Hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://iwtsp.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVolcAvM6eMA9rGRdyVTS09foHOQ6ohTk6PC1fzORWdnACONBKwuTDwObx_B2gaT_kASDuUPV0KPzuuIhvF9LEQ2Ud1XWgPlD0V3NX-dGtXPs6xHg0MmmtcU6_sW_lzZMdpSRlD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HgZZiSrt2p-I888CLWpLdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HgZZiSrt2p-I888CLWpLdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://iwtsp.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXI0Zooj8mdZ0W6HzBly-7cciimr9f38k5JtQLy6zTPEi8KqccxwXIPGhaK_NiSYB3xEVAbEekdYoQyka6PNX-1Xsqv94LlzXZlIxMCBntkWqeWGuLhGkHa1AQrrXfCyEUdoSxP Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXI0Zooj8mdZ0W6HzBly-7cciimr9f38k5JtQLy6zTPEi8KqccxwXIPGhaK_NiSYB3xEVAbEekdYoQyka6PNX-1Xsqv94LlzXZlIxMCBntkWqeWGuLhGkHa1AQrrXfCyEUdoSxP?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2NTQ0NjQyLDcxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaXd0c3AuY29tLzk3MTUwNDA0NDQyMSIsbnVsbCxbWzgsInBZT2o1QmdzekpFIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9247574377840c160ec976d439f5cccc70223e629b79ff702aec7f736061be1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1QAjN9dh_CZiAwh52fPnyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwtsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1QAjN9dh_CZiAwh52fPnyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWmHUUNEVWrHEggvZsMGZIWhrBKWv5fQW7IXtgTQRG3xHnNlHFNITTdBRO9KiATmSCHM6IoclyrxJgJD-fHdkbP4mc1pcelGCbswRbxVrFPXO_VstgbWn6T3ZBP5QELpaGulerx Show response
fundingchoicesmessages.google.com/el/ 0
28 B 25ms
25ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWmHUUNEVWrHEggvZsMGZIWhrBKWv5fQW7IXtgTQRG3xHnNlHFNITTdBRO9KiATmSCHM6IoclyrxJgJD-fHdkbP4mc1pcelGCbswRbxVrFPXO_VstgbWn6T3ZBP5QELpaGulerx

