hdwallsource.com Open in urlscan Pro
205.185.124.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hdwallsource.com/
Effective URL:
https://hdwallsource.com/
Submission Tags: falconsandbox
Submission: On February 13 via api (February 13th 2021, 10:19:53 am UTC) from US

Summary HTTP 85 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 85 HTTP transactions. The main IP is 205.185.124.2, located in San Jose, United States and belongs to PONYNET, US. The main domain is hdwallsource.com.
TLS certificate: Issued by R3 on January 3rd 2021. Valid for: 3 months.

This is the only time hdwallsource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	205.185.124.2 205.185.124.2	53667 (PONYNET) (PONYNET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
85	12

34 205.185.124.2 (San Jose, United States) 1 redirects

ASN53667 (PONYNET, US)
PTR: bones.hdwallsource.com

www.hdwallsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hdwallsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	hdwallsource.com 1 redirects www.hdwallsource.com hdwallsource.com	389 KB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	342 KB
7	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	43 KB
3	google.com 1 redirects apis.google.com adservice.google.com www.google.com	21 KB
2	googletagservices.com www.googletagservices.com	61 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	63 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	33 KB
1	2mdn.net s0.2mdn.net	48 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	645 B
85	11

	Domain	Requested by
32	hdwallsource.com	hdwallsource.com
26	tpc.googlesyndication.com	hdwallsource.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com hdwallsource.com googleads.g.doubleclick.net
6	pagead2.googlesyndication.com	hdwallsource.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	hdwallsource.com www.google-analytics.com
2	connect.facebook.net	hdwallsource.com connect.facebook.net
2	www.hdwallsource.com	1 redirects hdwallsource.com
1	www.google.com	1 redirects
1	s0.2mdn.net	tpc.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	hdwallsource.com
1	apis.google.com	hdwallsource.com
1	ajax.googleapis.com	hdwallsource.com
85	17

This site contains links to these domains. Also see Links.

Domain
blog.hdwallsource.com
www.facebook.com
www.instagram.com
pickywallpapers.com
www.cornerroots.com

Subject Issuer	Validity	Valid
*.hdwallsource.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://hdwallsource.com/
Frame ID: 49FAE2F722F57163E8124ED755447C55
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 251D82AE5FF298993867D5538F631CCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&adk=1812271804&adf=3025194257&lmt=1613211573&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhdwallsource.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613211573104&bpp=13&bdt=399&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8052970738834&frm=20&pv=2&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=109
Frame ID: E1B69F109CD82598CB20152E5775F6F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
Frame ID: 9B7F69B8CA8170FF3BFA3AA3E03BB79E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html
Frame ID: 14E43C029A6E0BD085F683246E285D9B
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C67cJtacnYNzQD46iZ42qkIgHm7Kxi2H88Imojw2pv8KEihsQASC43IYcYJUCoAH02syZA8gBCakCJ3WFmbRVtD6oAwHIA0iqBMABT9BMQpPdT6BgcH-DtUhYpcDvncDj9uvTC2_WQsB-idoHEJngqpS-K1AMzwxKKyRnFXJvFIhSpu-szn1KkpSrhQQMEFwhU48aQn8tPW5k0JbhjCpeP1XMJ9x_nbj-JL1OeFsjeFhA07DEhtLnD6bqTyJLgjAtdB93tSG3Ze7EpiryjOJGf5UtNubNOqb22UPeSCUpVWefhGCT-ieItaT4gP25hTm26BbnZZp9Fzo2CrNz0YWIiCSdZ9rOF-1ayqs0wAT9_r-IiQOSBQQIBBgBkgUECAUYBKAGLoAH9KSzZqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD9uAbSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItNTY1MzQxMTgyMDc3ODk0Mg&sigh=UXKWuVUVbR0&template_id=419&tpd=AGWhJmvPsTy--I8hYBxAT9xO0RQiwRMgDdQdJ2zMw9qtIvwQ_A
Frame ID: 7C83D2687C2E24CCCFB82BBFC3BBE9B3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 91AC7226F1A431AAE273D22C8EAD0124
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9879D2657B1F8A81C086DC6667CC84C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.hdwallsource.com/ HTTP 302
https://hdwallsource.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

85
Requests

100 %
HTTPS

83 %
IPv6

11
Domains

17
Subdomains

12
IPs

3
Countries

1018 kB
Transfer

2046 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.hdwallsource.com/
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.facebook.com/HDWallSource
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/HDWallSource
Title: Instagram

