wallpaperscraft.ru Open in urlscan Pro
116.202.13.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Submission: On October 17 via manual (October 17th 2021, 12:02:38 pm UTC) from BY — Scanned from DE

Summary HTTP 77 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 77 HTTP transactions. The main IP is 116.202.13.109, located in Germany and belongs to HETZNER-AS, DE. The main domain is wallpaperscraft.ru.
TLS certificate: Issued by R3 on August 17th 2021. Valid for: 3 months.

This is the only time wallpaperscraft.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	116.202.13.109 116.202.13.109	24940 (HETZNER-AS) (HETZNER-AS)
10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
10	78.47.94.157 78.47.94.157	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
77	15

20 116.202.13.109 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.109.13.202.116.clients.your-server.de

wallpaperscraft.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 78.47.94.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.94.47.78.clients.your-server.de

images.wallpaperscraft.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	wallpaperscraft.ru wallpaperscraft.ru images.wallpaperscraft.ru	2 MB
21	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	247 KB
8	doubleclick.net googleads.g.doubleclick.net	62 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	108 KB
3	google.com 1 redirects adservice.google.com www.google.com	2 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	googletagservices.com www.googletagservices.com	75 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	663 B
1	googletagmanager.com www.googletagmanager.com	38 KB
77	11

	Domain	Requested by
20	wallpaperscraft.ru	wallpaperscraft.ru
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	images.wallpaperscraft.ru	wallpaperscraft.ru
10	pagead2.googlesyndication.com	wallpaperscraft.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	wallpaperscraft.ru googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	wallpaperscraft.ru
77	15

This site contains links to these domains. Also see Links.

Domain
images.wallpaperscraft.ru
unsplash.com
play.google.com
apps.apple.com
eastwood.com.ru

Subject Issuer	Validity	Valid
*.wallpaperscraft.ru R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 10 frames:

Primary Page: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Frame ID: ED11353844C2C74B267D260749CEBDFB
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 4B992425F68E4DDC4C2AA31F792293BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8106611308&adk=560805335&adf=2665882539&pi=t.ma~as.8106611308&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153406&bpp=1&bdt=226&idt=93&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&correlator=8571221566014&frm=20&pv=2&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fKFRvImXEN&p=https%3A//wallpaperscraft.ru&dtd=106
Frame ID: D67776B66E834DF3297F54E86915A58A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=5763109876&adk=3050740921&adf=664719119&pi=t.ma~as.5763109876&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153407&bpp=1&bdt=227&idt=115&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YjahxH6MxG&p=https%3A//wallpaperscraft.ru&dtd=118
Frame ID: 67F2F2DBBC59EF36EBFB85FA7F9D1030
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8605304753&adk=539818386&adf=153992921&pi=t.ma~as.8605304753&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153408&bpp=1&bdt=228&idt=128&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=2704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RILnSFNAkb&p=https%3A//wallpaperscraft.ru&dtd=131
Frame ID: 4F76A74EB8E30E62BFCDE0D90F5178E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A217B6FEADDEAE6BDFF3D37F08349C0C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Frame ID: 15B7332EAB8B7F9082A1717DDFA3CDD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Frame ID: 1F30E3D464E494BBB306451EAB19887B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2B11447174BA74D0389A002F92529671
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C7B13470E4C0EB4775C4EFA65577C42
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скачать 1920x1080 млечный путь, звездное небо, звезды, космос, сияние, блеск обои, картинки full hd, hdtv, fhd, 1080p

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

77
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

2933 kB
Transfer

3976 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523_1920x1080.jpg

Search URL Search Domain Scan URL

URL: https://unsplash.com/@freedomstudios
Title: Источник

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.wallpaperscraft.wallpaper&referrer=utm_source%3Dwallpaperscraft_site%26utm_campaign%3Dapp_ad_footer

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1348676585?pt=119120774&ct=wallpaperscraft_site&mt=8

Search URL Search Domain Scan URL

URL: https://eastwood.com.ru/
Title: Eastwood

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

77 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 1920x1080 Show response
wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/ 62 KB
11 KB 62ms
17ms Document
text/html 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

fb82acd78e4f04a342f642293dcc3aecb0114d8928dd8f7a9d5f822853b043e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: wallpaperscraft.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Sun, 17 Oct 2021 12:02:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-Cache-Status: HIT

GET
H/1.1 200
OK main.css
wallpaperscraft.ru/public/css/ 56 KB
14 KB 14ms
13ms Stylesheet
text/css 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

4e240dc29403116b2fe02dc85854c8b37d8ef261102443ce08574e69c373aade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 12:49:12 GMT
Server: nginx
ETag: W/"61682748-e141"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=2592000 public
Strict-Transport-Security: max-age=31536000
Expires: Sun, 14 Nov 2021 11:04:28 GMT

GET
H/1.1 200
OK logo.png
wallpaperscraft.ru/public/img/general/ 2 KB
2 KB 26ms
11ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/logo.png?v=0c924f7b