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v82UbpA3_1iQyw7zZJOuBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iwtsp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Jun 2023 04:37:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v82UbpA3_1iQyw7zZJOuBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://iwtsp.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iwtsp.com/	1970-01-20 22:05:04	Name: _ga Value: GA1.2.574975649.1686544641
.iwtsp.com/	1970-01-20 12:30:31	Name: _gid Value: GA1.2.309581920.1686544641
.iwtsp.com/	1970-01-20 12:29:04	Name: _gat Value: 1
.iwtsp.com/	1970-01-20 21:50:40	Name: __gads Value: ID=c1747090bb71d10b-228608fe75e10023:T=1686544640:RT=1686544640:S=ALNI_MZ7h7IzqrS8sKlayU_pF1AcxGnUnw
.iwtsp.com/	1970-01-20 21:50:40	Name: __gpi Value: UID=00000c4a405dc6a8:T=1686544640:RT=1686544640:S=ALNI_ManPKyacNciYdhM3odueYbpgsVKaQ
.iwtsp.com/	1970-01-20 22:05:04	Name: _ga_D54D24ZC9H Value: GS1.1.1686544640.1.0.1686544641.0.0.0
.doubleclick.net/	1970-01-20 21:50:40	Name: IDE Value: AHWqTUn1YIuoCzOXO7UedSuuEse5TD55W4pwe5MjeJdgdOi_9M-ZlXP0gDXJToedEU4
.iwtsp.com/	1970-01-20 21:14:40	Name: FCNEC Value: %5B%5B%22AKsRol8YplQ8rwf6BYg-sYzvYXwij2xbaIiVvjsEpNBkuo9TxcDh1SWfwkU9B2hxnbQ-IZTbWENiUGtovSPttVfkhriUm-A1Oi5UhQYHWxB_iXS_Td7ZqGBRaozXI8Nxzz1ygWcHF_WtmD2zf5mAj71ebKZM3V7hTw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=-AZ3ke_agcwUmemnGR5QjAgpnDBSVW9LSsfJlfgZqoSKbfHyQ6PjsZQ7efgaGKD-RbvsAJ5N4TV1el-jiKkQ5g Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
app15.easysendyapp.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
iwtsp.com
maxcdn.bootstrapcdn.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
u33060736.ct.sendgrid.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
167.89.115.54
2001:4860:4802:34::36
212.83.149.54
2606:4700:3108::ac42:2b09
2606:4700::6810:3865
2606:4700::6812:bcf
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9b
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
06a68fe9a384bdf737cef6ffc6f1221378397c2755d4ae7bae60bc62a1c76ce0
074d09cd7a794a1924a4cc75d95f5d6a0cb514af099b1746ad150578f487ec18
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15e41e16b58dea79d102ca3478af207b1415da9a3ae0e3e6b87381b4997d1665
2070216ee8fbec26a7a9e6ddc37a299ef5e4398798ed0660b42332d58fc5ed12
2327a803e741c200fec07b424a33df13ca615a4f7158fc42becbbef5b861a09c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3dc5936c49ba430944eb73b0be0150a01fe2a22624d36d90a59ae001581baf38
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
42058f9b39097f00ed7050271dd9eef9b7dc68c9deb646b9a69f7c8c9bccf50d
4dc69898804a7002375165bda69b05f18e6d3335286e259daf633581fd3cc6b0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b7afc20198f729d4b74624cbe2fcd201289a98f20642307ced79df57cc39140
5fb73d94d7f0c98f2ab73fc6a3ddcb83b8199f0bb4bf9c3f71c188f812686b48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653b2956f467785d11687af511e93423b9854cd3e199e2ac1ab7b40ec0f98243
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80860d362fc1095284d3e472d04b5fc24606e7aa802e54e60de9d8cea26f3d88
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850c587060748f47d09d33c1c140eae86a21c06bb15b6c3b0c8dfd93315d6d79
886f5e1ca9829564815ee792fe86d96e4121f725db7fb7626d7ae98234d941a1
918cc97b2af24b9eb50817ab7a0aa755099551da82942c5fe4667752926fadc2
92caceb80914740ff956fa54cc2098c5f2f368dd565f7db5679b9f4ea3bdfcdd
955e07418ea1a7ca3df4deca3be2939cb74592fa13939ba5e8cd4ad0d9c675cb
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
a1885a80b149d49af7c942f1b942b90742837f52d105fe94a08cd621c5407ea6
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b9247574377840c160ec976d439f5cccc70223e629b79ff702aec7f736061be1
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1081075f06dd31d8515a532bf74019b8a4e9f3ad86b25f32348a33ac1552374
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
e3a1c63574dbc08cad3ecc5688e29821af425281cff2798005e240b8c82c3e60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec5e305c38f5189dc358fe1100c84d69bee4f8a2ea2c7f87635c87043f71faf7
ee167b87d89082d4619cc2455c685b718a7bb2a6577a5cc4efddbaf5ac63e7a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29354bfa3cf0f5421ce3c122baf9a1690f9fcabc538497aecf4561ef9a9a480
f5ba30a88bac1af8702dcd236411c53046433f3e9a75346defdd9c7ab7442069
fa444934c6cfaab4d3c4359e35d37ab4f1898fd6e78998080c78a8d4075ef59c

iwtsp.com Open in urlscan Pro 2606:4700:3108::ac42:2b09 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

90 %IPv6

15 Domains

23 Subdomains

20 IPs

4 Countries

739 kBTransfer

2025 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

iwtsp.com Open in urlscan Pro
2606:4700:3108::ac42:2b09 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

90 %
IPv6

15
Domains

23
Subdomains

20
IPs

4
Countries

739 kB
Transfer

2025 kB
Size

8
Cookies

70 HTTP transactions
5 data transactions