urlscan.io logo urlscan.io
SecurityTrails logo

wernerblank.com Open in urlscan Pro
98.138.19.143  Public Scan

Go To Rescan Add Verdict Report
URL: http://wernerblank.com/
Submission: On June 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 98.138.19.143, located in Sunnyvale, United States and belongs to YAHOO-NE1 - Yahoo, US. The main domain is wernerblank.com.
This is the only time wernerblank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 98.138.19.143 36646 (YAHOO-NE1)
1 2a00:1288:110... 34010 (YAHOO-IRD)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.3.145.245 14618 (AMAZON-AES)
16 6
4    98.138.19.143 (Sunnyvale, United States)

ASN36646 (YAHOO-NE1 - Yahoo, US)
PTR: p8p-i.geo.vip.ne1.yahoo.com
wernerblank.com
1    2a00:1288:110:201::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
search.yahoo.com
4    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
pagead2.googlesyndication.com
2    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
3    52.3.145.245 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-145-245.compute-1.amazonaws.com
np.lexity.com
Domain Requested by
4 pagead2.googlesyndication.com wernerblank.com
pagead2.googlesyndication.com
4 wernerblank.com wernerblank.com
3 np.lexity.com wernerblank.com
np.lexity.com
2 www.google-analytics.com wernerblank.com
1 search.yahoo.com wernerblank.com
0 googleads.g.doubleclick.net Failed pagead2.googlesyndication.com
16 6

This site contains no links.

Subject Issuer Validity Valid
*.search.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2017-04-13 -
2017-10-13		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-06-21 -
2017-09-13		 3 months crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-06-14 -
2017-09-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://wernerblank.com/
Frame ID: 8296.1
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170619/r20170110/zrt_lookup.html
Frame ID: 8296.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170619/r20170110/show_ads_impl.js
Frame ID: 8296.2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4440768377907046&format=728x90_as&output=html&h=90&adk=3454228599&adf=2082547876&w=728&lmt=1360762525&loeid=191880401&ad_type=text_image&flash=0&url=http%3A%2F%2Fwernerblank.com%2F&wgl=1&dt=1498575127656&bpp=8&bdt=809&fdt=10&idt=104&shv=r20170619&cbv=r20170110&saldr=sa&correlator=7269408236897&frm=20&ga_vid=2120705208.1498575127&ga_sid=1498575127&ga_hid=939383234&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=656&biw=1600&bih=1200&abxe=1&eid=10593696%2C191880411%2C575144605%2C137237721&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=7e6zMus19Z&p=http%3A//wernerblank.com&dtd=124
Frame ID: 8296.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

16
Requests

31 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

237 kB
Transfer

500 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 2
  • http://search.yahoo.com/?fr=altavista
  • https://search.yahoo.com/?fr=altavista
Request 5
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
Request 6
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1994585228&utmhn=wernerblank.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1994585228&utmhn=wernerblank.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wernerblank.com/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wernerblank.com/
Protocol
HTTP/1.1
Server
98.138.19.143 Sunnyvale, United States, ASN36646 (YAHOO-NE1 - Yahoo, US),
Reverse DNS
p8p-i.geo.vip.ne1.yahoo.com
Software
ATS/5.3.0 /
Resource Hash
ec6991f8d603bcf3d1f6e5a91d55632fe19692b03c764a011d6b231fbab3b58f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Feb 2013 13:35:25 GMT
Server
ATS/5.3.0
X-INKT-URI
http://www.wernerblank.com//werner_b_1938/us1/index.html
Age
0
Vary
Accept-Encoding
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
X-INKT-SITE
http://www.wernerblank.com
X-Host
p8w20.geo.ne1.yahoo.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
3921
wjb8.jpg
wernerblank.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wernerblank.com/images/wjb8.jpg
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
HTTP/1.1
Server
98.138.19.143 Sunnyvale, United States, ASN36646 (YAHOO-NE1 - Yahoo, US),
Reverse DNS
p8p-i.geo.vip.ne1.yahoo.com
Software
ATS/5.3.0 /
Resource Hash
ad7b32efa7d8ff3f32fbf3c8f49de70009036713cdbe8c92cbcf75963cf09df2

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:06 GMT
Last-Modified
Thu, 06 Jul 2006 18:15:25 GMT
Server
ATS/5.3.0
Age
0
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
12379
Expires
Fri, 07 Jul 2017 14:52:06 GMT
title04b.jpg
wernerblank.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wernerblank.com/images/title04b.jpg
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
HTTP/1.1
Server
98.138.19.143 Sunnyvale, United States, ASN36646 (YAHOO-NE1 - Yahoo, US),
Reverse DNS
p8p-i.geo.vip.ne1.yahoo.com
Software
ATS/5.3.0 /
Resource Hash
424d012693559756934b042388f00bc0d8b0e2361c68f865ac8a654c92b5146c