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

262379c0f0cc61f209bdcc0fdc0b66f7647c38f2ce1fce8a7e141e9875715cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Thu, 14 Oct 2021 12:49:12 GMT
Server: nginx
ETag: "61682748-6ec"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1772
Expires: Sun, 14 Nov 2021 11:04:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 95ms
43ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aa462a1c6f177052f74bed319843b0cad53857a2923792653ec00d4c0d080e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51483
x-xss-protection: 0
server: cafe
etag: 1718743009991155302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 17 Oct 2021 12:02:33 GMT

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_128523_1920x1080.jpg
images.wallpaperscraft.ru/image/single/ 649 KB
649 KB 62ms
23ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523_1920x1080.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

1b720be578cfd4c17e4b78913b5521e87768b0a96b7ac4473344db2d744638e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Mon, 18 May 2020 02:55:32 GMT
Server: nginx
ETag: "5ec1f924-a2336"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 664374

GET
H/1.1 200
OK app-logo.svg
wallpaperscraft.ru/public/img/general/icons/ 1 KB
952 B 12ms
11ms Image
image/svg+xml 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/icons/app-logo.svg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

272956440b451a13b22e008eb7310bb065d99871f94aa9f2959f91a16b290e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: W/"614b0bcc-406"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=2592000 public
Strict-Transport-Security: max-age=31536000
Expires: Sat, 23 Oct 2021 16:56:05 GMT

GET
H/1.1 200
OK google.svg
wallpaperscraft.ru/public/img/general/icons/ 11 KB
3 KB 14ms
13ms Image
image/svg+xml 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/icons/google.svg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

d82e8e930bb6daadb7ac4e27052841d2f0c73ff7941ecb9b211d0ec2af8c73eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: W/"614b0bcc-2b02"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=2592000 public
Strict-Transport-Security: max-age=31536000
Expires: Sat, 23 Oct 2021 15:42:33 GMT

GET
H/1.1 200
OK app.svg
wallpaperscraft.ru/public/img/general/icons/ 7 KB
3 KB 14ms
13ms Image
image/svg+xml 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/icons/app.svg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

e82c0c88554cf4a389f2d99e14cfd6bec45ca7ea925b883feb5269ab068e07a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: W/"614b0bcc-1b0f"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=2592000 public
Strict-Transport-Security: max-age=31536000
Expires: Sat, 23 Oct 2021 15:42:55 GMT

GET
H/1.1 200
OK app1.png
wallpaperscraft.ru/public/img/general/ 90 KB
90 KB 33ms
18ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/app1.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

5cfb477acd2de4aa80bbae237485639a62f0a5842923bf0977c17ea94c301592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-166ac"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91820
Expires: Tue, 26 Oct 2021 14:56:46 GMT

GET
H/1.1 200
OK app2.png
wallpaperscraft.ru/public/img/general/ 146 KB
147 KB 49ms
26ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/app2.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

846c4f18fd520e71fc20ec54577b7224b0c71a9329be567316c5cff4ba35c815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-248ac"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149676
Expires: Tue, 26 Oct 2021 14:56:32 GMT

GET
H/1.1 200
OK app3.png
wallpaperscraft.ru/public/img/general/ 132 KB
133 KB 51ms
26ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/app3.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

a30cdea40295fbd3c16f9c9489d6699d5948f473870791b275cc850512995332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-2115b"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135515
Expires: Tue, 26 Oct 2021 14:57:09 GMT

GET
H/1.1 200
OK app4.png
wallpaperscraft.ru/public/img/general/ 178 KB
178 KB 28ms
16ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/app4.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

15ddfa17f5b517efa1f82854fd1d71ea119ff88c4cc39770f9ef6e7931bf5a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-2c66b"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181867
Expires: Tue, 26 Oct 2021 14:57:09 GMT

GET
H/1.1 200
OK app5.png
wallpaperscraft.ru/public/img/general/ 66 KB
67 KB 12ms
11ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/app5.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

933f753aa4317b75bfe693b56d9739fb86284294993fc07a0b118891522538f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-109c6"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68038
Expires: Tue, 26 Oct 2021 14:57:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 72ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11053870-9

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2da28f365bac1ce85da01fbbd78a6e829a942d585480b22ebcaa976d0e9f0729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:02:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38526
x-xss-protection: 0
expires: Sun, 17 Oct 2021 12:02:33 GMT

GET
H/1.1 200
OK main.js Show response
wallpaperscraft.ru/public/js/ 214 KB
80 KB 31ms
22ms Script
application/javascript 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wallpaperscraft.ru/public/js/main.js?v=0c924f7b

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

87457c2c958ef1ff28bd8078976e685ac25ae6c6c549f8372faa5f5b2d87cfb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 12:49:12 GMT
Server: nginx
ETag: W/"61682748-358cc"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=2592000 public
Strict-Transport-Security: max-age=31536000
Expires: Sun, 14 Nov 2021 11:04:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 61ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&subset=cyrillic

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Oct 2021 10:18:28 GMT
server: ESF
date: Sun, 17 Oct 2021 12:02:33 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 17 Oct 2021 12:02:33 GMT

GET
H/1.1 200
OK ico-search.png
wallpaperscraft.ru/public/img/general/icons/ 2 KB
2 KB 16ms
11ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/icons/ico-search.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