Search URL Search Domain Scan URL

URL: http://pickywallpapers.com/
Title: Picky Wallpapers

Search URL Search Domain Scan URL

URL: https://www.cornerroots.com/
Title: CornerRoots

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hdwallsource.com/ HTTP 302
https://hdwallsource.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
hdwallsource.com/
Redirect Chain

http://www.hdwallsource.com/
https://hdwallsource.com/

40 KB
9 KB

2012ms
1689ms

Document
text/html

205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: ed9a6593887a2634a24192083f72890ef3f284c4ff946100ad70c3562ea79274

Request headers

Host: hdwallsource.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:31 GMT
Server: Apache
cache-control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: session_payload=a9741bd37f5545e642d860b427f2f22c2e615e56%2BZ%2F8U9mxltrTiazEJ2GTMzMAAnZYpYEk570%2Bi2Bzyk4%2BiavZOngrOwWuhABVqKsUY%2B9IphaUcrN%2Fsk27E8vX0aCUmwGovbBFNfG%2BR54NPfcRcd5HBflyfK%2BsrGbbTZ4PjnxkUb61USscenr%2FYa8gtgJDtjsDpbhWynOtwo9bvUuEqhhD2rx5cAK1M0Vi1x8TJJguwj9xVlaiIdMKKlSKP1nGrr1SQi4KM%2BTqreSTaGnqv8A4hh63IEHoE3M3%2BttuWn80HZPFZ5UJSPEwANp6r%2BbnrXxWA9fW%2BJ15Bz5bxZvxd4prXfS1DX5scQt%2BERPML4YeLriqbr%2BQ5QaArCu5INA%3D%3D; expires=Sat, 13-Feb-2021 11:19:32 GMT; Max-Age=3600; path=/; httponly laravel_session=a279f35ded0c60a738dce1295655aaca766d65fb%2BiwlkFZE0m2CqHOcPhooPM86cUKzYFUWTfzlb71Ud; expires=Sat, 13-Feb-2021 11:19:32 GMT; Max-Age=3600; path=/; httponly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 13 Feb 2021 10:19:30 GMT
Server: Apache
Location: https://hdwallsource.com/
Cache-Control: max-age=43200
Expires: Sat, 13 Feb 2021 22:19:30 GMT
Content-Length: 209
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK primary.css
hdwallsource.com/css/ 22 KB
5 KB 172ms
164ms Stylesheet
text/css 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdwallsource.com/css/primary.css
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: d8f1fae9228f29ec11da803013644c3f2cdaf7018baa7febca9ca8e3645acf6d

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 22:00:30 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4753
Expires: Mon, 15 Mar 2021 10:19:32 GMT

GET
H/1.1 200
OK wall.css
hdwallsource.com/css/ 36 KB
7 KB 337ms
164ms Stylesheet
text/css 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdwallsource.com/css/wall.css
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 6b61e78da1681c85ab7e4e533822e0fe055e2b2f1bb39200155a9d3be1c698aa

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Aug 2019 15:30:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7119
Expires: Mon, 15 Mar 2021 10:19:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: hdwallsource.com
URL: https://hdwallsource.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 09:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4723
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Feb 2022 09:00:49 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 49 KB
19 KB 52ms
33ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: hdwallsource.com
URL: https://hdwallsource.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4bb92c67b29e30733781f22f6339360707bbbb6319672825d6b6e0684fa3a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hFH04U1VmPzj1nyhkDJXnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "3641adac83d1f8afc319b089eeb0322c"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-hFH04U1VmPzj1nyhkDJXnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 13 Feb 2021 10:19:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 57ms
37ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hdwallsource.com
URL: https://hdwallsource.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a3ae6bfa989d3fd7e015d572fcb4bc5c096bbdc9670fd4b7456846199901baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48421
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Feb 2021 10:19:32 GMT

GET
H/1.1 200
OK header-logo.png
hdwallsource.com/img/ 4 KB
4 KB 150ms
150ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/header-logo.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 4171016fb1b42789f9bed8d1217a2de5a8db10eddf6337d06ae5985d25f65de0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Sat, 07 Jul 2018 17:15:56 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3613
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK hdwspopupform.jpg
hdwallsource.com/images/ 15 KB
15 KB 160ms
160ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/images/hdwspopupform.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 7056399efc75e290c1573c1e969d812778c16745cb9457ed7dfc8a632b0ac736

