urlscan.io logo urlscan.io
SecurityTrails logo

www.wurstclient.net Open in urlscan Pro
172.67.200.128  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Submission: On June 28 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 172.67.200.128, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wurstclient.net.
TLS certificate: Issued by E1 on May 5th 2024. Valid for: 3 months.
This is the only time www.wurstclient.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 172.67.200.128 13335 (CLOUDFLAR...)
2 2a01:4f8:c17:... 24940 (HETZNER-AS)
2 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:275... 16509 (AMAZON-02)
1 52.58.158.46 16509 (AMAZON-02)
25 6
12    172.67.200.128 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wurstclient.net
images.wurstclient.net
2    2a01:4f8:c17:773d::1 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS, DE)
6gj5jh5d.wurstclient.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
themes.googleusercontent.com
8    2600:9000:275b:ae00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
1    52.58.158.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-158-46.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
Apex Domain
Subdomains		 Transfer
14 wurstclient.net
www.wurstclient.net
6gj5jh5d.wurstclient.net
images.wurstclient.net
305 KB
9 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 5195
api.cmp.inmobi.com — Cisco Umbrella Rank: 16926
220 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
195 KB
1 googleusercontent.com
themes.googleusercontent.com — Cisco Umbrella Rank: 15162
57 KB
25 4
Domain Requested by
9 www.wurstclient.net 1 redirects www.wurstclient.net
8 cmp.inmobi.com www.wurstclient.net
cmp.inmobi.com
3 images.wurstclient.net www.wurstclient.net
2 pagead2.googlesyndication.com www.wurstclient.net
pagead2.googlesyndication.com
2 6gj5jh5d.wurstclient.net www.wurstclient.net
6gj5jh5d.wurstclient.net
1 api.cmp.inmobi.com cmp.inmobi.com
1 themes.googleusercontent.com www.wurstclient.net
25 7

This site contains links to these domains. Also see Links.

Domain
wurst.wiki
wurstforum.net
github.com
images.wurstclient.net
twitter.com
Subject Issuer Validity Valid
wurstclient.net
E1		 2024-05-05 -
2024-08-03		 3 months crt.sh
6gj5jh5d.wurstclient.net
R3		 2024-05-19 -
2024-08-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Frame ID: 7243280AD9A90A270606DC823D4F2194
Requests: 23 HTTP requests in this frame

Frame: https://www.wurstclient.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: 0BF19BAA6F412BAD4276B2AD6A246863
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wurst 7.43.2 - ModMenu Fix - WurstClient.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

25
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

778 kB
Transfer

2551 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.wurstclient.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.wurstclient.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wurstclient.net/updates/wurst-7-43-2/ 		32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8698e1392e4d3ca44771f06e940e788faf2987b1a8a5caa13265e28e35e64d48

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
165
alt-svc
h3=":443"; ma=86400
cache-control
max-age=691200
cf-cache-status
HIT
cf-ray
89ade3c05a274d4a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 28 Jun 2024 13:05:39 GMT
expires
Fri, 28 Jun 2024 12:34:07 GMT
last-modified
Fri, 28 Jun 2024 12:19:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fe4r0JnPMFxlXe%2FQbZXFajHqdjb5ENVoj%2Forw%2F7WtncPpFccSqXnyIAxt3VGFJbIvHRSKQdx2SSK0hCsUfqghO5YqxwsZ5HpoZpljMR5SH%2BGu8fJSbIT0X%2BFaQysex5Y4OvnTRv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
287c7e77c47b23fcbd55b37945fbbff96ff377af
x-github-request-id
270A:1B6868:6135AD:70D984:667EAB67
x-proxy-cache
MISS
x-served-by
cache-pdk-katl1840095-PDK
x-timer
S1719577447.481663,VS0,VE24
metro.woff
www.wurstclient.net/fonts/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/fonts/metro.woff
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e09087c9c75184e8fca26c35e6dad7590a3eacb669926eba40672870492e693

