urlscan.io logo urlscan.io
SecurityTrails logo

www.wurstclient.net Open in urlscan Pro
2606:4700:3030::ac43:c139  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wurstclient.net/download/
Submission Tags: falconsandbox
Submission: On December 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3030::ac43:c139, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wurstclient.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.
This is the only time www.wurstclient.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2606:4700:3030::ac43:c139 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wurstclient.net
1    151.101.112.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cloud.githubusercontent.com
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
themes.googleusercontent.com
1    216.7.188.197 (United States)

ASN29863 (LATISYS-DENVER, US)
PTR: 216-7-188-197.riptidehosting.net
secureaddisplay.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
7    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    65.9.76.191 (Seattle, United States)

ASN16509 (AMAZON-02, US)
dtyry4ejybx0.cloudfront.net
1    64.92.206.220 (United States)

ASN29863 (LATISYS-DENVER, US)
PTR: 64-92-206-220.riptidehosting.net
cleanmediaads.com
Domain Requested by
7 www.wurstclient.net www.wurstclient.net
ajax.cloudflare.com
5 pagead2.googlesyndication.com ajax.cloudflare.com
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 cleanmediaads.com dtyry4ejybx0.cloudfront.net
1 dtyry4ejybx0.cloudfront.net secureaddisplay.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 secureaddisplay.com ajax.cloudflare.com
1 themes.googleusercontent.com www.wurstclient.net
1 ajax.cloudflare.com www.wurstclient.net
1 cloud.githubusercontent.com www.wurstclient.net
28 14

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
github.com
www.google.com
www.aboutads.info
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-17 -
2021-08-17		 a year crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
www.secureaddisplay.com
Go Daddy Secure Certificate Authority - G2		 2020-04-10 -
2021-01-25		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
cleanmediaads.com
Go Daddy Secure Certificate Authority - G2		 2020-04-10 -
2021-06-16		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.wurstclient.net/download/
Frame ID: 5052A128FE8AC0315CC1622299D7EDC5
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 56BEA296056BBAF079AED0E8D4A2CEA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5218363098774955&output=html&adk=1812271804&adf=1573534164&lmt=1607900619&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.wurstclient.net%2Fdownload%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608054714826&bpp=12&bdt=241&idt=71&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4135048728121&frm=20&pv=2&ga_vid=1531552966.1608054715&ga_sid=1608054715&ga_hid=799585954&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068768&oid=3&pvsid=221689030557873&pem=740&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=91
Frame ID: 1BB2263A40915559090289B02EEE7F86
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5218363098774955&output=html&h=280&slotname=6065673627&adk=3115819088&adf=2555147040&pi=t.ma~as.6065673627&w=960&fwrn=4&fwrnh=100&lmt=1607900619&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fdownload%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608054714839&bpp=4&bdt=254&idt=86&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4135048728121&frm=20&pv=1&ga_vid=1531552966.1608054715&ga_sid=1608054715&ga_hid=799585954&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068768&oid=3&pvsid=221689030557873&pem=740&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zCXxlzn45D&p=https%3A//www.wurstclient.net&dtd=93
Frame ID: BE884F5AE54E62ACA5C81117CA2403F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 44BBA4E527A1A72862F575318BA7B1D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Frame ID: 17ABF2870A66B6ABB2AE0C55959067BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

28
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

14
Subdomains

14
IPs

2
Countries

567 kB
Transfer

1492 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wurstclient.net/download/ 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7afd08b86ec9484c80964437529f61ede40e2f8fd636899bab7ed057d9be3381