3cd0c9e3a81761774c3f9d91abf27476154535ad1d2f83ff8a2a52e43ca6a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-610"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1552
Expires: Sat, 23 Oct 2021 15:42:47 GMT

GET
H/1.1 200
OK PT_Sans-Web-Regular.ttf
wallpaperscraft.ru/public/fonts/ 433 KB
433 KB 22ms
12ms Font
application/octet-stream 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wallpaperscraft.ru/public/fonts/PT_Sans-Web-Regular.ttf

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://wallpaperscraft.ru
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Connection: keep-alive
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Origin: https://wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-6c250"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: application/octet-stream
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 442960
Expires: Sat, 23 Oct 2021 15:42:34 GMT

GET
H/1.1 200
OK ico-source.png
wallpaperscraft.ru/public/img/general/icons/ 2 KB
3 KB 17ms
11ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/icons/ico-source.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

5d169014e99791f2afc69e3db1f12e19e48bbb377e2210f8ad5f8ec1ef7d1403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-8e1"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2273
Expires: Sat, 23 Oct 2021 15:45:15 GMT

GET
H/1.1 200
OK banner.png
wallpaperscraft.ru/public/img/general/ 455 KB
456 KB 12ms
12ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/banner.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

f5b6751f76c7d5b71e16ef62042f37b40a435a271d92b006f1ec7a70cc6f4277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-71c96"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 466070
Expires: Tue, 26 Oct 2021 14:57:09 GMT

GET
H/1.1 200
OK HelveticaNeueCyr-Bold.ttf
wallpaperscraft.ru/public/fonts/ 23 KB
24 KB 27ms
25ms Font
application/octet-stream 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wallpaperscraft.ru/public/fonts/HelveticaNeueCyr-Bold.ttf

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

11f4b7c7696d091a753e25ecb8727dc10aeb8c5b748fa57e8f2b1c1db9dca9c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://wallpaperscraft.ru
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Connection: keep-alive
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Origin: https://wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-5da8"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: application/octet-stream
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23976
Expires: Tue, 26 Oct 2021 14:57:29 GMT

GET
H/1.1 200
OK similar Show response
wallpaperscraft.ru/ajax/images/ 9 KB
1 KB 14ms
13ms XHR
application/json 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wallpaperscraft.ru/ajax/images/similar?id=128523&size=1920x1080&page=1

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/js/main.js?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

b90a2f4346704e2e489c63dcaf83684a31c8f8a64d787b1f3e640a27db6c41e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
Accept: */*
Referer: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 17 Oct 2021 12:02:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Cache-Status: HIT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_134091_300x168.jpg
images.wallpaperscraft.ru/image/single/ 7 KB
8 KB 24ms
13ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_134091_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

59aea027b0086876f0fa757e52536219d69928cb197b23acfe9459dd981a9752

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Tue, 19 May 2020 06:23:46 GMT
Server: nginx
ETag: "5ec37b72-1d16"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7446

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_222236_300x168.jpg
images.wallpaperscraft.ru/image/single/ 7 KB
8 KB 256ms
231ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_222236_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

94b1ff4f9be887a62d7a56a3cbcc2008b3d659754e056874de5a5069aa2de011

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Tue, 28 Sep 2021 08:46:45 GMT
Server: nginx
ETag: "6152d675-1db4"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7604

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_128808_300x168.jpg
images.wallpaperscraft.ru/image/single/ 10 KB
10 KB 43ms
18ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_128808_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

5a541ea9d80f2a91fb30ffdc9ebcab3937d2826cc2776016cdef975f549c78fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Mon, 18 May 2020 07:50:11 GMT
Server: nginx
ETag: "5ec23e33-27ea"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10218

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_126017_300x168.jpg
images.wallpaperscraft.ru/image/single/ 4 KB
4 KB 68ms
43ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_126017_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

bc749b3573a0b7602d54d55d65c13641b065daf32722d5eb01c2c7c704d56c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Sat, 16 May 2020 03:59:31 GMT
Server: nginx
ETag: "5ebf6523-ead"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3757

GET
H/1.1 200
OK mlechnyj_put_zvezdy_kosmos_198104_300x168.jpg
images.wallpaperscraft.ru/image/single/ 8 KB
9 KB 48ms
13ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdy_kosmos_198104_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

f38bee422aab1fae26d00b68043e1310ff018ade8a8b4d1ba33ceb07cfdaa37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Fri, 08 Jan 2021 08:42:52 GMT
Server: nginx
ETag: "5ff81b0c-21c0"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8640

GET
H/1.1 200
OK mlechnyj_put_zvezdy_siianie_208528_300x168.jpg
images.wallpaperscraft.ru/image/single/ 10 KB
10 KB 46ms
13ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdy_siianie_208528_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

80be88bc19416d6f0d05424d044b5b6a7cd17b43b338954231727ca0eb23dfbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Thu, 22 Apr 2021 13:41:19 GMT
Server: nginx
ETag: "60817cff-264e"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9806