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Origin
https://www.wurstclient.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
f61807c5173ee29ecaf67f39a961783657a1630d
date
Fri, 28 Jun 2024 13:05:39 GMT
via
1.1 varnish
expires
Fri, 28 Jun 2024 12:37:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
121556
x-served-by
cache-pdk-katl1840020-PDK
last-modified
Fri, 28 Jun 2024 12:19:59 GMT
server
cloudflare
x-github-request-id
2418:2BC96E:6C751E:7B6903:667EAB14
x-timer
S1719577365.786332,VS0,VE78
etag
"667eaa6f-1dad4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAuo0hyfC3nOmt695AbkFaX6jP%2BwzqnAcHUyVt6SN5keo8Bgdm5tKizvHNFGvwY7bjVElddJZht2IaDm3SOD5r9BEMsebBy0%2FtSDQ6KwtN%2FRr07ANgsqrVHt3JSZDTQiGo%2B2TdrL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
89ade3c09a6a4d4a-FRA
x-cache-hits
0
wi-v2024.04.09.css
www.wurstclient.net/css/ 		310 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/css/wi-v2024.04.09.css
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f006d84f3518031b7f8091375ecedfc4d18ca669624c3dc367cac85a324b8bf5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
88f9495d9c640c2e7ab9b74d0b2663cf949e42de
date
Fri, 28 Jun 2024 13:05:39 GMT
via
1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
MISS
age
207
cf-polished
origSize=386837
x-cache
MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400
x-served-by
cache-pdk-katl1840044-PDK
cf-bgj
minify
last-modified
Fri, 28 Jun 2024 12:19:59 GMT
x-github-request-id
2CB3:4F813:586227:67FB39:667EAB14
x-timer
S1719577365.790709,VS0,VE51
server
cloudflare
etag
W/"667eaa6f-5e715"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWbL2lStRqnQ6lr9FYse%2BvlM0AnOeJXxB9NEr7FeaQYF7ZeSJCREiUjdJCALCzs8PgWkAk9eImFjHgMlc4aXO2E0yuFRLuLdXtWT0%2B0TP1QrUFK3IvlC9KqtT4HkNTJnXPMBrC1v"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=691200
x-origin-cache
HIT
cf-ray
89ade3c09a6c4d4a-FRA
expires
Fri, 28 Jun 2024 12:35:58 GMT
script.outbound-links.file-downloads.js
6gj5jh5d.wurstclient.net/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6gj5jh5d.wurstclient.net/js/script.outbound-links.file-downloads.js
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:773d::1 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d02e368384f13d4aca86887c14ffe8843405e161f3eb42c193331aff3754916d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 13:05:40 GMT
x-content-type-options
nosniff
Server
nginx/1.18.0 (Ubuntu)
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
2565
wurst_253x64_ll.webp
images.wurstclient.net/_media/logo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wurstclient.net/_media/logo/wurst_253x64_ll.webp
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e1a8837b3d7917c1054ba27f825b77f8a0c096755b07e6262654d06a15538a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; media-src 'self'; object-src 'self'; font-src 'self' data:; form-action 'none'; frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:39 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; media-src 'self'; object-src 'self'; font-src 'self' data:; form-action 'none'; frame-ancestors 'self';
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4929
content-disposition
inline; filename="wurst_253x64_ll.webp";
alt-svc
h3=":443"; ma=86400
content-length
6774
pragma
no-cache
last-modified
Thu, 01 Dec 2022 21:35:46 GMT
server
cloudflare
etag
"03a1bba8fce2c9e8bc55c55c71de6ba4"
vary
Cookie, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B27BJ2FrgIDRtjQmsL2ndc5LUu54NQ4x8rs4S3cbeJ3%2FiVEVAEO6npOS5AFootJdkknrBy%2F6XWuoGz%2FwUTwwDLzoV%2BbbaN%2BeXOpXakPPmlOt%2BDYUxqZYbeeUX7ml17paYoDiGf%2BNOZ%2F1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2678400, proxy-revalidate, no-transform
accept-ranges
bytes
cf-ray
89ade3c0aa874d4a-FRA
expires
Sat, 29 Jun 2024 11:31:01 GMT
wurst_7.43.2_540p.webp
images.wurstclient.net/_media/update/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wurstclient.net/_media/update/wurst_7.43.2_540p.webp
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918e9265b24187542c4183539a6c513ee29b6871ccdc3d03e4efc7ff7e3e7cce
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; media-src 'self'; object-src 'self'; font-src 'self' data:; form-action 'none'; frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:39 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; media-src 'self'; object-src 'self'; font-src 'self' data:; form-action 'none'; frame-ancestors 'self';
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4068
content-disposition
inline; filename="wurst_7.43.2_540p.webp";
alt-svc
h3=":443"; ma=86400
content-length
70284
pragma
no-cache
last-modified
Fri, 28 Jun 2024 08:41:36 GMT
server
cloudflare
etag
"0d7221c7fde6215b369a1067059621bb"
vary
Cookie, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GoAh1FOvtXkwsV6TqsLzf7atPMIsROwPLHHP0Lnpen%2FrmEqwXUPSfgXR3cSbNJlwalIyUMVv9Qb8owxGOZxNhc4V9oakXNzAVS6zvWCup%2B%2By1vjFM142kJkUyNIoMePXONnoqyo04Tw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2678400, proxy-revalidate, no-transform
accept-ranges
bytes
cf-ray
89ade3c0aa8b4d4a-FRA
expires
Sat, 29 Jun 2024 11:31:04 GMT
fabric.png
images.wurstclient.net/_media/icon/ 		208 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wurstclient.net/_media/icon/fabric.png
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61628a07a711a94a1fe64628ba59c0c2cf2b03caaf4ca02c0825888886540ed
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; media-src 'self'; object-src 'self'; font-src 'self' data:; form-action 'none'; frame-ancestors 'self';

