www.wurstclient.net Open in urlscan Pro
2606:4700:3030::ac43:c139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wurstclient.net/updates/wurst-7-12-1/
Submission Tags: falconsandbox
Submission: On February 28 via api (February 28th 2021, 2:47:56 pm UTC) from US

Summary HTTP 41 Redirects Links 78 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3030::ac43:c139, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wurstclient.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time www.wurstclient.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3030::ac43:c139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.199.108.133 185.199.108.133	54113 (FASTLY) (FASTLY)
1	185.199.111.133 185.199.111.133	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	216.7.188.197 216.7.188.197	29863 (LATISYS-D...) (LATISYS-DENVER)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	13.32.23.47 13.32.23.47	16509 (AMAZON-02) (AMAZON-02)
1	64.92.206.220 64.92.206.220	29863 (LATISYS-D...) (LATISYS-DENVER)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
41	16

7 2606:4700:3030::ac43:c139 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wurstclient.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wiki.wurstclient.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.108.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-133.github.com

cloud.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.111.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-133.github.com

user-images.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.7.188.197 (United States)

ASN29863 (LATISYS-DENVER, US)
PTR: 216-7-188-197.riptidehosting.net

secureaddisplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-47.fra56.r.cloudfront.net

dtyry4ejybx0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.92.206.220 (United States)

ASN29863 (LATISYS-DENVER, US)
PTR: 64-92-206-220.riptidehosting.net

cleanmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	214 KB
7	wurstclient.net www.wurstclient.net wiki.wurstclient.net	294 KB
6	doubleclick.net googleads.g.doubleclick.net	40 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
2	googletagservices.com www.googletagservices.com	61 KB
2	google.de adservice.google.de	2 KB
2	githubusercontent.com cloud.githubusercontent.com user-images.githubusercontent.com	13 KB
1	cleanmediaads.com cleanmediaads.com	344 B
1	cloudfront.net dtyry4ejybx0.cloudfront.net	17 KB
1	googleadservices.com partner.googleadservices.com	480 B
1	secureaddisplay.com secureaddisplay.com	665 B
1	googleusercontent.com themes.googleusercontent.com	57 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
41	13

	Domain	Requested by
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com www.wurstclient.net googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.wurstclient.net googleads.g.doubleclick.net
6	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.wurstclient.net	www.wurstclient.net ajax.cloudflare.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	1 redirects
1	cleanmediaads.com	dtyry4ejybx0.cloudfront.net
1	dtyry4ejybx0.cloudfront.net	secureaddisplay.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secureaddisplay.com	ajax.cloudflare.com
1	themes.googleusercontent.com	www.wurstclient.net
1	ajax.cloudflare.com	www.wurstclient.net
1	user-images.githubusercontent.com	www.wurstclient.net
1	wiki.wurstclient.net	www.wurstclient.net
1	cloud.githubusercontent.com	www.wurstclient.net
41	17

This site contains links to these domains. Also see Links.

Domain
github.com
wiki.wurstclient.net
twitter.com
minecraft.gamepedia.com
fabricmc.net
www.youtube.com
www.reddit.com
www.curseforge.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.secureaddisplay.com Go Daddy Secure Certificate Authority - G2	`2021-01-18` - `2021-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
cleanmediaads.com Go Daddy Secure Certificate Authority - G2	`2020-04-10` - `2021-06-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.wurstclient.net/updates/wurst-7-12-1/
Frame ID: 0C3DEDE133B53E399818B5AC784692C9
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 4757BD4428F35B5D80C302D157836E33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&adk=1812271804&adf=1573534164&lmt=1614457834&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614523657767&bpp=9&bdt=230&idt=68&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4015980080214&frm=20&pv=2&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82
Frame ID: 232CE9BBC488787B8A41CC87B319DCDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: BA1BE04E98E01CD9ECCA3B35FA9D7E43
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
Frame ID: 90D6B061AE1F0DC9969986660BD5117D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html
Frame ID: FC948F6602A01D66E7C17EE864BB3AA6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CRIzpCq07YLWTAcjjYYzDhtAMz8zo6E311oyz9Ae69t_bxBYQASCfr9EpYJUCoAHz08vTA8gBCakCHs_zo0dBtD6oAwHIA0iqBNQBT9CqN6taKWuxqyM1mZ9K2bKDX9vyDYWBXAMonTFLLqOmMmitQGXc_fm6bivh7BgHbzywf4Kj1v2eETzkWyKMqW3CElgHMh6t_BKOUPt04k2CW3AzzMZW-AqVmCOkBig0ZAD_ryPMaDmTJHJ-t4j-O_DC0F73jLhY83fr1XdrVj0PfMbGavIjiTiLMmd-Wx5luLFS6Oz-2FyqtbzCyRfnc0wjRYiby0YzLjTr7Byk1aRLQrWNPVFdKtLuIaUkrOrPccmVcU7RpHTJimT54MjOLio-fAHABJjgu_aoAZIFBAgEGAGSBQQIBRgEoAYugAfPl7ovqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEM3mEtIICQiA4YBwEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi01MjE4MzYzMDk4Nzc0OTU1&sigh=5KWMpI4IpnU&template_id=419&tpd=AGWhJmsZiQwK5Yr_nONqylWGNSQrN2nta-HKHkX9KEJiWyC7JQ
Frame ID: 7AF166273E582855C19F6DD17E34E420
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C97A4DECAE2EC4664606555A394E1E91
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