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_221745_300x168.jpg
images.wallpaperscraft.ru/image/single/ 6 KB
6 KB 22ms
12ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_221745_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

c17e457a2267cdd79c9459380ef0e28df3e9ac53154fd1b83fc9825b015fcbff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Tue, 21 Sep 2021 13:20:51 GMT
Server: nginx
ETag: "6149dc33-1748"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5960

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_221702_300x168.jpg
images.wallpaperscraft.ru/image/single/ 13 KB
14 KB 48ms
36ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_221702_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

cfca003f341b91fd09797efcb3cbebbd229a577d4cc6068d1f939d20b674ce82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Tue, 21 Sep 2021 11:21:59 GMT
Server: nginx
ETag: "6149c057-35f3"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13811

GET
H/1.1 200
OK mlechnyj_put_zvezdnoe_nebo_zvezdy_221517_300x168.jpg
images.wallpaperscraft.ru/image/single/ 10 KB
11 KB 237ms
225ms Image
image/jpeg 78.47.94.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.wallpaperscraft.ru/image/single/mlechnyj_put_zvezdnoe_nebo_zvezdy_221517_300x168.jpg

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/download/mlechnyj_put_zvezdnoe_nebo_zvezdy_128523/1920x1080

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.47.94.157 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.157.94.47.78.clients.your-server.de

Software

nginx /

Resource Hash

b2a30a97b1d376ad98dfb49983255b91732f553ccf51065c8269ed0e3ab8e8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Fri, 17 Sep 2021 13:25:02 GMT
Server: nginx
ETag: "6144972e-29f4"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10740

GET
H/1.1 200
OK ico-rating.png
wallpaperscraft.ru/public/img/general/icons/ 1021 B
1 KB 12ms
12ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/icons/ico-rating.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

49666a995ec479f4e022f6497e6a555f6130730f1faa567205a23c4d819f3164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-3fd"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1021
Expires: Sat, 23 Oct 2021 15:42:55 GMT

GET
H/1.1 200
OK ico-download.png
wallpaperscraft.ru/public/img/general/icons/ 969 B
1 KB 12ms
12ms Image
image/png 116.202.13.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperscraft.ru/public/img/general/icons/ico-download.png

Requested by

Host: wallpaperscraft.ru
URL: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

116.202.13.109 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.109.13.202.116.clients.your-server.de

Software

nginx /

Resource Hash

ae16511ee81c42d13ac0182bc65405c2dbf0fb8aa8d11a770a562003cb41b682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: wallpaperscraft.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/public/css/main.css?v=0c924f7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 Oct 2021 12:02:33 GMT
Last-Modified: Wed, 22 Sep 2021 10:56:12 GMT
Server: nginx
ETag: "614b0bcc-3c9"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 969
Expires: Sat, 23 Oct 2021 15:43:29 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/ 272 KB
98 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8368670567407840&plah=wallpaperscraft.ru&bust=31063118

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b20c447b3d7f66aa1c71305e4a91983b14e3174c651ec6460e73a79e58a3bb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99860
x-xss-protection: 0
server: cafe
etag: 5832577822734846258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Oct 2021 12:02:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 4B99 10 KB
5 KB 50ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211013/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wallpaperscraft.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 16 Oct 2021 21:27:24 GMT
expires: Sat, 30 Oct 2021 21:27:24 GMT
content-type: text/html; charset=UTF-8
etag: 9069739545958607985
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4691
x-xss-protection: 0
age: 52509
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11053870-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 87
date: Sun, 17 Oct 2021 12:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 17 Oct 2021 14:01:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
663 B 57ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wallpaperscraft.ru&callback=_gfp_s_&client=ca-pub-8368670567407840

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8368670567407840&plah=wallpaperscraft.ru&bust=31063118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4252dd1e5b0de61056df63cdabd8851e65978561255ed91b2912c5da5a0f12d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 60ms
24ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wallpaperscraft.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Oct 2021 12:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 80ms
26ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wallpaperscraft.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Oct 2021 12:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D677 88 KB
29 KB 609ms
608ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8106611308&adk=560805335&adf=2665882539&pi=t.ma~as.8106611308&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153406&bpp=1&bdt=226&idt=93&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&correlator=8571221566014&frm=20&pv=2&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fKFRvImXEN&p=https%3A//wallpaperscraft.ru&dtd=106

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b403df827bc35fb1424cea883bb798c2c5414db3fa03a21b7fd60648c9d1982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8106611308&adk=560805335&adf=2665882539&pi=t.ma~as.8106611308&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153406&bpp=1&bdt=226&idt=93&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&correlator=8571221566014&frm=20&pv=2&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fKFRvImXEN&p=https%3A//wallpaperscraft.ru&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wallpaperscraft.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 17 Oct 2021 12:02:34 GMT
server: cafe
content-length: 29127
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 17-Oct-2021 12:17:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 17 Oct 2021 12:02:34 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67F2 82 KB
28 KB 654ms
654ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=5763109876&adk=3050740921&adf=664719119&pi=t.ma~as.5763109876&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153407&bpp=1&bdt=227&idt=115&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YjahxH6MxG&p=https%3A//wallpaperscraft.ru&dtd=118