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Fri, 02 Jun 2017 03:48:27 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 15332
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK supreme-logo-hd-wallpaper-73565-76214-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/4/thumb/ 5 KB
6 KB 164ms
159ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/4/thumb/supreme-logo-hd-wallpaper-73565-76214-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: cf66ab783d1832e8993d93d45a6c0f24f670cb7780ecabb97803170ae0c93804

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Thu, 11 Feb 2021 16:11:59 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5533
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK supreme-background-wallpaper-73566-76215-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/4/thumb/ 16 KB
16 KB 903ms
148ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/4/thumb/supreme-background-wallpaper-73566-76215-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: e365dc5ac838c5b89dad502d5b1409d35cb960e0796cafe5808fc28e4a83f555

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Thu, 11 Feb 2021 16:12:28 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16057
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-2-gameplay-wallpaper-73561-76204-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 16 KB
17 KB 910ms
153ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-2-gameplay-wallpaper-73561-76204-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: e6964c67d6d588a104914e781bf13519792c1aaef9d58c7905789b00cb6abb9e

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:04:43 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16716
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK nismo-logo-hd-wallpaper-73564-76208-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 7 KB
7 KB 957ms
159ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/nismo-logo-hd-wallpaper-73564-76208-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 9e5ea50d6dbfbe7abd93159e6ffb2f4d7a6321c2fb430d2393a0ca85a636e5db

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:06:43 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6677
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-2-hd-wallpaper-73557-76200-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 21 KB
21 KB 606ms
148ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-2-hd-wallpaper-73557-76200-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: fd1f9ceb8d781546284cff8da37390d2da2b00bb6c8c5db019b434e65d92be93

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:01:38 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21345
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-2-photos-wallpaper-73563-76206-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 19 KB
19 KB 549ms
151ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-2-photos-wallpaper-73563-76206-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 54b31be1be4ae9334092d61b96eb948762c26bf48ade9d42405b666537420302

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:05:33 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19191
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-2-computer-wallpaper-73559-76202-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 21 KB
22 KB 548ms
148ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-2-computer-wallpaper-73559-76202-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 986327dd1db599d7f60d5da49cec8944935a37c5507b72903d9c6217a233e1df

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:02:25 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21809
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK nismo-logo-wallpaper-73563-76207-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 5 KB
5 KB 761ms
149ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/nismo-logo-wallpaper-73563-76207-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: bab9d5d43d512871da68d89e9663d40d8cbde887c231150eacb46b707afe5fbb

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:06:23 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4705
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-2-wallpaper-73560-76203-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 19 KB
20 KB 692ms
148ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-2-wallpaper-73560-76203-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: f38483b82d83d076a2eec0b46db9867c73d2e63e6381b70b842db9cbd1108826

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:04:21 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19784
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-2-wallpaper-73556-76199-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 13 KB
14 KB 416ms
162ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-2-wallpaper-73556-76199-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: a1ed04f3951d56500133fb6dffc0ecebcf8687084daaddeb57bfb45460595f38

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:01:18 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 13644
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-wallpaper-73562-76205-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 12 KB
12 KB 415ms
161ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-wallpaper-73562-76205-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 6a3eb557e0a095e92f28e48455d07c5baeb2670ec21fa9aa61830b2067c314f6

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:05:08 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12268
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK spice-and-wolf-vr-2-game-wallpaper-73558-76201-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/6/thumb/ 28 KB
28 KB 582ms
162ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/6/thumb/spice-and-wolf-vr-2-game-wallpaper-73558-76201-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: df7cabf43aa0523a0fb82bbd796766cf372242bb16b925986b2a2b5dbc2cea32

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 18:02:00 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 28299
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK flatland-prologue-gameplay-wallpaper-73537-76179-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 9 KB
9 KB 541ms
149ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/flatland-prologue-gameplay-wallpaper-73537-76179-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 5d010818a732dd0c89008ffdd663327f7ba40c7068e276360bff6f3bd5cf964b

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 17:47:59 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8823
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK flatland-prologue-wallpaper-73535-76177-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 7 KB
8 KB 752ms
164ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/flatland-prologue-wallpaper-73535-76177-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: a50c8433260d678c8ed2b37aed832503f2483552a5d2f6f8eecbb158e7c5ac33

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 17:46:53 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 7376
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK pokerstars-vr-gameplay-wallpaper-73549-76192-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 17 KB
17 KB 583ms
162ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/pokerstars-vr-gameplay-wallpaper-73549-76192-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 1a3194751129172219e963dae5fd56f9782067529d64f1d115b9dc6d3fd15cf4