41
Requests

100 %
HTTPS

63 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

704 kB
Transfer

1798 kB
Size

1
Cookies

78 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/Wurst-Imperium/Wurst7
Title: Source Code

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/_media/update/wurst_7.12.1.jpg
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Wurst+7.12.1+-+Bugfixes&url=https://www.wurstclient.net/updates/wurst-7-12-1/&via=Wurst_Imperium
Title:

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/basefinder
Title: BaseFinder

Search URL Search Domain Scan URL

URL: https://minecraft.gamepedia.com/Copper_Ore
Title: copper ore

Search URL Search Domain Scan URL

URL: https://minecraft.gamepedia.com/Amethyst_Geode
Title: amethysts

Search URL Search Domain Scan URL

URL: https://minecraft.gamepedia.com/Deepslate
Title: deepslate

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/chestesp
Title: ChestESP

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/mobspawnesp
Title: MobSpawnESP

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/search
Title: Search

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/antiafk
Title: AntiAFK

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/antiblind
Title: AntiBlind

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/anticactus
Title: AntiCactus

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/antiknockback
Title: AntiKnockback

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/antiwaterpush
Title: AntiWaterPush

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/antiwobble
Title: AntiWobble

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autoarmor
Title: AutoArmor

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autobuild
Title: AutoBuild

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autoeat
Title: AutoEat

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autoleave
Title: AutoLeave

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/automine
Title: AutoMine

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autopotion
Title: AutoPotion

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/antispam
Title: AntiSpam

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autodrop
Title: AutoDrop

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autofarm
Title: AutoFarm

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autofish
Title: AutoFish

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autosprint
Title: AutoSprint

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autosteal
Title: AutoSteal

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autotool
Title: AutoTool

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autototem
Title: AutoTotem

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/autowalk
Title: AutoWalk

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/bonemealaura
Title: BonemealAura

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/bowaimbot
Title: BowAimbot

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/buildrandom
Title: BuildRandom

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/bunnyhop
Title: BunnyHop

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/clickaura
Title: ClickAura

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/dolphin
Title: Dolphin

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/fastladder
Title: FastLadder

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/feedaura
Title: FeedAura

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/flight
Title: Flight

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/freecam
Title: Freecam

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/fullbright
Title: Fullbright

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/glide
Title: Glide

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/healthtags
Title: HealthTags

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/itemesp
Title: ItemESP

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/killaura
Title: Killaura

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/mobesp
Title: MobESP

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/mountbypass
Title: MountBypass

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/nuker
Title: Nuker

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/openwateresp
Title: OpenWaterESP

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/playeresp
Title: PlayerESP

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/snowshoe
Title: SnowShoe

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/spider
Title: Spider

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/tillaura
Title: Tillaura

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/tunneller
Title: Tunneller

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/cmd/gm
Title: .gm

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/cmd/help
Title: .help

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/cmd/rename
Title: .rename

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/cmd/taco
Title: .taco

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/altmanager
Title: Alt Manager

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/vanillaspoof
Title: VanillaSpoof

Search URL Search Domain Scan URL

URL: https://wiki.wurstclient.net/navigator
Title: Navigator

Search URL Search Domain Scan URL

URL: https://fabricmc.net/use/
Title: Fabric installer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Wv0vPUwitJs
Title: install Java

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/WurstClient/comments/hg6xce/cant_launch_the_game_read_this_first/
Title: “How to fix your Wurst installation”

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/mc-mods/fabric-api

Search URL Search Domain Scan URL

URL: https://github.com/Wurst-Imperium/Wurst-MCX2/releases/download/v7.12.1/Wurst-Client-v7.12.1-MC1.16.5.jar
Title: Wurst Client v7.12.1 MC1.16.5 for Minecraft 1.16.5

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/mc-mods/fabric-api/files/3159126
Title: (Fabric API for MC 1.16.5)

Search URL Search Domain Scan URL

URL: https://github.com/Wurst-Imperium/Wurst-MCX2/releases/download/v7.12.1/Wurst-Client-v7.12.1-MC21w08a.jar
Title: Wurst Client v7.12.1 MC21w08a for Minecraft 21w08a