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:40 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; media-src 'self'; object-src 'self'; font-src 'self' data:; form-action 'none'; frame-ancestors 'self';
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="fabric.png";
alt-svc
h3=":443"; ma=86400
content-length
208
pragma
no-cache
last-modified
Wed, 15 May 2024 12:32:27 GMT
server
cloudflare
etag
"47f5b27ee939c50779ff9e58e8ac2d3a"
vary
Cookie, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dg1zcCcVsBV18iGtOEQEo7hwfV80cQBAFj0%2FLtQhIiydPHf%2FSLRnAjM%2BKcj1z27%2FWwIqE8pC25w%2BJQT3JtyWGFgeDAZTMlDdWyAsRQ5trvBulL6w%2BTE3LFiFL2fPUHfWCguZmLPY9Je"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, proxy-revalidate, no-transform, max-age=86400
accept-ranges
bytes
cf-ray
89ade3c0eadb4d4a-FRA
expires
Sat, 29 Jun 2024 13:05:40 GMT
wi-v2023.01.13.js
www.wurstclient.net/js/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/js/wi-v2023.01.13.js
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a38386eea1cefe8f615e1f09f947c25f8e6070892cf477cf2fba2dfc7722dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
e7084064c33c82a304c26ff0d83c26ca47d3b6ce
date
Fri, 28 Jun 2024 13:05:40 GMT
via
1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
MISS
age
208
cf-polished
origSize=178138
x-cache
MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400
x-served-by
cache-pdk-katl1840047-PDK
cf-bgj
minify
last-modified
Fri, 28 Jun 2024 12:19:59 GMT
x-github-request-id
AD20:124698:596C2F:6902C9:667EAAEB
x-timer
S1719577329.143282,VS0,VE29
server
cloudflare
etag
W/"667eaa6f-2b7da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJSIXx%2BdzBRdqSVxc0pYmHoa0a2tzQk%2FbCG2aZJmaIg2FEe5SWy2wK00Vqns%2BFXhKphl5k7gxyocHUZBV%2FQOkDj3H8vsOG85NmDjuHONMukNLJQQJ%2F%2BILWVeDSaquovebbLRMJ9g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=691200
cf-ray
89ade3c0fafa4d4a-FRA
expires
Fri, 28 Jun 2024 12:36:06 GMT
quantcast-choice.js
www.wurstclient.net/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/js/quantcast-choice.js
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f5b783371b3a73c8fd6a06d1db7cae61a981f7a52d36b707a0b5a4af1fe0b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
f9ec0b2ca92b0a8253ca754bf2311f472d42ccf5
date
Fri, 28 Jun 2024 13:05:40 GMT
via
1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
MISS
age
185
cf-polished
origSize=4051
x-cache
HIT
x-cache-hits
0
alt-svc
h3=":443"; ma=86400
x-served-by
cache-pdk-katl1840020-PDK
cf-bgj
minify
last-modified
Fri, 28 Jun 2024 12:19:59 GMT
x-github-request-id
44C1:23B793:65EFD2:759136:667EAB4C
x-timer
S1719577683.266919,VS0,VE2
server
cloudflare
etag
W/"667eaa6f-fd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWKKMxglD76avWIzHyESX0YeATWPyCqrHfpe%2BDAYrhx5gadDl5MhQHv3fIV10rrBg5wI8w8nMoJlV51vzRMs6BEAtwwfYN7kkAdifyUMXQ8F6%2Flk%2FknQBpUmmhH8QNwfj9v240hm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=691200
cf-ray
89ade3c0fb014d4a-FRA
expires
Fri, 28 Jun 2024 12:33:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5218363098774955
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
5bfb8873b943de245a5217b0c2c9400971d102dd205fd86f8e4c43aebf31696b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52935
x-xss-protection
0
server
cafe
etag
456732158399133739
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 28 Jun 2024 13:05:40 GMT
K88pR3goAWT7BTt32Z01mz8E0i7KZn-EPnyo3HZu7kw.woff
themes.googleusercontent.com/static/fonts/opensans/v8/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/static/fonts/opensans/v8/K88pR3goAWT7BTt32Z01mz8E0i7KZn-EPnyo3HZu7kw.woff
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/css/wi-v2024.04.09.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a723d2f99415f393e2537d9b0b0ba4c1b4d7a1ea964d1abdce0f310d92643ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Origin
https://www.wurstclient.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 21:22:45 GMT
x-content-type-options
nosniff
age
56575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58076
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 27 Jun 2025 21:22:45 GMT
event
6gj5jh5d.wurstclient.net/api/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6gj5jh5d.wurstclient.net/api/event
Requested by
Host: 6gj5jh5d.wurstclient.net