Request headers

:method
GET
:authority
www.wurstclient.net
:scheme
https
:path
/download/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d63bf544c75244363e72f1fb4475f7a331608054714; expires=Thu, 14-Jan-21 17:51:54 GMT; path=/; domain=.wurstclient.net; HttpOnly; SameSite=Lax
last-modified
Sun, 13 Dec 2020 23:03:39 GMT
access-control-allow-origin
*
expires
Sun, 13 Dec 2020 23:22:39 GMT
cache-control
max-age=31536000
x-proxy-cache
MISS
x-github-request-id
B4B8:E7D1:457232:4B7065:5FD69FE6
via
1.1 varnish
age
234
x-served-by
cache-fra19170-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1607902525.420098,VS0,VE1
vary
Accept-Encoding
x-fastly-request-id
e9ec5d76b90e1751f4579cec90206df8d4a611fe
cf-cache-status
HIT
cf-request-id
070920c8c000002bf2289d3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RqFkg3UeS%2FgD5tKQKuiy4BTNG2a%2Fz%2FTZzQDqz57gI3HuuNqrvriiNKloxVp5NfoFlY1XDvIF5Blr1HRC8PU3s3l7Al76xDowgBzioet%2F813UlUnakigqAHn98T6Rbc0M"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
602203edfe9a2bf2-FRA
content-encoding
br
metro.woff
www.wurstclient.net/fonts/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/fonts/metro.woff
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e09087c9c75184e8fca26c35e6dad7590a3eacb669926eba40672870492e693

Request headers

Origin
https://www.wurstclient.net
Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
4415a321b0c83c93557d06654f6feb810a6ae7a2
date
Tue, 15 Dec 2020 17:51:54 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
577
x-cache
HIT
x-cache-hits
1
content-length
121556
cf-request-id
070920c8de00002bf246122000000001
x-served-by
cache-fra19145-FRA
last-modified
Sun, 13 Dec 2020 23:03:30 GMT
server
cloudflare
x-github-request-id
2792:DD53:43E51E:49D221:5FD69EA3
x-timer
S1607902526.608832,VS0,VE1
etag
"5fd69dc2-1dad4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N7op6buYInDOj23GiBoDeWN1atgTXmnyo57dr%2FXKePsrY9LFybqiFI4%2FXZL1kxOMBTGK9IpVir2Qci5WAs722J9%2F%2BnJgAY8EkBOvjBecCEuVQu2jswPFbepkuBanPdOT"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
602203ee2f392bf2-FRA
x-proxy-cache
MISS
expires
Tue, 15 Dec 2020 03:13:15 GMT
wi.css
www.wurstclient.net/css/ 		313 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/css/wi.css
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a012e3b274cab1a9e2e846c48f42f14202f524f561efc20189fd0116124a5d

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
9909cb7534556a154c5e9063720e4e8702748b3c
date
Tue, 15 Dec 2020 17:51:54 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
576
cf-polished
origSize=388954
x-cache
HIT
x-cache-hits
1
content-encoding
br
cf-request-id
070920c8de00002bf2423f3000000001
x-served-by
cache-fra19164-FRA
last-modified
Sun, 13 Dec 2020 23:03:30 GMT
server
cloudflare
x-github-request-id
8E7A:9F5F:84BCF7:8F9AFD:5FD69EA4
x-timer
S1607901006.266292,VS0,VE1
etag
W/"5fd69dc2-5ef5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FL1YNz6W0q70ZhQJsa%2BreiASRbrFvZ8YXErnmDQ9lUXlqCK%2FIRH3F8%2BkpI7XFk5sQqQQQvxhhAJPZ7gqoQj%2F9m2DxtKVvoo5EeLr%2BK3nzWZbQubgvXf8a5YvnLQHkLXk"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Sun, 13 Dec 2020 23:17:16 GMT
cache-control
max-age=31536000
cf-ray
602203ee3f3e2bf2-FRA
x-proxy-cache
MISS
cf-bgj
minify
api.js
www.wurstclient.net/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pXegQwuiFfmItQlUYDqf2%2BJoivjZQnWUe%2FRKDznFm%2FDeMBkqmuHdmuHvyCsJsxDKcfY2xx48ACqdSmUzlHv3g0fHjZ%2BJZl9vxxr5gFyRr4SIwA8ZDK1B%2BYfIOBBq8%2Fjy"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
602203ee3f432bf2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
070920c8df00002bf21f2c1000000001
d7aeb13a-983f-11e6-9c15-c4db572b5b18.png
cloud.githubusercontent.com/assets/10100202/19618025/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.githubusercontent.com/assets/10100202/19618025/d7aeb13a-983f-11e6-9c15-c4db572b5b18.png
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/download/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
1d8f1edfd26dff3bf4261657f8605b7761cfb8ec998e504b27b94cc5e4d22b27