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/mc-mods/fabric-api/files/3215852
Title: (Fabric API for MC 21w08a)

Search URL Search Domain Scan URL

URL: https://github.com/Wurst-Imperium/Wurst-MCX2/releases/download/v7.12.1/Wurst-Client-v7.12.1-MC21w07a.jar
Title: Wurst Client v7.12.1 MC21w07a for Minecraft 21w07a

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/mc-mods/fabric-api/files/3207629
Title: (Fabric API for MC 21w07a)

Search URL Search Domain Scan URL

URL: https://github.com/Wurst-Imperium/Wurst-MCX2/releases/download/v7.12.1/Wurst-Client-v7.12.1-MC21w06a.jar
Title: Wurst Client v7.12.1 MC21w06a for Minecraft 21w06a

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/mc-mods/fabric-api/files/3199380
Title: (Fabric API for MC 21w06a)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=4ehYzP6b_C8
Title: Video Tutorial by Favores: How To Install Wurst 7

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=BrRbD5_0kkA
Title: Video Tutorial by Udisen: How To Install Wurst 7

Search URL Search Domain Scan URL

URL: https://github.com/Wurst-Imperium/wurstclient.net/edit/gh-pages/_updates/minecraft-1-16/2021-02-17-Wurst-7.12.1.md
Title: Edit Page

Search URL Search Domain Scan URL

URL: https://github.com/Wurst-Imperium/wurstclient.net/blob/gh-pages/_updates/minecraft-1-16/2021-02-17-Wurst-7.12.1.md
Title: View Source

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wurstclient.net/updates/wurst-7-12-1/ 20 KB
6 KB 153ms
132ms Document
text/html 2606:4700:3030::ac43:c139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wurstclient.net/updates/wurst-7-12-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be8019936afd042e0c5011abd1c9b3575e770ab2558b44e5ed1d79d2d182d74c

Request headers

:method: GET
:authority: www.wurstclient.net
:scheme: https
:path: /updates/wurst-7-12-1/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d437b7e172e95781d8a875bb0729b88ce1614523657; expires=Tue, 30-Mar-21 14:47:37 GMT; path=/; domain=.wurstclient.net; HttpOnly; SameSite=Lax
last-modified: Sat, 27 Feb 2021 20:30:34 GMT
access-control-allow-origin: *
expires: Sun, 28 Feb 2021 14:41:56 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: B81C:9525:17C93A:1B6EFD:603AAC57
via: 1.1 varnish
x-served-by: cache-fra19169-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1614458153.717849,VS0,VE87
vary: Accept-Encoding
x-fastly-request-id: aa7aac4b3c5206345d49b56465e7124f50b955a4
cf-cache-status: REVALIDATED
cf-request-id: 088ab504bc00004e447619e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rs7oRg1aHbEvNJQr2X5F%2FFN9BtzTnXYhMuXn9UEL1FMEWU3LnQH4QvpMp5j%2Fq6jVLZ6Rz9On0sM4hjW5fdmn7o1F5Wv2K0eqTqxWxjF%2FpYDwceed4LWVnNLWK7aHbet%2B"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 628af11ac86b4e44-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 metro.woff
www.wurstclient.net/fonts/ 119 KB
119 KB 16ms
16ms Font
font/woff 2606:4700:3030::ac43:c139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wurstclient.net/fonts/metro.woff
Requested by: Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e09087c9c75184e8fca26c35e6dad7590a3eacb669926eba40672870492e693

Request headers

Origin: https://www.wurstclient.net
Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: d00f2d0f5987a7b82164004ca9165056f8cc7c03
date: Sun, 28 Feb 2021 14:47:37 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 457
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121556
cf-request-id: 088ab5054600004e444fbff000000001
x-served-by: cache-fra19132-FRA
last-modified: Sat, 27 Feb 2021 20:30:26 GMT
server: cloudflare
x-github-request-id: DF6E:1A24:3B37B8:5B1203:603AAC30
x-timer: S1614458012.011303,VS0,VE87
etag: "603aabe2-1dad4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a1%2FO4Y2eziZthYi%2BtkmF%2BbpfsElG5JOmg71J7urYhstvDRjBOm0RxzxU3BtwlBreh4iHn8VDdVMJNWAAzsFeocYHoopDEbHWQ2ta9QWO%2B6t5Qh%2Bgppj8HRnPPbUPs54L"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 628af11baa6e4e44-FRA
x-proxy-cache: MISS
expires: Sat, 27 Feb 2021 20:41:44 GMT

GET
H2 200 wi.css
www.wurstclient.net/css/ 308 KB
37 KB 21ms
21ms Stylesheet
text/css 2606:4700:3030::ac43:c139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wurstclient.net/css/wi.css
Requested by: Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44da4a6ffe32f80e4082a76f7b96d91f67acb0d2c08f7507b97a8408a16cc7cd