URL: https://6gj5jh5d.wurstclient.net/js/script.outbound-links.file-downloads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:773d::1 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 28 Jun 2024 13:05:40 GMT
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2
x-request-id
F90s2EV7Ise1IhMAC44h
main.js
www.wurstclient.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame 0BF1
Redirect Chain
  • https://www.wurstclient.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.wurstclient.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Protocol
H3
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee47e73b4036d09dfdd2bea7e626c8da9661a5ab848e023c71b46ef45fe13291
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 28 Jun 2024 13:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6WwbRPzDu4wrkNY9vORI0je7uBWKzGkys5DvAWregnKGMiyIthWk2oQYYIJfNu7SN8lxQxEaH%2BC1ZKqWKv8ZFFRc%2BBg1FM%2BmCoSGzh68%2FhZ5UG02Ie6V7%2Fyo%2F9q7UsrHBKbhCb1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89ade3c20c884d4a-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 28 Jun 2024 13:05:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2nAoDCqDmGj1TeG0sYQbBTnkN3dTQQC0soEa%2FxB84ATT%2F2fc0rHqaCwWStsA4ArZYJ43Vm1PN%2BP1PdtnkaX1yoz02iEerNMa8KSwu1dyp9CZDs%2FRU6yff4OTxvR3CL21VsrXNIT"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
89ade3c18bc34d4a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
choice.js
cmp.inmobi.com/choice/vUjCEmnrDQdZZ/wurstclient.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/vUjCEmnrDQdZZ/wurstclient.net/choice.js?tag_version=V3
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/js/quantcast-choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3657480f61c68e09a8bfbe62250b96aff01dc0d3ee0729ed968a536813c3aab8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:03 GMT
content-encoding
br
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jun 2024 08:51:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
42
x-amz-server-side-encryption
AES256
etag
W/"411fdbebc6dd74124cddbbb7a3249412"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
KkG_9yqhIRQ6enEhFskzHJnRoE3HvRAHA5-uBkFS9cRJD-qUphcqTw==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5218363098774955&plah=www.wurstclient.net&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5218363098774955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
98729e094ba4c16ba22858436c1c7ba2fce6abf6055cb6a40391f6a0ed8a3fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146953
x-xss-protection
0
server
cafe
etag
14572225839002727907
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 28 Jun 2024 13:05:40 GMT
cmp2.js
cmp.inmobi.com/tcfv2/53/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=wurstclient.net
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/vUjCEmnrDQdZZ/wurstclient.net/choice.js?tag_version=V3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 06:26:02 GMT
content-encoding
br
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
50541
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 03 Jun 2024 09:45:41 GMT
server
AmazonS3
etag
W/"db6c513b7a9d1bf38b36047c185655a2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
pSMs1YFIV2lG5MUZqKtUvMFqh6ocr19FbssoAYXgmUm1VDZokTXonA==
89ade3c05a274d4a
www.wurstclient.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0BF1 		0
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/cdn-cgi/challenge-platform/h/b/jsd/r/89ade3c05a274d4a
Requested by
Host: www.wurstclient.net
URL: https://www.wurstclient.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Jun 2024 13:05:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWuKzyWPC0isj8OshVAb83RYAruPr9PIYtxL3nvO05f8dBXKtshu%2FvR4ZhlBCJSj9765rQJJSM9lEz0B2JFDvZ4NMsUT2RafMJNTPFpZStucsr3DHmI9CgxF6ysHCqtnHh9D%2B3tK"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
89ade3c2ad4f4d4a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
geoip
cmp.inmobi.com/ 		58 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=wurstclient.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:40 GMT
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P7
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
58
x-amz-cf-id
6RmJpOqHiUMiP8_0ooTzPj7rgmQCEzbWjAY8ubOsIsDoUA6L-3EmgA==
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=wurstclient.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b76d1177c1b8a119ffc594c1209bc661fcb9d6a5ece42a88fbdb1d87b9212ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 03:00:44 GMT