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb779a3df5de4166099cfa5c97e513eb3ba7cfe1b413831f7e34f139687f7373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=5763109876&adk=3050740921&adf=664719119&pi=t.ma~as.5763109876&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153407&bpp=1&bdt=227&idt=115&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YjahxH6MxG&p=https%3A//wallpaperscraft.ru&dtd=118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wallpaperscraft.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 17 Oct 2021 12:02:34 GMT
server: cafe
content-length: 28281
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 17-Oct-2021 12:17:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 17 Oct 2021 12:02:34 GMT
cache-control: private

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 23ms
23ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1709657024&t=pageview&_s=1&dl=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&ul=en-us&de=UTF-8&dt=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%201920x1080%20%D0%BC%D0%BB%D0%B5%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%BD%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B1%D0%BE%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D1%8B%2C%20%D0%BA%D0%BE%D1%81%D0%BC%D0%BE%D1%81%2C%20%D1%81%D0%B8%D1%8F%D0%BD%D0%B8%D0%B5%2C%20%D0%B1%D0%BB%D0%B5%D1%81%D0%BA%20%D0%BE%D0%B1%D0%BE%D0%B8%2C%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8%20full%20hd%2C%20hdtv%2C%20fhd%2C%201080p&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=224964064&gjid=128407638&cid=1896068962.1634472154&tid=UA-11053870-9&_gid=775063847.1634472154&_r=1&gtm=2ouad0&z=2002520008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wallpaperscraft.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Oct 2021 12:02:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wallpaperscraft.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F76 436 B
414 B 115ms
115ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8605304753&adk=539818386&adf=153992921&pi=t.ma~as.8605304753&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153408&bpp=1&bdt=228&idt=128&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=2704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RILnSFNAkb&p=https%3A//wallpaperscraft.ru&dtd=131

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45cd19d70b2890c44baaee4235c17e604784c7598d1f89a7714b2aea288d4104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8605304753&adk=539818386&adf=153992921&pi=t.ma~as.8605304753&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153408&bpp=1&bdt=228&idt=128&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=2704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RILnSFNAkb&p=https%3A//wallpaperscraft.ru&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wallpaperscraft.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 17 Oct 2021 12:02:33 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 17-Oct-2021 12:17:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 17 Oct 2021 12:02:33 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame D677 3 KB
676 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8106611308&adk=560805335&adf=2665882539&pi=t.ma~as.8106611308&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153406&bpp=1&bdt=226&idt=93&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&correlator=8571221566014&frm=20&pv=2&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fKFRvImXEN&p=https%3A//wallpaperscraft.ru&dtd=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Oct 2021 10:49:41 GMT
server: ESF
date: Sun, 17 Oct 2021 12:02:34 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 17 Oct 2021 12:02:34 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D677 2 KB
990 B 73ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 11:55:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame D677 18 KB
8 KB 62ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 11:41:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D677 3 KB
1 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 10:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 10:55:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D677 123 KB
38 KB 56ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Oct 2021 12:02:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D677 14 KB
6 KB 63ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 11:55:11 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame D677 27 KB
12 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 10:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 10:18:57 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D677 0
0 89ms
89ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBok02RBsYc7iIOyAjuwP75CxsAS2o_blZbWck5fjB9nZHhABIP2HkxZglfrwgYwHoAG1kYfqA8gBCakC9nXWm7F1sz6oAwHIA8sEqgSDAk_QsdcwFNUHSOnnkH5J06fd9fFbR7REecMGBfv86Jt27IyBDpFzLdwoe3ulV1mcsjjyAbW3xQstXwk6JnUecNaTlaW_PRonLBm-nWJ-hy80G4o1xADeCAvlG2KZ4nHxebToG9M7YLoRj1zpjv8iASXE3y8xgGnuaZS8gvDReOTjGd_T4FVgHNFisX4ZGhMJZxC2A9KQEyZCMfHOn75yN7u07zvFAAgjQT3kPcXMqUSAvSmOmpnC0iLfURshXYf0GkYNKRnit34-3GRqv9zDf7XMNCmjaR5nKqN4BpFqd3y236aK8JyFSwOTn8BG87AA7jt3pqL_l5gfSAHTg1YC9z8v65HABKa8rP3UAZIFBAgEGAGSBQQIBRgEoAYugAez7vgVqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBD-rQXSCAkIgOGAcBABGF-ACgHICwG4E4gn2BMNiBQF0BUBmBYBgBcBshccChoIABIUcHViLTgzNjg2NzA1Njc0MDc4NDAYAA&sigh=ajbfA5k2uMU&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=8106611308&adk=560805335&adf=2665882539&pi=t.ma~as.8106611308&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153406&bpp=1&bdt=226&idt=93&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&correlator=8571221566014&frm=20&pv=2&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fKFRvImXEN&p=https%3A//wallpaperscraft.ru&dtd=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 17 Oct 2021 12:02:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Oct 2021 12:02:34 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3607712546933017846/ Frame D677 5 KB
5 KB 65ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3607712546933017846/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

775a5f1f4984ee8dde3bdf9e74960da28fcde81ee93c79ae20e78178bc624034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 10:25:48 GMT
x-content-type-options: nosniff
age: 351406
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5144
x-xss-protection: 0
last-modified: Wed, 22 Aug 2018 08:31:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Oct 2022 10:25:48 GMT