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: a7cb5fd38282d007015ad2f451bf72af9687e491
date: Sun, 28 Feb 2021 14:47:37 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 457
cf-polished: origSize=383881
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088ab5054700004e4482b88000000001
x-served-by: cache-fra19168-FRA
last-modified: Sat, 27 Feb 2021 20:30:26 GMT
server: cloudflare
x-github-request-id: DE96:6843:22B4C:1DB1A6:603AAC34
x-timer: S1614458012.010391,VS0,VE88
etag: W/"603aabe2-5db89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tujsOXEaiVRtclxa7QykRYYkNwDVKnLKikACwBSShuEF3VjsV35xfKVIDlM2LiIiGjYkCq%2Fqoyq0CHB1zGA6ac4E%2BeEnBEY0RY1fv5wLrvduxmv4XK32Lgsf%2FXrtdYtF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 27 Feb 2021 20:41:48 GMT
cache-control: max-age=31536000
cf-ray: 628af11baa774e44-FRA
x-proxy-cache: MISS
cf-bgj: minify

GET
H2 200 api.js Show response
www.wurstclient.net/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 9ms
8ms Script
text/javascript 2606:4700:3030::ac43:c139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wurstclient.net/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nLKZrmgdLKELMwXBXtYo%2F2LRZRqD%2B1niWzQu2tDbuzcTMlu1f%2BGLfbChCU%2BDTuNX9%2FplrmnLhUFgfZoVDYfGwTW55Cc7BGPvj5JvisVK0DQvs7zDjPVq9wMzqdM6ZU76"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 628af11baa7a4e44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088ab5054900004e44502f0000000001

GET
H2 200 d7aeb13a-983f-11e6-9c15-c4db572b5b18.png
cloud.githubusercontent.com/assets/10100202/19618025/ 9 KB
9 KB 50ms
16ms Image
image/png 185.199.108.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.githubusercontent.com/assets/10100202/19618025/d7aeb13a-983f-11e6-9c15-c4db572b5b18.png
Requested by: Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-133.github.com
Software: GitHub Cloud /
Resource Hash: 1d8f1edfd26dff3bf4261657f8605b7761cfb8ec998e504b27b94cc5e4d22b27

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 18450d0aeb980be7b410c7b68f2ff7dff8eb33bd
date: Sun, 28 Feb 2021 14:47:37 GMT
via: 1.1 varnish
age: 2116255
x-cache: HIT
content-length: 8859
x-served-by: cache-cdg20778-CDG
last-modified: Sat, 22 Oct 2016 08:11:07 GMT
server: GitHub Cloud
x-timer: S1614523658.584338,VS0,VE1
etag: "e4b99a9269341836377f2e39817dfdff"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://github.com
x-cache-hits: 1

GET
H2 200 wurst_7.12.1_540p.webp
wiki.wurstclient.net/_media/update/ 54 KB
55 KB 48ms
41ms Image
image/webp 2606:4700:3030::ac43:c139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wiki.wurstclient.net/_media/update/wurst_7.12.1_540p.webp
Requested by: Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7a9b37e47870c3939ca42b58573ffdf833cd82d16f0af35ee7635428561334

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="wurst_7.12.1_540p.webp";
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55458
cf-request-id: 088ab5055000004e44522fd000000001
pragma: no-cache
last-modified: Wed, 17 Feb 2021 20:28:30 GMT
server: cloudflare
etag: "b9a92b52e1b365040df5072e6311fa31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=albw4%2Fx8ICCHzsRwORQFVqMOOybAY9A2K4EJfoJnrwrotF3K6l%2FKmnPY9k7FbuJXsFf%2BuihX3tH8i2Xv56gHDMCYj9vNB8Q8wvEkg7I4M15r39pMNIqeHFmoyjfAW9qMWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, proxy-revalidate, no-transform, max-age=86400
accept-ranges: bytes
cf-ray: 628af11bbaa64e44-FRA
expires: Mon, 01 Mar 2021 14:47:37 GMT

GET
H2 200 93722968-0aec9180-fb9b-11ea-9983-bc0fc51b47ab.png
user-images.githubusercontent.com/10100202/ 4 KB
4 KB 50ms
15ms Image
image/png 185.199.111.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-images.githubusercontent.com/10100202/93722968-0aec9180-fb9b-11ea-9983-bc0fc51b47ab.png
Requested by: Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-133.github.com
Software: GitHub Cloud /
Resource Hash: f00c0c8b1ab18136b1837b880bb4c1b0e1be1e2e79b63345433bb3d5cee1f87e