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID
1d77f0fc95c879aabbdd5b4dbdfd8081fc0c9115
Date
Tue, 15 Dec 2020 17:51:54 GMT
Via
1.1 varnish
Age
2310935
X-Cache
HIT
Connection
keep-alive
Content-Length
8859
X-Served-By
cache-hhn4021-HHN
Last-Modified
Sat, 22 Oct 2016 08:11:07 GMT
Server
GitHub Cloud
X-Timer
S1608054715.675353,VS0,VE0
ETag
"e4b99a9269341836377f2e39817dfdff"
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
https://github.com
X-Cache-Hits
2
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
070920c8df0000bf0060bf7000000001
last-modified
Thu, 10 Dec 2020 17:14:28 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5fd25774-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fC6B8IL47CBCw3abqdZXb6McYHEP26gWtaE07ZlT6Z3LGwUMVxdqrG%2BV0uP9BXVYsRkWho1CuQdtgavphIqjDnfUE584%2FSTYv3v0MFvOL4rey7Wo5xZcRWHbtllFVfzP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
602203ee38cdbf00-FRA
expires
Thu, 17 Dec 2020 17:51:54 GMT
K88pR3goAWT7BTt32Z01mz8E0i7KZn-EPnyo3HZu7kw.woff
themes.googleusercontent.com/static/fonts/opensans/v8/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/static/fonts/opensans/v8/K88pR3goAWT7BTt32Z01mz8E0i7KZn-EPnyo3HZu7kw.woff
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/css/wi.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a723d2f99415f393e2537d9b0b0ba4c1b4d7a1ea964d1abdce0f310d92643ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wurstclient.net
Referer
https://www.wurstclient.net/css/wi.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 20:11:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
596445
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58076
x-xss-protection
0
expires
Wed, 08 Dec 2021 20:11:09 GMT
cookieconsent.js
www.wurstclient.net/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/js/cookieconsent.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcf7b9e8392855a361ad39e016544705ee4e371f6826b75577b05195d3c8244

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
2ce6c0e7f050aa07f7d46e4ba307d6ac08d9c724
date
Tue, 15 Dec 2020 17:51:54 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
570
cf-polished
origSize=21284
x-cache
HIT
x-cache-hits
1
content-encoding
br
cf-request-id
070920c94d00002bf23b802000000001
x-served-by
cache-fra19120-FRA
last-modified
Sun, 13 Dec 2020 23:03:30 GMT
server
cloudflare
x-github-request-id
C572:5BB8:45A05C:4BAB65:5FD69EA3
x-timer
S1607901007.843998,VS0,VE1
etag
W/"5fd69dc2-5324"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2FyU4AQpFBK1iZosbGk130BNuEGWhYFaB6C%2BwaV8gYeR%2BQFKdzSR1HvJFlIXrlB%2BzvhDFWqp9dhVEDE4SfhQORirV48h%2FRE4oRqp430rg9eSft4a%2Bvn%2FqlKND05f8n8Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 15 Dec 2020 17:52:24 GMT
cache-control
max-age=31536000
cf-ray
602203eee8fb2bf2-FRA
x-proxy-cache
MISS
cf-bgj
minify
/
secureaddisplay.com/au/bmd/ 		392 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secureaddisplay.com/au/bmd/
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.7.188.197 , United States, ASN29863 (LATISYS-DENVER, US),
Reverse DNS
216-7-188-197.riptidehosting.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4444d16c744bcdd2d390eca34e167c04517c6da9feb36d9db163c9a327216f8b

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
content-length
392
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47107
x-xss-protection
0
server
cafe
etag
13290078405355148527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Dec 2020 17:51:54 GMT
wi.js
www.wurstclient.net/js/ 		279 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/js/wi.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eebe12e6d24431d2a93f19d631335c7c5e549d972789755d8dbef155447e671