GET
DATA 200
OK truncated
/ Frame D677 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 67F2 3 KB
653 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=5763109876&adk=3050740921&adf=664719119&pi=t.ma~as.5763109876&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153407&bpp=1&bdt=227&idt=115&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YjahxH6MxG&p=https%3A//wallpaperscraft.ru&dtd=118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Oct 2021 10:48:05 GMT
server: ESF
date: Sun, 17 Oct 2021 12:02:34 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 17 Oct 2021 12:02:34 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 67F2 2 KB
946 B 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 11:55:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 67F2 18 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 11:41:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 67F2 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 10:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 10:55:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67F2 123 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Oct 2021 12:02:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 67F2 14 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 11:55:11 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 67F2 27 KB
11 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 10:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 10:18:57 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 67F2 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CA3wl2RBsYdDcIdmw3gOJmYyQCZXoo4xhq-7SjIQM2dkeEAEg_YeTFmCV-vCBjAegAdXz-NIDyAEBqAMByAPLBKoEgAJP0C3no2YqKxm-H9-XMHqIURAAZ4C1aM-2RUggzztP47PZqe-2ZovtZzqwScN5mlk-_ZtpqfEc-7eoEb1x10OaBvmyQHsI0spj7Cd5KrZKAs-H3UpQr__rqfX_4FN10z-o7cZv6DZFdhhkWDQ53xHuIl806KH7pdk2IXXVFi1Bg4EUiEAevsLEjW9cd3lng6a33DnEZ1dikxTD9X26-dgM1CtQNlF2-hsbDYIYesBIS3yvV6HID1puVH8Nu9BZECiVFbPWnhlf-eForxNTGeUkuCr1SCeyh0FC3LS4NaseayztaHOtwoa-XGR0XmXADvO8j-EGqX5RQIKEwRrOLy41wAS4kp7BtAGSBQQIBBgBkgUECAUYBIAHk4yHLagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQhMYC0ggJCIDhgHAQARhfgAoByAsB2BMMiBQD0BUBmBYBgBcBshccChoIABIUcHViLTgzNjg2NzA1Njc0MDc4NDAYAA&sigh=9Kr9zIeeqLI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=5763109876&adk=3050740921&adf=664719119&pi=t.ma~as.5763109876&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153407&bpp=1&bdt=227&idt=115&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YjahxH6MxG&p=https%3A//wallpaperscraft.ru&dtd=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 17 Oct 2021 12:02:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Oct 2021 12:02:34 GMT

GET
DATA 200
OK truncated
/ Frame D677 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72cfd54a3b4f18ab7c7570cb803743b681983992bce96ce22b24a2c0236a1bfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A217 143 B
226 B 14ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=5763109876&adk=3050740921&adf=664719119&pi=t.ma~as.5763109876&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153407&bpp=1&bdt=227&idt=115&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YjahxH6MxG&p=https%3A//wallpaperscraft.ru&dtd=118
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlx5lnp1wpQip9zn8kNUJdFPglcmwsh8C8mSIsClqDPrYSzJuZdY2YB3skT9Vw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8368670567407840&output=html&h=90&slotname=5763109876&adk=3050740921&adf=664719119&pi=t.ma~as.5763109876&w=728&lmt=1634472153&psa=0&format=728x90&url=https%3A%2F%2Fwallpaperscraft.ru%2Fdownload%2Fmlechnyj_put_zvezdnoe_nebo_zvezdy_128523%2F1920x1080&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634472153407&bpp=1&bdt=227&idt=115&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8571221566014&frm=20&pv=1&ga_vid=1896068962.1634472154&ga_sid=1634472154&ga_hid=1709657024&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=516&ady=824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063118%2C31062525&oid=2&pvsid=2071942316061725&pem=725&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YjahxH6MxG&p=https%3A//wallpaperscraft.ru&dtd=118

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 17 Oct 2021 11:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 67F2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef0cc3d43c070dd1841a403919d62f10add46f37237970d9736261b0bea0c13b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D677 21 KB
22 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 490565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D677 21 KB
21 KB 44ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 495668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 67F2 21 KB
21 KB 32ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 495668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 67F2 21 KB
21 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 490565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H2 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 15B7 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 11:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 16 Oct 2022 11:46:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 64ms
28ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cc0976db6c125890afcd2b22d0d89ae4e828b205eaa88fbbc7305599071509c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Oct 2021 12:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8705
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A217
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