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: a2e740b6b02d539593d591739cf7f29bd69d68e7
date: Sun, 28 Feb 2021 14:47:37 GMT
via: 1.1 varnish
age: 888287
x-cache: HIT
content-length: 3710
x-served-by: cache-cdg20774-CDG
last-modified: Sun, 20 Sep 2020 21:43:13 GMT
server: GitHub Cloud
x-timer: S1614523658.584188,VS0,VE0
etag: "a89c65cbb0599a1965f29431ce9f0c12"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://github.com
x-cache-hits: 1

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 31ms
13ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 088ab5055a000063fb67bb3000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F%2F51xyHVQ3cX0ZMa%2BBoGF4lBC1aDMJ%2FyFa6MqzewXXFfWahga3BBjYTfZnHjSmoJufYi7FZ0RrV0P5XrZvFUgKKUyx0nD3M7sHWcvSIFBvb6nHipf4YIGzQ6OyK91IVh"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 628af11bcefe63fb-FRA
expires: Tue, 02 Mar 2021 14:47:37 GMT

GET
H2 200 K88pR3goAWT7BTt32Z01mz8E0i7KZn-EPnyo3HZu7kw.woff
themes.googleusercontent.com/static/fonts/opensans/v8/ 57 KB
57 KB 28ms
8ms Font
font/woff 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/opensans/v8/K88pR3goAWT7BTt32Z01mz8E0i7KZn-EPnyo3HZu7kw.woff

Requested by

Host: www.wurstclient.net
URL: https://www.wurstclient.net/css/wi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a723d2f99415f393e2537d9b0b0ba4c1b4d7a1ea964d1abdce0f310d92643ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wurstclient.net
Referer: https://www.wurstclient.net/css/wi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 440045
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58076
x-xss-protection: 0
expires: Wed, 23 Feb 2022 12:33:32 GMT

GET
H2 200 / Show response
secureaddisplay.com/au/bmd/ 396 B
665 B 454ms
151ms Script
text/html 216.7.188.197
LATISYS-DENVER

General

Check archive.org

Show headers Download Go to

Full URL: https://secureaddisplay.com/au/bmd/
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.7.188.197 , United States, ASN29863 (LATISYS-DENVER, US),
Reverse DNS: 216-7-188-197.riptidehosting.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f57c706b2603592ea4810af0c2b62aabb5dc40aba7c432da923c61809d06710

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 396

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49420
x-xss-protection: 0
server: cafe
etag: 13386428730629145965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 14:47:37 GMT

GET
H2 200 wi.js Show response
www.wurstclient.net/js/ 279 KB
67 KB 23ms
22ms Script
application/javascript 2606:4700:3030::ac43:c139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wurstclient.net/js/wi.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eebe12e6d24431d2a93f19d631335c7c5e549d972789755d8dbef155447e671

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: b58f8ae0a4435198d2f0f5dd2b64d2186939651b
date: Sun, 28 Feb 2021 14:47:37 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 457
cf-polished: origSize=418600
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088ab505ca00004e44358df000000001
x-served-by: cache-fra19121-FRA
last-modified: Sat, 27 Feb 2021 20:30:26 GMT
server: cloudflare
x-github-request-id: C9D8:7130:37C663:5793ED:603AAC35
x-timer: S1614458012.356206,VS0,VE86
etag: W/"603aabe2-66328"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0CyI%2F%2BThUTVwClpGFcpVJdSAfoODgRZubgdxtiq5cqGQsM%2Bknhdx9NbGb4eBODNDhR2SR55cFenRgvfB3LVqsM30T06kpTIDxTWMFwjTs2qdzbXFxwRnEeOUtdjnkyTz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 28 Feb 2021 07:49:59 GMT
cache-control: max-age=31536000
cf-ray: 628af11c7c474e44-FRA
x-proxy-cache: MISS
cf-bgj: minify

POST
H2 204 result Show response
www.wurstclient.net/cdn-cgi/bm/cv/ 0
510 B 11ms
10ms XHR
text/plain 2606:4700:3030::ac43:c139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wurstclient.net/cdn-cgi/bm/cv/result?req_id=628af11ac86b4e44
Requested by: Host: www.wurstclient.net
URL: https://www.wurstclient.net/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JnMp4B4CtceVLvkWAyem5tjWmGNC3fLvFkO1YlAvc1B0c9B9%2BbmgxNZpzayRAlIU215Tn4M%2F57dyiB%2BHok%2FuD3lUmPV31b5sEjAL2FyOceunhGgHT2N48iDMGshnfUYF"}],"group":"cf-nel","max_age":604800}
cf-ray: 628af11ced584e44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088ab5061000004e4420b05000000001

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
85 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5218363098774955&plah=www.wurstclient.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 14:47:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 4757 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wurstclient.net/updates/wurst-7-12-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wurstclient.net/updates/wurst-7-12-1/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Feb 2021 02:25:28 GMT
expires: Sun, 14 Mar 2021 02:25:28 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 44529
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
480 B 112ms
56ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.wurstclient.net&callback=_gfp_s_&client=ca-pub-5218363098774955