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
c891069b537ec5df2e3e0e260e050cbfc48487c6
date
Tue, 15 Dec 2020 17:51:54 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
570
cf-polished
origSize=418600
x-cache
HIT
x-cache-hits
1
content-encoding
br
cf-request-id
070920c94d00002bf2f5bb0000000001
x-served-by
cache-fra19131-FRA
last-modified
Sun, 13 Dec 2020 23:03:30 GMT
server
cloudflare
x-github-request-id
17A0:5FC7:7C2598:867EA4:5FD69EA5
x-timer
S1607901007.820124,VS0,VE1
etag
W/"5fd69dc2-66328"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sgXn%2BfNrWo4bJ%2F3ZBqdOwgweO7%2FHKzWF%2Bara7J5TF09QFRalnl5DAd7KBjfZUOEcxTgAGG7GxJJorkFMxuBsvDPvb6IszEiNlP1hKO2H9p%2FYC6PSjCUfeBwTyqJWeeVJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 15 Dec 2020 07:41:05 GMT
cache-control
max-age=31536000
cf-ray
602203eee8fc2bf2-FRA
x-proxy-cache
MISS
cf-bgj
minify
result
www.wurstclient.net/cdn-cgi/bm/cv/ 		0
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/cdn-cgi/bm/cv/result?req_id=602203edfe9a2bf2
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tNHO5D9fBYKnlKEzJOWPjvqutomVhkAwqPC8pwKu3YZzoLjdW4dOer51fczATmXUTNOSi18mh80bVup6qvkPDAZDmu6Fx%2FM1lN9bWfCmufb3GcGXWbsJfl6Cw8cxCZTv"}],"group":"cf-nel","max_age":604800}
cf-ray
602203ef7a762bf2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
070920c9ab00002bf2f1281000000001
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		234 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Dec 2020 17:51:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 56BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wurstclient.net/download/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wurstclient.net/download/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 15 Dec 2020 10:01:15 GMT
expires
Tue, 29 Dec 2020 10:01:15 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
28239
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		205 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.wurstclient.net&callback=_gfp_s_&client=ca-pub-5218363098774955
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
39699083c023a5ec27860c4766e258370fa4039ab6387e552ea37692ee9615e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wurstclient.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wurstclient.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1BB2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5218363098774955&output=html&adk=1812271804&adf=1573534164&lmt=1607900619&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.wurstclient.net%2Fdownload%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608054714826&bpp=12&bdt=241&idt=71&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4135048728121&frm=20&pv=2&ga_vid=1531552966.1608054715&ga_sid=1608054715&ga_hid=799585954&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068768&oid=3&pvsid=221689030557873&pem=740&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5218363098774955&output=html&adk=1812271804&adf=1573534164&lmt=1607900619&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.wurstclient.net%2Fdownload%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608054714826&bpp=12&bdt=241&idt=71&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4135048728121&frm=20&pv=2&ga_vid=1531552966.1608054715&ga_sid=1608054715&ga_hid=799585954&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068768&oid=3&pvsid=221689030557873&pem=740&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wurstclient.net/download/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wurstclient.net/download/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 15 Dec 2020 17:51:55 GMT
server
cafe
content-length
39045
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 15-Dec-2020 18:06:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Dec 2020 17:51:55 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a936cb9be475ed54a239951b62571ecd8377483d03a124ebd57e2e0be2070cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6482
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607690616793149"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28334
x-xss-protection
0
expires
Tue, 15 Dec 2020 17:51:54 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BE88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5218363098774955&output=html&h=280&slotname=6065673627&adk=3115819088&adf=2555147040&pi=t.ma~as.6065673627&w=960&fwrn=4&fwrnh=100&lmt=1607900619&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fdownload%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608054714839&bpp=4&bdt=254&idt=86&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4135048728121&frm=20&pv=1&ga_vid=1531552966.1608054715&ga_sid=1608054715&ga_hid=799585954&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068768&oid=3&pvsid=221689030557873&pem=740&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zCXxlzn45D&p=https%3A//www.wurstclient.net&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5218363098774955&output=html&h=280&slotname=6065673627&adk=3115819088&adf=2555147040&pi=t.ma~as.6065673627&w=960&fwrn=4&fwrnh=100&lmt=1607900619&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fdownload%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608054714839&bpp=4&bdt=254&idt=86&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4135048728121&frm=20&pv=1&ga_vid=1531552966.1608054715&ga_sid=1608054715&ga_hid=799585954&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068768&oid=3&pvsid=221689030557873&pem=740&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zCXxlzn45D&p=https%3A//www.wurstclient.net&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wurstclient.net/download/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wurstclient.net/download/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 15 Dec 2020 17:51:55 GMT
server
cafe
content-length
20848
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 15-Dec-2020 18:06:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Dec 2020 17:51:55 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Tue, 15 Dec 2020 17:51:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 44BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wurstclient.net/download/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wurstclient.net/download/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Tue, 15 Dec 2020 17:15:53 GMT
expires
Wed, 15 Dec 2021 17:15:53 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2162
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adloadbmd.js
dtyry4ejybx0.cloudfront.net/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.js?ver=00000163
Requested by
Host: secureaddisplay.com
URL: https://secureaddisplay.com/au/bmd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.76.191 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
df5b1c342a96ffe42d00a64b9ca1dfa3119068c1b5b1eeff10d11ca7eea7acff