24ms
23ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlx5lnp1wpQip9zn8kNUJdFPglcmwsh8C8mSIsClqDPrYSzJuZdY2YB3skT9Vw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 17 Oct 2021 12:02:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 17-Oct-2021 13:02:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 17 Oct 2021 12:02:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 17 Oct 2021 12:02:34 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F30 35 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 11:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 16 Oct 2022 11:46:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 12:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 17 Oct 2021 12:02:34 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2B11 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wallpaperscraft.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 17 Oct 2021 11:38:16 GMT
expires: Mon, 17 Oct 2022 11:38:16 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8C7B 783 B
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e20197309e0f0d05f6b139db0074d4fa688776bb7b9f71b15d7af117d6629db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OhiCGrduGQFWGz1OmrZV3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wallpaperscraft.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 17 Oct 2021 12:02:34 GMT
date: Sun, 17 Oct 2021 12:02:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OhiCGrduGQFWGz1OmrZV3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8C7B 0
0 67ms
66ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=2071942316061725&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B11 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 11:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 16 Oct 2022 11:46:59 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 51ms
51ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=2071942316061725&bg=!QkGlQQXNAAao6lBpqOo7ACkAdvg8WgVvWeTOwLaEiz6_1sxIGTlVT3-w_XjkJX_u0bqVplKajUExLQIAAABMUgAAAAtoAQeZAqgqQps3xdHV4APf0-ko8W4UVu1n9G-sa0t367V8lyzAyZ8iFJ4QF1dwMNuKjnrjcD7xy5PTiNLmVgcjZ0C_amaHStpne_8hRYb2PUsYPl6_Sdu8imbzios22BtmxcX6zoY8nRg6Z3NERu1eNHtvRDgBhnothvS4RWw5FNrUoPkuABoWI1Wubpoi4x_SZ10OcWqciwHqeVjRRlJaeBI9dT5krsYKf-SYzkIBttjYOp-G4Qqzukn24cDd48mtQGE1OOo5Iw6t_e69m3dtwgpfMH0kqSY1bqhET_vHUk9g_u6fNEsQ0VVsx7s0RsE7A4R4PTdLOoiPeDNE5SZXwX-x5yX41KWFhIOBWphA8QqQ32FaYkaEHgx6h1W8_KomaANfyWFB1FwMTGjDyZcQmgmMbuHWQq2V3yCtNrPGyGdRN7JNd3hes0SfgMMvpFO0_PL8DahTXoQyumDLthmsBc3FvYCq72oaGnXWo7sH-CCgFMaFwB8MH-VQGTqphyzjPF9AN6Lwj5shN5g-TSm1Yk9RMyWrxs8sxuX6ju6V95Pc6tW0MgGnWI04MbW8M6RND_RTQ96T8aAb-N-wcWNThg44G2z2tMHqdL57VAVVXSAc0NIZo2QBGs63hHNAbKoh4tknDC8lb5Ic1N_1-CKyh-WeOMn6hUERrAYnYVeMSenakUfqntFrP-QAsjiGxSjcfOyn0a2dnV_Kt9uIcH9YAJwSj5uwpmK2wf4MrItFF3cnWvmZKhUjX8lv_0mRfspL4iCnKrkOeRrxpcrZawUXtE-1Q2QVbbymHyQrIArXq5TjJ7j8fugEecvWUzF2q53iVtD3B3WbwkWmO4zOZiFG8YNAgu060x8LUqusMTphJYAmWlsUVEHidKUiXTgv4gEYaTqXX7vDGAHzJk8BbA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wallpaperscraft.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Oct 2021 12:02:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D677 42 B
174 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwB4h0waiMr_CcydM3-UexdYkofUKPi8ODO7NIrYx8o_2tYhIvxwLmiw-NBW2ILiPXpEx5GDQi_ODuiBNCN5q3trRBREAGhYMMIIoDCe-Tj8vne70Xtw&sai=AMfl-YQTBHCXC67nMTW7VCtna_Z3undcHteqrU3WAUlTvJJOIzvSNTajtpT-SBwkk3ukJLGCTZ_OPbldyE1a&sig=Cg0ArKJSzBlGfAfb1PEKEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=560805335&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634472153513&rpt=776&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Oct 2021 12:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 67F2 42 B
108 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxAgZUjgc-tJEeDhjvwKp8UtwZft1tI72ksJQblFuJuh7nFp5cT-dCzaHTXtY9o0coiqI8xYDsF9mqzIkuW2Tn2pL5aEkt6kvI_G4C4nRMGa0KrKv6BA&sai=AMfl-YQv669ObAaML0nYtkeZC1_s14Etg5vYUwzWtE-8zJT85i2DwsakfnC0xj4uPfmonVptiFWmimi53WNf&sig=Cg0ArKJSzJZmVv2MNPSCEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3050740921&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634472153525&rpt=819&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Oct 2021 12:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wallpaperscraft.ru/	1970-01-20 15:32:24	Name: _ga Value: GA1.2.1896068962.1634472154
.wallpaperscraft.ru/	1970-01-19 22:02:38	Name: _gid Value: GA1.2.775063847.1634472154
.wallpaperscraft.ru/	1970-01-19 22:01:12	Name: _gat_gtag_UA_11053870_9 Value: 1