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5218363098774955&plah=www.wurstclient.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 38ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wurstclient.net&meb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 50ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wurstclient.net&meb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 232C 14 KB
2 KB 106ms
92ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&adk=1812271804&adf=1573534164&lmt=1614457834&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614523657767&bpp=9&bdt=230&idt=68&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4015980080214&frm=20&pv=2&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67f30f719873f837830f420e2a97f456a8822079852399a1d3ddf552a056f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5218363098774955&output=html&adk=1812271804&adf=1573534164&lmt=1614457834&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614523657767&bpp=9&bdt=230&idt=68&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4015980080214&frm=20&pv=2&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wurstclient.net/updates/wurst-7-12-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wurstclient.net/updates/wurst-7-12-1/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 14:47:37 GMT
server: cafe
content-length: 993
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 15:02:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 14:47:37 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 49ms
32ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7c7bde9131601023d83879cd31b74c3a8d5d64a993a8195b8f80df69217200c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6454
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 61ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 28 Feb 2021 14:47:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 14:47:37 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame BA1B 12 KB
5 KB 27ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wurstclient.net/updates/wurst-7-12-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wurstclient.net/updates/wurst-7-12-1/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 12:53:35 GMT
expires: Mon, 28 Feb 2022 12:53:35 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6842
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 42ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wurstclient.net&meb=1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 14:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 56ms
41ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wurstclient.net&meb=1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 14:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90D6 103 KB
33 KB 382ms
382ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edddec7577b4fc99103f2cf990e41e56347ddf23524098aca60b632598e5965

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXA-KjpjO8CFchxGAodjKEByg&gqi=Cq07YMA_xo3F3A_gj5voDg&layout=/sadbundle/%24csp%253Der3%24/14751465879233591646/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wurstclient.net/updates/wurst-7-12-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wurstclient.net/updates/wurst-7-12-1/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXA-KjpjO8CFchxGAodjKEByg&gqi=Cq07YMA_xo3F3A_gj5voDg&layout=/sadbundle/%24csp%253Der3%24/14751465879233591646/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 14:47:38 GMT
server: cafe
content-length: 32905
x-xss-protection: 0
set-cookie: IDE=AHWqTUlTFZ0-ZwpjBK6XwDzT1gjj-D7LwAtHQxci9a5_T5zeSWBf8AgQ6CqG70WDzg4; expires=Fri, 25-Mar-2022 14:47:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 14:47:38 GMT
cache-control: private

GET
H3-Q050 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
pagead2.googlesyndication.com/bg/ Frame BA1B 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 10:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 16519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Mon, 28 Feb 2022 10:12:19 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=587458377585824&bg=!ammlaSrNAAXB_3NtwTsAKQB2-DxatN1ccPBeB2R61mhWOn4YV5GdMrb83vM8oSFfJ9UzsE8crlhvAgAAADhSAAAAC2gBBwoBdU0TSFJkARwH8hEhIN1-BrpZV9HZolISBBpH8hVqX1jpcFYbjpoX1cpWwiA4quH1gBD-GSKCYuqviTgplp5yBMuxCT6t9vaolD9KSx43MrWaHgPDtDFlloXx6sK_gghQf9A8_DzHnJnolBuVrgKPD4RAhwXvDS4UHY1R2O5wyjStQPsah8Q8APzUOZqHhNVieOCEbtJKTyvikT4lXgPler4zdZzldjZpXFjmdyrUsMrsFzfV3NzZmDvxMcRTURmzDzjV9xgobz5zQOOTn2lTFDPUhmLMo_ZEOAzkFbe521P6soK1KDHV12rSSaCpO4-QvwHhugKHLFRVg4CGpC64iv4faL0Hf1RrpWY7GvKeLsmwwbLMjFEMvm15QivNGgoKIo6GSTT8A2FgWSvhvKfCiIZ_yqHyCcnUhC5LU5qoyK09UIkUc2T57YTsh5f0DL1So4904hRKnfWx38vpm60-MtldsJBgKOTMEEYCpehzrkTCnqbl0ZiZAdONagS_yiYngb-Db0dD2RkW5ZK1_IxVpNFTISBGmNLmKo-cNc5G5i0g5y9Qx5h-tudSZDnoWz3SP8EoqI9hcwKfteI3VBMs6_avlAO1O1FXFYiBZ7grrBPbVmY7rFzEXwtQ7J4J92Zh3UdIEHe5hnDulXgCDzjCSZMh3b8rYFkkJT-qONT3U0dnAX3vX_yyZp-WI3yZmoL6ddMpfbhIwlOCwySd-DuQrKsEbc9iGtAzTMM0Rl-FVhocbd-hy4GgyRJn-nLC7mMY-_2dnb50eseZg9D8thbsee-RVoREH2zSsj_0HrBfAljW0A1zz33a87oBY8y0iJc1h5e5f9Wzn_LFBr-obryn7kLe6r8Q54-JmBg2z4uUADOzOO6Sbk4z094FV1w4eg5dO2O_mM_MTC9dsw5QIpfUC1jsbBoOhUB9RwZ2MWEhmPGrYl0LBBHm0TL1qmOvxSotk0wQJhr6Mr6-xuEp40ewmlrbDyJnvR7qNmcbldoX52qb8sePZ0zKmUkthEa2GwTj9OREq8dU3Kf2SypMZbMvITidQ-sDNS0ghjN_aTp8KmpKDRCMJqBh6SU-ORbJlEv_2rI4DVODQKQ1-qILWgKLBR_-moqUV6REjuOarQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 14:47:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adloadbmd.min.js Show response
dtyry4ejybx0.cloudfront.net/js/ 16 KB
17 KB 95ms
29ms Script
application/x-javascript 13.32.23.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.min.js?ver=00000189
Requested by: Host: secureaddisplay.com
URL: https://secureaddisplay.com/au/bmd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-47.fra56.r.cloudfront.net
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: abb00fe7285a288c6684f444ecda47236e5c4fe26feaf462b13c34183e9f1217