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:07 GMT
Last-Modified
Sun, 28 Feb 2010 15:21:00 GMT
Server
ATS/5.3.0
Age
0
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
3330
Expires
Fri, 07 Jul 2017 14:52:07 GMT
/
search.yahoo.com/
Redirect Chain
  • http://search.yahoo.com/?fr=altavista
  • https://search.yahoo.com/?fr=altavista
 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search.yahoo.com/?fr=altavista
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:201::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
adc5460333384edabad44c7dd447d9dc5737f1b108129fc07c0aa87a8ab9640b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 14:52:07 GMT
content-encoding
gzip
vary
Accept-Encoding
server
ATS
age
0
x-frame-options
SAMEORIGIN
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status
200
cache-control
private
strict-transport-security
max-age=15552000
content-type
text/html; charset=UTF-8
content-length
11318
y-trace
BAEAQAAAAAAVk7X7CSQWCwAAAAAAAAAAllelIjmL_2MAAAAAAAAAAAAFUvI2IOBbAAVS8jYmhaEiKvcpAAAAAA--

Redirect headers

Location
https://search.yahoo.com/?fr=altavista
Non-Authoritative-Reason
HSTS
title05.png
wernerblank.com/images/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wernerblank.com/images/title05.png
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
HTTP/1.1
Server
98.138.19.143 Sunnyvale, United States, ASN36646 (YAHOO-NE1 - Yahoo, US),
Reverse DNS
p8p-i.geo.vip.ne1.yahoo.com
Software
ATS/5.3.0 /
Resource Hash
996458050c92a85d8be2f191e8c563f3cd1b9aa97428c1a28573a9439f4ba945

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:07 GMT
Last-Modified
Wed, 13 Feb 2013 13:29:40 GMT
Server
ATS/5.3.0
Age
0
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
49708
Expires
Fri, 07 Jul 2017 14:52:07 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
bbb0d0b52dae497a138684830a3fa9d94e25681d930a1b91d542272f092237cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:39:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
737
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
9262668368126978436
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
16915
X-XSS-Protection
1; mode=block
Expires
Tue, 27 Jun 2017 15:39:49 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2017 00:25:39 GMT
server
Golfe2
age
4583
date
Tue, 27 Jun 2017 13:35:43 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
16022
expires
Tue, 27 Jun 2017 15:35:43 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1994585228&utmhn=wernerblank.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1994585228&utmhn=wernerblank.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1994585228&utmhn=wernerblank.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Werner&utmhid=939383234&utmr=-&utmp=%2F&utmht=1498575126873&utmac=UA-11534246-1&utmcc=__utma%3D176509987.2120705208.1498575127.1498575127.1498575127.1%3B%2B__utmz%3D176509987.1498575127.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1701944642&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2017 14:52:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1994585228&utmhn=wernerblank.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Werner&utmhid=939383234&utmr=-&utmp=%2F&utmht=1498575126873&utmac=UA-11534246-1&utmcc=__utma%3D176509987.2120705208.1498575127.1498575127.1498575127.1%3B%2B__utmz%3D176509987.1498575127.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1701944642&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
ca-pub-4440768377907046.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-4440768377907046.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 14:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Jun 2017 21:05:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
125
x-xss-protection
1; mode=block
expires
Wed, 28 Jun 2017 02:52:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170619/r20170110/ Frame 8296 		0
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170619/r20170110/ Frame 8296 		193 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170619/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
27229ea49ff94de922ff522a6a449746058231e87ea5ce4738a0c2a5cd82d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
7206581157743056603
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
72525
X-XSS-Protection
1; mode=block
Expires
Tue, 27 Jun 2017 14:52:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8296 		0
0
osd.js
pagead2.googlesyndication.com/pagead/js/r20170619/r20170110/ Frame 8296 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20170619/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170619/r20170110/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
c9acb3aad726e4007a3b27278390648f9da28680654f4e736db9754841a4f6b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Thu, 22 Jun 2017 01:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
29364
x-xss-protection
1; mode=block
server
cafe
etag
17503336867582198258
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jul 2017 01:19:03 GMT
4a754e9520c278a05bd54e3f0653d2cc
np.lexity.com/embed/YW/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://np.lexity.com/embed/YW/4a754e9520c278a05bd54e3f0653d2cc?id=80818ebfe5f5
Requested by
Host: wernerblank.com
URL: http://wernerblank.com/
Protocol
HTTP/1.1
Server
52.3.145.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-3-145-245.compute-1.amazonaws.com
Software
/
Resource Hash
84769919b8b9ba13cfa5f0b5a25ca00da41087d000da0ca65f99738982a866b0