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 14:02:18 GMT
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
Last-Modified
Sat, 21 Nov 2020 06:38:44 GMT
Server
Microsoft-IIS/7.0
Age
40166
X-Powered-By
ASP.NET
ETag
"908063f5d0bfd61:0"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
Content-Length
24035
X-Amz-Cf-Id
1wBULNPzeMquEYi26k-1_HZNqVpxvD3GqpLqUVTkBYby7RmpJG2Duw==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=221689030557873&bg=!wcKlwuLNAAXKjztBylijaw0Lr6aEwQIAAABIUgAAAA1oAQcKAJLjrBliXYKmQwEdToC3WMUp_SMt-gZmqphArfEUh8E4vxRGmgAIGF_Gtr3C2Y85wXr6cROLedDyIqOw22FBcOwuJ_s1ght8rG5h-31_wzIz6wBT45WIEs6C6HwDeN-EFZgal39nvXh2S4OlYd2sVMNfqteg7ahtrhpYjlU5RYR53VTaFgGGHFb5xz0ujGGl63P8gpkBvGq3Vj_Vg5OCuylXQflvPiKcdCnWpZQz3SjafE1t5vl4gGZkaDMujmIIqa1ghepfMBVe6yMkgpza0JrFIbCQ4Hv3WhZeFH8f2TYoguJny3OMdrA6_JuC2W3SJ-UafhX2keHfxA35G97e9rV5LhgMtNo5lAcGgBzoVZ0E5TUhYtCeRwcc_0LOWAVD4o0DyOMddHNTjPo-UVjipy7-MlAkqs1CS14Y-rnbTU5O3takHBMmMZdZAS80Dym0iXT6Qzet_lUqSp0FGE4Nb0HbHuEMtQYPHgKFtmp31nVmXPWjm8ROmwvIN26aOEMtsXxGbUlrNyvAEP4ghM6h3TrOE9terTkfI0WGGVKGyjdQ8ez8zdhxmF-Hj2utKRHzJGERkpA_dwzHwDJJ--EYFmHfb8VjUVufsPf-z-iQzNiuqpquExi-Nv89WKy-eCo9-G356UEZIESRqw3MnJLIeDetrhSBHS-6NF8XkS6O3OFT6Yc9CEQbzQgDlWGa1DDLvatAF1Bfke0VPfFNg0WDpQ8OBxr-2F-wmgRwQRpnC75lo5AXEQrvIw0SD7LQtp-FS16SUAXdPM2zyDQtYep-FDUN9A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 17:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
53263
x-xss-protection
0
server
cafe
etag
8848748755015014073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Dec 2020 17:51:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 17AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wurstclient.net/download/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.wurstclient.net/download/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 15 Dec 2020 10:35:23 GMT
expires
Tue, 29 Dec 2020 10:35:23 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
26192
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
cleanmediaads.com/bmd/bids/ 		200 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cleanmediaads.com/bmd/bids/?AULU=57486220191104T1748341403949ADD50F5D4DDF90B1F232C17A6D88&AULUID=BMD57486220191104T1748341403949ADD50F5D4DDF90B1F232C17A6D88_E0Xtl1608054715562&SiteURL=https%3A//www.wurstclient.net/download/&CANVisitorID=1294166658&isMobile=0
Requested by
Host: dtyry4ejybx0.cloudfront.net
URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.js?ver=00000163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.92.206.220 , United States, ASN29863 (LATISYS-DENVER, US),
Reverse DNS
64-92-206-220.riptidehosting.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f9c4ea303ad7caf54c6c5ee82c242c3f6e61a5d465c0374bef67d9c9f75bc00