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 06:42:03 GMT
Via: 1.1 6c63b8e5a6627b953ced3e530ce1b09d.cloudfront.net (CloudFront)
Last-Modified: Sun, 28 Feb 2021 06:41:03 GMT
Server: Microsoft-IIS/7.0
Age: 29095
X-Powered-By: ASP.NET
ETag: "b08d21af9cdd71:0"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 16673
X-Amz-Cf-Id: eUXXDYFpStPE4PhEa-_gPXqn-gU1BrfTZi7tIY7dykT1hk3enOjtYA==

GET
H2 200 / Show response
cleanmediaads.com/bmd/bids/ 200 B
344 B 457ms
158ms Script
text/html 64.92.206.220
LATISYS-DENVER

General

Check archive.org

Show headers Download Go to

Full URL: https://cleanmediaads.com/bmd/bids/?AULU=57486220191104T1748341403949ADD50F5D4DDF90B1F232C17A6D88&AULUID=BMD57486220191104T1748341403949ADD50F5D4DDF90B1F232C17A6D88_6hann1614523658225&SiteURL=https%3A//www.wurstclient.net/updates/wurst-7-12-1/&CANVisitorID=1574505784&isMobile=0
Requested by: Host: dtyry4ejybx0.cloudfront.net
URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.min.js?ver=00000189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.92.206.220 , United States, ASN29863 (LATISYS-DENVER, US),
Reverse DNS: 64-92-206-220.riptidehosting.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4716bac7e60c54a8e65659bce0bee86adea9e91b49e6750974b2dfe131e61802

Request headers

Referer: https://www.wurstclient.net/updates/wurst-7-12-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:38 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 200

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/ Frame FC94 72 KB
18 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html

Requested by

Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c66f73bafe42e4b9f740790484b7e010302898f17eb841f1a29829c5c255742f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/14751465879233591646/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 27 Feb 2021 10:29:52 GMT
expires: Sun, 27 Feb 2022 10:29:52 GMT
last-modified: Wed, 01 Jun 2016 12:54:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 17542
age: 101866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7AF1 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRIzpCq07YLWTAcjjYYzDhtAMz8zo6E311oyz9Ae69t_bxBYQASCfr9EpYJUCoAHz08vTA8gBCakCHs_zo0dBtD6oAwHIA0iqBNQBT9CqN6taKWuxqyM1mZ9K2bKDX9vyDYWBXAMonTFLLqOmMmitQGXc_fm6bivh7BgHbzywf4Kj1v2eETzkWyKMqW3CElgHMh6t_BKOUPt04k2CW3AzzMZW-AqVmCOkBig0ZAD_ryPMaDmTJHJ-t4j-O_DC0F73jLhY83fr1XdrVj0PfMbGavIjiTiLMmd-Wx5luLFS6Oz-2FyqtbzCyRfnc0wjRYiby0YzLjTr7Byk1aRLQrWNPVFdKtLuIaUkrOrPccmVcU7RpHTJimT54MjOLio-fAHABJjgu_aoAZIFBAgEGAGSBQQIBRgEoAYugAfPl7ovqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEM3mEtIICQiA4YBwEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi01MjE4MzYzMDk4Nzc0OTU1&sigh=5KWMpI4IpnU&template_id=419&tpd=AGWhJmsZiQwK5Yr_nONqylWGNSQrN2nta-HKHkX9KEJiWyC7JQ