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:08 GMT
Cache-Control
no-store, no-cache
Connection
keep-alive
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
transfer-encoding
chunked
Content-Type
text/javascript
yxnfdsnu.f.kk[0]
np.lexity.com/embed/YW/4a754e9520c278a05bd54e3f0653d2cc/v/9EjfAtyP6TKr/k/UE0k8SJpAoy8/u/http%3A%2F%2Fwernerblank.com%2F/n/1498575128120/t/Werner/vn/1/c/ 		20 B
26 B 		Script
General
Check archive.org
Download Go to
Full URL
http://np.lexity.com/embed/YW/4a754e9520c278a05bd54e3f0653d2cc/v/9EjfAtyP6TKr/k/UE0k8SJpAoy8/u/http%3A%2F%2Fwernerblank.com%2F/n/1498575128120/t/Werner/vn/1/c/yxnfdsnu.f.kk[0]?id=80818ebfe5f5&ts=1498575128470
Requested by
Host: np.lexity.com
URL: http://np.lexity.com/embed/YW/4a754e9520c278a05bd54e3f0653d2cc?id=80818ebfe5f5
Protocol
HTTP/1.1
Server
52.3.145.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-3-145-245.compute-1.amazonaws.com
Software
/
Resource Hash
16232a170c7dba9169ad085e70b2f1646d56cea7beabbbc74de990d711f45910

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:08 GMT
Cache-Control
no-store, no-cache
Connection
keep-alive
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
transfer-encoding
chunked
Content-Type
text/javascript
yxnfdsnu.f.kk[1]
np.lexity.com/embed/YW/4a754e9520c278a05bd54e3f0653d2cc/h/1/v/9EjfAtyP6TKr/k/UE0k8SJpAoy8/u/http%3A%2F%2Fwernerblank.com%2F/n/1498575128120/t/Werner/vn/1/c/ 		20 B
26 B 		Script
General
Check archive.org
Download Go to
Full URL
http://np.lexity.com/embed/YW/4a754e9520c278a05bd54e3f0653d2cc/h/1/v/9EjfAtyP6TKr/k/UE0k8SJpAoy8/u/http%3A%2F%2Fwernerblank.com%2F/n/1498575128120/t/Werner/vn/1/c/yxnfdsnu.f.kk[1]?id=80818ebfe5f5&ts=1498575132470
Requested by
Host: np.lexity.com
URL: http://np.lexity.com/embed/YW/4a754e9520c278a05bd54e3f0653d2cc?id=80818ebfe5f5
Protocol
HTTP/1.1
Server
52.3.145.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-3-145-245.compute-1.amazonaws.com
Software
/
Resource Hash
15df1514c8ba7bb2547c8d0f6a49c3a386b764a5896a5aa91d69c3f19913da9b

Request headers

Referer
http://wernerblank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 14:52:12 GMT
Cache-Control
no-store, no-cache
Connection
keep-alive
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
transfer-encoding
chunked
Content-Type
text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20170619/r20170110/zrt_lookup.html
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4440768377907046&format=728x90_as&output=html&h=90&adk=3454228599&adf=2082547876&w=728&lmt=1360762525&loeid=191880401&ad_type=text_image&flash=0&url=http%3A%2F%2Fwernerblank.com%2F&wgl=1&dt=1498575127656&bpp=8&bdt=809&fdt=10&idt=104&shv=r20170619&cbv=r20170110&saldr=sa&correlator=7269408236897&frm=20&ga_vid=2120705208.1498575127&ga_sid=1498575127&ga_hid=939383234&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=656&biw=1600&bih=1200&abxe=1&eid=10593696%2C191880411%2C575144605%2C137237721&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=7e6zMus19Z&p=http%3A//wernerblank.com&dtd=124

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.wernerblank.com/ Name: __utmz
Value: 176509987.1498575127.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.wernerblank.com/ Name: __utmc
Value: 176509987
.wernerblank.com/ Name: __utmb
Value: 176509987.1.10.1498575127
.wernerblank.com/ Name: __utma
Value: 176509987.2120705208.1498575127.1498575127.1498575127.1
.wernerblank.com/ Name: __utmt
Value: 1