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 17:54:52 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 17381
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK pokerstars-vr-gameplay-wallpaper-73541-76184-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 16 KB
16 KB 160ms
160ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/pokerstars-vr-gameplay-wallpaper-73541-76184-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 74633d019b80037d9a658d6e939463ec4ca71c2b966bbe03580c5e1db173e40e

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 17:51:51 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 16407
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK pokerstars-vr-video-game-wallpaper-73546-76189-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 24 KB
24 KB 150ms
149ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/pokerstars-vr-video-game-wallpaper-73546-76189-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 5a28c93a161296d321bbc6a7227d3722442a99c5841a56969820b33a24a3c637

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Wed, 10 Feb 2021 17:53:47 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 24567
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK pokerstars-vr-hd-wallpaper-73553-76196-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 17 KB
17 KB 149ms
149ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/pokerstars-vr-hd-wallpaper-73553-76196-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: b6afdc81c71566f3d8df7cb355702d7b517026c433add1fee5cc6e6ea3320154

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:34 GMT
Last-Modified: Wed, 10 Feb 2021 17:58:46 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17337
Expires: Sun, 13 Feb 2022 10:19:34 GMT

GET
H/1.1 200
OK flatland-prologue-desktop-wallpaper-73532-76174-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 7 KB
7 KB 147ms
147ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/flatland-prologue-desktop-wallpaper-73532-76174-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 4a0b22979d02a8118999bdbee62bce1aec1472f11533961bd7b8c9fd936535b5

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:34 GMT
Last-Modified: Wed, 10 Feb 2021 17:45:44 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7221
Expires: Sun, 13 Feb 2022 10:19:34 GMT

GET
H/1.1 200
OK flatland-prologue-wallpaper-73530-76172-hd-wallpapers-thumb.jpg
hdwallsource.com/img/2021/5/thumb/ 5 KB
6 KB 150ms
150ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/2021/5/thumb/flatland-prologue-wallpaper-73530-76172-hd-wallpapers-thumb.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 175a3f319c764675a52115d92326887ab2750f394fd71066e9c9574e6546a44d

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:34 GMT
Last-Modified: Wed, 10 Feb 2021 17:44:43 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5453
Expires: Sun, 13 Feb 2022 10:19:34 GMT

GET
H/1.1 200
OK icon_heart.png
www.hdwallsource.com/images/ 223 B
538 B 481ms
159ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hdwallsource.com/images/icon_heart.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: f7e1e8c17edae21667b9e0a7c066b8d8d94c2862ac3b15bbf7063a209a5e9b4c

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Fri, 02 Jun 2017 03:48:28 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 223
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 34ms
15ms Stylesheet
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Open%20+%20Sans:400,%20700,%20800,%20300
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: hdwallsource.com
URL: https://hdwallsource.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e89461d36a62b856b320f2e53cc0bd90bded17dda07949a3b239c34099737e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qV0pj2E/Dv4nM3YCgYk1Kw==
cross-origin-resource-policy: cross-origin
expires: Sat, 13 Feb 2021 10:34:26 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: TT1WvioceHRvdeTQVfaee7KZ2LzJjkgJ0rAi0FjSHiPdjSyfD5OYLbO5mWEGbNXdow4o0Qt1StTLrQTn1n3p2g==
x-fb-trip-id: 917726464
x-fb-content-md5: e7675f1accb5262e39b1c87555a549a7
date: Sat, 13 Feb 2021 10:19:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "deef6a94541ed89672b1a995b1d829b7"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK drop_down_arrow.png
hdwallsource.com/img/ 100 B
415 B 437ms
152ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/drop_down_arrow.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 0fefe57cc4c4889eae7d6bd372e0faf72f03b5d4f5eef0a56132135aaecd4ba1

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Fri, 02 Jun 2017 03:45:24 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 100
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK hdwallsource-banner-image.jpg
hdwallsource.com/img/ 54 KB
54 KB 233ms
157ms Image
image/jpeg 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/hdwallsource-banner-image.jpg
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 1a5625e564a5fafb3310cdf390b03b5aa107bac3fdb8f3ca01f6c35e86253314

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Mon, 28 Dec 2020 20:40:36 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 55382
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK banner-overlay.png
hdwallsource.com/img/ 228 B
543 B 433ms
149ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/banner-overlay.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: e57b75bbe022c538705e5ecec4cd63ab1ea2b16f59a758fa561c21b91a665cd9