Requested by

Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-12-1/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 28 Feb 2021 14:47:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 7AF1 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 14:41:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 7AF1 3 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 14:46:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AF1 107 KB
33 KB 58ms
45ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 14:47:38 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 7AF1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 14:46:22 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C97A 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlTFZ0-ZwpjBK6XwDzT1gjj-D7LwAtHQxci9a5_T5zeSWBf8AgQ6CqG70WDzg4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5218363098774955&output=html&h=280&adk=1047287370&adf=588412893&pi=t.aa~a.827104633~i.14~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1614457834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1445400514&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fwww.wurstclient.net%2Fupdates%2Fwurst-7-12-1%2F&flash=0&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614523657975&bpp=2&bdt=437&idt=2&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4015980080214&frm=20&pv=1&ga_vid=1533132178.1614523658&ga_sid=1614523658&ga_hid=2038397274&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C21068083%2C21068945%2C21069711&oid=2&pvsid=587458377585824&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1t0G5TsU3M&p=https%3A//www.wurstclient.net&dtd=10

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 28 Feb 2021 14:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 785
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FC94 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 04:25:41 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FC94 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14751465879233591646/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:41:54 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C97A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

40ms
40ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlTFZ0-ZwpjBK6XwDzT1gjj-D7LwAtHQxci9a5_T5zeSWBf8AgQ6CqG70WDzg4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 14:47:38 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 28-Feb-2021 15:47:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 14:47:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 14:47:38 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
pagead2.googlesyndication.com/bg/ Frame FC94 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 10:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 16519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Mon, 28 Feb 2022 10:12:19 GMT

GET
DATA 200
OK truncated
/ Frame 7AF1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fe8f18ac11e3426e5004832c105b5fb3af5e633ab8a8699ec167b6e78e194eb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wurstclient.net/	1970-01-19 17:11:55	Name: __cfduid Value: d437b7e172e95781d8a875bb0729b88ce1614523657

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.min.js?ver=00000189(Line 1) Message: ifrstatus:false
console-api	log	URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.min.js?ver=00000189(Line 1) Message: BMDaucnt:1
console-api	log	URL: https://dtyry4ejybx0.cloudfront.net/js/adloadbmd.min.js?ver=00000189(Line 1) Message: BMDaucnt:1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cleanmediaads.com
cloud.githubusercontent.com
dtyry4ejybx0.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
secureaddisplay.com
themes.googleusercontent.com
tpc.googlesyndication.com
user-images.githubusercontent.com
wiki.wurstclient.net
www.google.com
www.googletagservices.com
www.wurstclient.net
13.32.23.47
172.217.18.98
185.199.108.133
185.199.111.133
216.7.188.197
2606:4700:3030::ac43:c139
2606:4700::6810:a823
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
64.92.206.220
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d8f1edfd26dff3bf4261657f8605b7761cfb8ec998e504b27b94cc5e4d22b27
2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2e09087c9c75184e8fca26c35e6dad7590a3eacb669926eba40672870492e693
2e7a9b37e47870c3939ca42b58573ffdf833cd82d16f0af35ee7635428561334
3edddec7577b4fc99103f2cf990e41e56347ddf23524098aca60b632598e5965
44da4a6ffe32f80e4082a76f7b96d91f67acb0d2c08f7507b97a8408a16cc7cd
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4716bac7e60c54a8e65659bce0bee86adea9e91b49e6750974b2dfe131e61802
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fe8f18ac11e3426e5004832c105b5fb3af5e633ab8a8699ec167b6e78e194eb
67f30f719873f837830f420e2a97f456a8822079852399a1d3ddf552a056f3fe
6eebe12e6d24431d2a93f19d631335c7c5e549d972789755d8dbef155447e671
6f57c706b2603592ea4810af0c2b62aabb5dc40aba7c432da923c61809d06710
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7a723d2f99415f393e2537d9b0b0ba4c1b4d7a1ea964d1abdce0f310d92643ad
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
abb00fe7285a288c6684f444ecda47236e5c4fe26feaf462b13c34183e9f1217
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
be8019936afd042e0c5011abd1c9b3575e770ab2558b44e5ed1d79d2d182d74c
c66f73bafe42e4b9f740790484b7e010302898f17eb841f1a29829c5c255742f
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c7bde9131601023d83879cd31b74c3a8d5d64a993a8195b8f80df69217200c
f00c0c8b1ab18136b1837b880bb4c1b0e1be1e2e79b63345433bb3d5cee1f87e
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

www.wurstclient.net Open in urlscan Pro 2606:4700:3030::ac43:c139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

63 %IPv6

13 Domains

17 Subdomains

16 IPs

2 Countries

704 kBTransfer

1798 kBSize

1 Cookies

78 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wurstclient.net Open in urlscan Pro
2606:4700:3030::ac43:c139 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

63 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

704 kB
Transfer

1798 kB
Size

1
Cookies

41 HTTP transactions
1 data transactions