content-encoding
br
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
36297
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 28 Jun 2024 03:00:42 GMT
server
AmazonS3
etag
W/"ba042bde2529d2f73fe3fda05c52507b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Lv4bskwlCfMLViVRE0EHl2HbBsUZ_M_tRHYCxQ7YcdWM6nZgqzoSdQ==
cmp2ui-en.js
cmp.inmobi.com/tcfv2/53/ 		297 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=wurstclient.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 06:26:03 GMT
content-encoding
br
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
23978
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Mon, 03 Jun 2024 09:45:44 GMT
server
AmazonS3
etag
W/"991fbc793ffbdf15116c0458b5a2027a"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
Y57Q03q27cZjcpLr3-3sKXp6IosixgDBNXq9FbwEzI1777Xw0iNddg==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		593 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=wurstclient.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0aebd636d31af542c1d6153acfd7cc66f54ceef1919147daddbe7c0b7f3705a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 23:59:25 GMT
content-encoding
br
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
47176
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Jun 2024 23:59:16 GMT
server
AmazonS3
etag
W/"2279b025f4bd8d04b3f6d453c1ce0e37"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
YXfeq9Q4_-vf3l86iRuW2ZYmcOue1Be8jTmmLPfbZ38zvxurh68Eog==
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=wurstclient.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
600706cffcc5c12d726d35381e8398d3ab4ea86defe8c4125aa0b98113dd973a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 03:00:27 GMT
content-encoding
br
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
36314
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 28 Jun 2024 03:00:24 GMT
server
AmazonS3
etag
W/"1083b6f316b06f2d467c8a5202bd9cbf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
nuZNfLzcknqUmFw9Kqxzf_OGBLVtlNsGhgnDeqKEOi8GN9jPbcpXmg==
favicon.ico
www.wurstclient.net/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.wurstclient.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.200.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f73c6d746459691989e77f8893e4b1c624748c30924528844ff62bdf11f4ef4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.wurstclient.net/updates/wurst-7-43-2/?mc=1.21
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
463701b786fe02f2a5bc4b97235f9172ff417d3a
date
Fri, 28 Jun 2024 13:05:40 GMT
content-encoding
gzip
via
1.1 varnish
expires
Fri, 28 Jun 2024 12:37:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207
x-cache
MISS
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
1303
x-served-by
cache-pdk-katl1840024-PDK
last-modified
Fri, 28 Jun 2024 12:19:59 GMT
server
cloudflare
x-github-request-id
5D90:243D5F:5F1441:6EAD7B:667EAB12
x-timer
S1719577366.175984,VS0,VE24
etag
W/"667eaa6f-10be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2F5Ct1dAvVuo57SZRjG5IcjT6GdN1h0eO7D6K%2BLDPYQbKsWmvi6O0c2Zu91kyHHPRT6%2B7OBjQEK9DzQFQfkYIshvS3xNa9CqQ3%2B9jB5rY%2BsE45jw4j15IQeMJVyHndtmYiX3BBzm"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
89ade3c35e5a4d4a-FRA
x-cache-hits
0
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22vUjCEmnrDQdZZ%22%2C%22domain%22%3A%22www.wurstclient.net%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22LbmnbbnkcZYQhxCqbLG6Fw%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1719579940393%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-qd9v0whz4kkaxxaja4fp%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.158.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-158-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 28 Jun 2024 13:05:40 GMT
content-length
2
content-type
text/plain; charset=utf-8
geoip
cmp.inmobi.com/ 		58 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ae00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.wurstclient.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:05:40 GMT
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P7
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
58
x-amz-cf-id
LOdZidA8u35FjG3dKdoTUELKYuSnfHjpuj0KqMJZbs_ZVLzviQKVgg==