Request headers

Referer
https://www.wurstclient.net/download/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:51:55 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
content-length
200

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| a0_0x433e function| a0_0x3d7e object| __CF$cv$params object| __cfQR object| adsbygoogle boolean| __cfRLUnblockHandlers object| cookieconsent function| $ function| jQuery string| METRO_VERSION boolean| METRO_AUTO_REINIT string| METRO_LANGUAGE string| METRO_LOCALE string| METRO_CURRENT_LOCALE string| METRO_SHOW_TYPE boolean| METRO_DEBUG number| METRO_CALENDAR_WEEK_START boolean| canObserveMutation function| isTouchDevice object| metroUtils function| metroTemplate object| metroCharm function| metroCharmIsOpened function| showMetroCharm function| hideMetroCharm function| toggleMetroCharm object| metroDialog object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map number| google_lpabyc number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms string| CANVisitorIsChristian string| CANVisitorIsCatholic number| CANVisitorID object| google_image_requests object| google_llp number| CANBMDScriptRan number| CANBMDScriptLoadRan number| CANBMDAdUnitCNT boolean| CMNisINiframe boolean| CMNfootervelementdisplayed object| CMNcurrentWindow object| CMNcurrentParentWindow undefined| CMNcurrentFrameElement object| DYNsheet function| CANBuildBMINSHTMLsub function| CMNfootervelementdisplay function| CMNisCurrentlyInView function| CMNisAlmostInView function| refreshTag22c function| CANNorefreshTag function| CMNLoadTest function| CMNmakeid function| BMDAdRefresher function| CANBMDDisplayAdR function| CANBMDDisplayAdRLoaded function| CANJSONisEmpty function| CANBMDRunADUnit function| CANBMDDisplayADUnit function| CANIncludeJS function| CANTryParseInt function| CanStringisEmpty function| CANaddScript function| CANaddScriptCode function| CANCloadScript function| CANTryParseFloat object| CANDOM function| CANgetElementsByClassName function| CanIsMobile function| startcanlazyload object| cadnetlazy

1 Cookies

Domain/Path Name / Value
.wurstclient.net/ Name: __cfduid
Value: d63bf544c75244363e72f1fb4475f7a331608054714

3 Console Messages

Source Level URL
Text
console-api log URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.js?ver=00000163(Line 31)
Message:
ifrstatus:false
console-api log URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.js?ver=00000163(Line 169)
Message:
BMDaucnt:1
console-api log URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.js?ver=00000163(Line 194)
Message:
BMDaucnt:1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cleanmediaads.com
cloud.githubusercontent.com
dtyry4ejybx0.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
secureaddisplay.com
themes.googleusercontent.com
tpc.googlesyndication.com
www.googletagservices.com
www.wurstclient.net
151.101.112.133
172.217.23.98
216.7.188.197
2606:4700:3030::ac43:c139
2606:4700::6810:a723
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2002
64.92.206.220
65.9.76.191
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f9c4ea303ad7caf54c6c5ee82c242c3f6e61a5d465c0374bef67d9c9f75bc00
1d8f1edfd26dff3bf4261657f8605b7761cfb8ec998e504b27b94cc5e4d22b27
2e09087c9c75184e8fca26c35e6dad7590a3eacb669926eba40672870492e693
39699083c023a5ec27860c4766e258370fa4039ab6387e552ea37692ee9615e3
4444d16c744bcdd2d390eca34e167c04517c6da9feb36d9db163c9a327216f8b
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6eebe12e6d24431d2a93f19d631335c7c5e549d972789755d8dbef155447e671
73a012e3b274cab1a9e2e846c48f42f14202f524f561efc20189fd0116124a5d
7a723d2f99415f393e2537d9b0b0ba4c1b4d7a1ea964d1abdce0f310d92643ad
7afd08b86ec9484c80964437529f61ede40e2f8fd636899bab7ed057d9be3381
a936cb9be475ed54a239951b62571ecd8377483d03a124ebd57e2e0be2070cb9
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bdcf7b9e8392855a361ad39e016544705ee4e371f6826b75577b05195d3c8244
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
df5b1c342a96ffe42d00a64b9ca1dfa3119068c1b5b1eeff10d11ca7eea7acff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149