.wallpaperscraft.ru/	1970-01-20 07:22:48	Name: __gads Value: ID=bc5bcca5e92702fd-22ccad60f8ca004e:T=1634472153:RT=1634472153:S=ALNI_MYc5YIFXebkpaB3NTvIqj8RC2ELTw
.doubleclick.net/	1970-01-20 07:22:48	Name: IDE Value: AHWqTUlx5lnp1wpQip9zn8kNUJdFPglcmwsh8C8mSIsClqDPrYSzJuZdY2YB3skT9Vw
.doubleclick.net/	1970-01-19 22:01:15	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.wallpaperscraft.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
wallpaperscraft.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
116.202.13.109
142.250.185.98
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
78.47.94.157
0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0e20197309e0f0d05f6b139db0074d4fa688776bb7b9f71b15d7af117d6629db
11f4b7c7696d091a753e25ecb8727dc10aeb8c5b748fa57e8f2b1c1db9dca9c0
15ddfa17f5b517efa1f82854fd1d71ea119ff88c4cc39770f9ef6e7931bf5a16
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b720be578cfd4c17e4b78913b5521e87768b0a96b7ac4473344db2d744638e8
262379c0f0cc61f209bdcc0fdc0b66f7647c38f2ce1fce8a7e141e9875715cac
272956440b451a13b22e008eb7310bb065d99871f94aa9f2959f91a16b290e34
2b403df827bc35fb1424cea883bb798c2c5414db3fa03a21b7fd60648c9d1982
2da28f365bac1ce85da01fbbd78a6e829a942d585480b22ebcaa976d0e9f0729
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3cd0c9e3a81761774c3f9d91abf27476154535ad1d2f83ff8a2a52e43ca6a957
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
4252dd1e5b0de61056df63cdabd8851e65978561255ed91b2912c5da5a0f12d6
45cd19d70b2890c44baaee4235c17e604784c7598d1f89a7714b2aea288d4104
49666a995ec479f4e022f6497e6a555f6130730f1faa567205a23c4d819f3164
4aa462a1c6f177052f74bed319843b0cad53857a2923792653ec00d4c0d080e5
4e240dc29403116b2fe02dc85854c8b37d8ef261102443ce08574e69c373aade
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
59aea027b0086876f0fa757e52536219d69928cb197b23acfe9459dd981a9752
5a541ea9d80f2a91fb30ffdc9ebcab3937d2826cc2776016cdef975f549c78fa
5cfb477acd2de4aa80bbae237485639a62f0a5842923bf0977c17ea94c301592
5d169014e99791f2afc69e3db1f12e19e48bbb377e2210f8ad5f8ec1ef7d1403
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc0976db6c125890afcd2b22d0d89ae4e828b205eaa88fbbc7305599071509c
72cfd54a3b4f18ab7c7570cb803743b681983992bce96ce22b24a2c0236a1bfc
775a5f1f4984ee8dde3bdf9e74960da28fcde81ee93c79ae20e78178bc624034
80be88bc19416d6f0d05424d044b5b6a7cd17b43b338954231727ca0eb23dfbb
846c4f18fd520e71fc20ec54577b7224b0c71a9329be567316c5cff4ba35c815
87457c2c958ef1ff28bd8078976e685ac25ae6c6c549f8372faa5f5b2d87cfb0
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
933f753aa4317b75bfe693b56d9739fb86284294993fc07a0b118891522538f8
94b1ff4f9be887a62d7a56a3cbcc2008b3d659754e056874de5a5069aa2de011
9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a
a30cdea40295fbd3c16f9c9489d6699d5948f473870791b275cc850512995332
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ae16511ee81c42d13ac0182bc65405c2dbf0fb8aa8d11a770a562003cb41b682
b20c447b3d7f66aa1c71305e4a91983b14e3174c651ec6460e73a79e58a3bb3c
b2a30a97b1d376ad98dfb49983255b91732f553ccf51065c8269ed0e3ab8e8a2
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b90a2f4346704e2e489c63dcaf83684a31c8f8a64d787b1f3e640a27db6c41e6
bc749b3573a0b7602d54d55d65c13641b065daf32722d5eb01c2c7c704d56c7e
c17e457a2267cdd79c9459380ef0e28df3e9ac53154fd1b83fc9825b015fcbff
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cfca003f341b91fd09797efcb3cbebbd229a577d4cc6068d1f939d20b674ce82
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d82e8e930bb6daadb7ac4e27052841d2f0c73ff7941ecb9b211d0ec2af8c73eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82c0c88554cf4a389f2d99e14cfd6bec45ca7ea925b883feb5269ab068e07a8
ef0cc3d43c070dd1841a403919d62f10add46f37237970d9736261b0bea0c13b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38bee422aab1fae26d00b68043e1310ff018ade8a8b4d1ba33ceb07cfdaa37f
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f5b6751f76c7d5b71e16ef62042f37b40a435a271d92b006f1ec7a70cc6f4277
fb779a3df5de4166099cfa5c97e513eb3ba7cfe1b413831f7e34f139687f7373
fb82acd78e4f04a342f642293dcc3aecb0114d8928dd8f7a9d5f822853b043e4
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

wallpaperscraft.ru Open in urlscan Pro 116.202.13.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

79 %IPv6

11 Domains

15 Subdomains

15 IPs

2 Countries

2933 kBTransfer

3976 kBSize

6 Cookies

5 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wallpaperscraft.ru Open in urlscan Pro
116.202.13.109 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

2933 kB
Transfer

3976 kB
Size

6
Cookies

77 HTTP transactions
3 data transactions