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Tue, 25 Mar 2014 04:41:08 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 228
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK icon_facebook.png
hdwallsource.com/img/ 385 B
700 B 439ms
149ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/icon_facebook.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 29154a28a8925bd0994c36c76595d2c4f1edd831dcb439b911832b269a77f19e

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Fri, 02 Jun 2017 03:45:29 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 385
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK icon_instagram.png
hdwallsource.com/img/ 366 B
680 B 297ms
170ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/icon_instagram.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 237d9de33d1ebe849dacbeb9d619613abe3843d0a4bc64eca0d1073b0a687a02

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Sun, 15 Jul 2018 18:59:04 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 366
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H/1.1 200
OK icon_up_arrow.png
hdwallsource.com/img/ 228 B
542 B 296ms
159ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/icon_up_arrow.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: 18439577c1db4a5861b1456aece85949df06dc19cc8a6d30bb8bdf106e0f535c

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:33 GMT
Last-Modified: Fri, 02 Jun 2017 03:45:32 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 228
Expires: Sun, 13 Feb 2022 10:19:33 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/ 226 KB
85 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dd0f99522a8917891c81455399e06fe7f18f2c7e07598478552520240e5bd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86804
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Feb 2021 10:19:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 251D 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hdwallsource.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hdwallsource.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Feb 2021 05:49:25 GMT
expires: Sat, 27 Feb 2021 05:49:25 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 16208
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK icon_right_arrow.png
hdwallsource.com/img/ 367 B
681 B 160ms
160ms Image
image/png 205.185.124.2
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdwallsource.com/img/icon_right_arrow.png
Requested by: Host: hdwallsource.com
URL: https://hdwallsource.com/css/primary.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.124.2 San Jose, United States, ASN53667 (PONYNET, US),
Reverse DNS: bones.hdwallsource.com
Software: Apache /
Resource Hash: ccbec3f52bcdc14cd87592288c0d833d9bd800e55dba79ea4b37650cb22ba26b

Request headers

Referer: https://hdwallsource.com/css/primary.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 10:19:34 GMT
Last-Modified: Fri, 02 Jun 2017 03:45:31 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 367
Expires: Sun, 13 Feb 2022 10:19:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hdwallsource.com
URL: https://hdwallsource.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3266
date: Sat, 13 Feb 2021 09:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 13 Feb 2021 11:25:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
60 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cbe92090a838cc21455b8c77776837c1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

519412738fbe95e8e7f578ba489d94ce7502307ad1b7d657b434b377e02f6ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://hdwallsource.com
Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: h6nrBBu74XQ6Cjdv3n7vtA==
cross-origin-resource-policy: cross-origin
expires: Sun, 13 Feb 2022 08:50:17 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60953
x-fb-rlafr: 0
x-fb-debug: HtYwj3gJRA2D2rbZoa2FZVCDNnNySnYWu8gmp5NHZo0+7MXyszTyPaUC1ll72G3FQlPHqyO3cqDoWlo9YB78Gg==
x-fb-trip-id: 917726464
x-fb-content-md5: de127af4ad408251083951c1e5daa224
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 13 Feb 2021 10:19:33 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1c521da6cc7da68346a52634db119d38"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
645 B 116ms
58ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hdwallsource.com&callback=_gfp_s_&client=ca-pub-5653411820778942

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

22c4af5b897c7c87d9353a89b00fb4b64a9bd46517f729d5aa90ab96c438fffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 49ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hdwallsource.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Feb 2021 10:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 49ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hdwallsource.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Feb 2021 10:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1B6 54 B
834 B 95ms
95ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&adk=1812271804&adf=3025194257&lmt=1613211573&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhdwallsource.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613211573104&bpp=13&bdt=399&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8052970738834&frm=20&pv=2&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=109