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| plausible function| openDataHref function| getTimeSinceFirstDownload function| updateDownloadCountAttribute function| updateAdBlockerAttribute object| adsbygoogle function| __tcfapi function| __uspapi function| handleLinkEvent function| $ function| jQuery string| METRO_VERSION boolean| METRO_AUTO_REINIT string| METRO_LANGUAGE string| METRO_LOCALE string| METRO_CURRENT_LOCALE string| METRO_SHOW_TYPE boolean| METRO_DEBUG number| METRO_CALENDAR_WEEK_START boolean| canObserveMutation function| isTouchDevice object| metroUtils object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| regeneratorRuntime function| __tcfapiui object| dataLayer function| gtag function| google_sa_impl

2 Cookies

Domain/Path Name / Value
images.wurstclient.net/ Name: DokuWiki
Value: u2l2k2c71metvp3f4drvudpb1g
.wurstclient.net/ Name: cf_clearance
Value: eOQWQ81sFMPPpbvbOfyoyiT1MqlKP_Pzvceg2yaHFJA-1719579940-1.0.1.1-XluHKCwD77JSSvau9FYbm1.GNthbx7xRSim6OxN9gP.xP6lN79ySbyZhyBn6Vg4XLNsMpxJU7lZvS7ShyaskFA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6gj5jh5d.wurstclient.net
api.cmp.inmobi.com
cmp.inmobi.com
images.wurstclient.net
pagead2.googlesyndication.com
themes.googleusercontent.com
www.wurstclient.net
142.250.185.98
172.67.200.128
2600:9000:275b:ae00:1b:cadc:ef40:93a1
2a00:1450:4001:82a::2001
2a01:4f8:c17:773d::1
52.58.158.46
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e09087c9c75184e8fca26c35e6dad7590a3eacb669926eba40672870492e693
3657480f61c68e09a8bfbe62250b96aff01dc0d3ee0729ed968a536813c3aab8
3f73c6d746459691989e77f8893e4b1c624748c30924528844ff62bdf11f4ef4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b76d1177c1b8a119ffc594c1209bc661fcb9d6a5ece42a88fbdb1d87b9212ab
5bfb8873b943de245a5217b0c2c9400971d102dd205fd86f8e4c43aebf31696b
600706cffcc5c12d726d35381e8398d3ab4ea86defe8c4125aa0b98113dd973a
67f5b783371b3a73c8fd6a06d1db7cae61a981f7a52d36b707a0b5a4af1fe0b0
68e1a8837b3d7917c1054ba27f825b77f8a0c096755b07e6262654d06a15538a
706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207
7a723d2f99415f393e2537d9b0b0ba4c1b4d7a1ea964d1abdce0f310d92643ad
8698e1392e4d3ca44771f06e940e788faf2987b1a8a5caa13265e28e35e64d48
918e9265b24187542c4183539a6c513ee29b6871ccdc3d03e4efc7ff7e3e7cce
98729e094ba4c16ba22858436c1c7ba2fce6abf6055cb6a40391f6a0ed8a3fee
a61628a07a711a94a1fe64628ba59c0c2cf2b03caaf4ca02c0825888886540ed
ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2
c4a38386eea1cefe8f615e1f09f947c25f8e6070892cf477cf2fba2dfc7722dd
d02e368384f13d4aca86887c14ffe8843405e161f3eb42c193331aff3754916d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee47e73b4036d09dfdd2bea7e626c8da9661a5ab848e023c71b46ef45fe13291
f006d84f3518031b7f8091375ecedfc4d18ca669624c3dc367cac85a324b8bf5
f0aebd636d31af542c1d6153acfd7cc66f54ceef1919147daddbe7c0b7f3705a
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112