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&adk=1812271804&adf=3025194257&lmt=1613211573&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhdwallsource.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613211573104&bpp=13&bdt=399&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8052970738834&frm=20&pv=2&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hdwallsource.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hdwallsource.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Feb 2021 10:19:33 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 13-Feb-2021 10:34:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 13 Feb 2021 10:19:33 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Sat, 13 Feb 2021 10:19:33 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B7F 112 KB
36 KB 686ms
685ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04e4726130c1bb81f822aad461f745214d952ffc64c070574c7c17a67550eb6d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJz_lbbR5u4CFQ7RGQodDRUEcQ&gqi=tacnYKmfD5TVYqOJpoAH&layout=/sadbundle/%24csp%253Der3%24/14120992840229899163/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hdwallsource.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hdwallsource.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJz_lbbR5u4CFQ7RGQodDRUEcQ&gqi=tacnYKmfD5TVYqOJpoAH&layout=/sadbundle/%24csp%253Der3%24/14120992840229899163/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Feb 2021 10:19:33 GMT
server: cafe
content-length: 36644
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 13-Feb-2021 10:34:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 13 Feb 2021 10:19:33 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
390 B 40ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=828602950&t=pageview&_s=1&dl=https%3A%2F%2Fhdwallsource.com%2F&ul=en-us&de=UTF-8&dt=Fantastic%20HD%20Wallpapers%2C%20Background%20Images%20%7C%204K%20Wallpapers%20for%20Desktop%20%26%20Mobiles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=2050642052&gjid=2080111370&cid=1736364909.1613211573&tid=UA-46528203-1&_gid=180706635.1613211573&_r=1&_slc=1&z=534863329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 10:19:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdwallsource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-46528203-1&cid=1736364909.1613211573&jid=2050642052&gjid=2080111370&_gid=180706635.1613211573&_u=IAhAAEAAAAAAAC~&z=1994029037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 13 Feb 2021 10:19:33 GMT
content-type: text/plain
access-control-allow-origin: https://hdwallsource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/ Frame 14E4 3 KB
3 KB 35ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html

Requested by

Host: hdwallsource.com
URL: https://hdwallsource.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86cd6f0299b02a120684398ac8cde42cbed673bcf64dfca2561575eccf96e72f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/14120992840229899163/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
date: Thu, 11 Feb 2021 19:42:40 GMT
expires: Fri, 11 Feb 2022 19:42:40 GMT
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 139013
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7C83 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C67cJtacnYNzQD46iZ42qkIgHm7Kxi2H88Imojw2pv8KEihsQASC43IYcYJUCoAH02syZA8gBCakCJ3WFmbRVtD6oAwHIA0iqBMABT9BMQpPdT6BgcH-DtUhYpcDvncDj9uvTC2_WQsB-idoHEJngqpS-K1AMzwxKKyRnFXJvFIhSpu-szn1KkpSrhQQMEFwhU48aQn8tPW5k0JbhjCpeP1XMJ9x_nbj-JL1OeFsjeFhA07DEhtLnD6bqTyJLgjAtdB93tSG3Ze7EpiryjOJGf5UtNubNOqb22UPeSCUpVWefhGCT-ieItaT4gP25hTm26BbnZZp9Fzo2CrNz0YWIiCSdZ9rOF-1ayqs0wAT9_r-IiQOSBQQIBBgBkgUECAUYBKAGLoAH9KSzZqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD9uAbSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItNTY1MzQxMTgyMDc3ODk0Mg&sigh=UXKWuVUVbR0&template_id=419&tpd=AGWhJmvPsTy--I8hYBxAT9xO0RQiwRMgDdQdJ2zMw9qtIvwQ_A

Requested by

Host: hdwallsource.com
URL: https://hdwallsource.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 13 Feb 2021 10:19:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Feb 2021 10:19:33 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 7C83 18 KB
7 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 10:08:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 7C83 3 KB
2 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 10:03:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C83 107 KB
33 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Sat, 13 Feb 2021 10:19:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 7C83 14 KB
7 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 10:05:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 91AC 143 B
226 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5653411820778942&output=html&h=280&slotname=4249457012&adk=4288539392&adf=2622109426&pi=t.ma~as.4249457012&w=728&fwrn=4&fwrnh=100&lmt=1613211573&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fhdwallsource.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613211573135&bpp=5&bdt=430&idt=85&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052970738834&frm=20&pv=1&ga_vid=1736364909.1613211573&ga_sid=1613211573&ga_hid=828602950&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=1421224490034426&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=jMpXabGDFD&p=https%3A//hdwallsource.com&dtd=92

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Feb 2021 09:23:05 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3388
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7C83 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba9c85cfcfbac7b132311a15db892ac74cd17f9b8a7e636487f547dfba7e9ae1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 14E4 9 KB
3 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 05:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 14 Feb 2021 05:56:13 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 14E4 22 KB
9 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 22:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 13 Feb 2021 22:10:28 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 14E4 186 KB
48 KB 45ms
13ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 10:19:34 GMT

GET
H3-Q050 200 970x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/ Frame 14E4 85 KB
13 KB 26ms
17ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/970x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae2b3702e2a51d00d8b6d71b2457adbbc931df0098e567b4355c0f11c96837d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 139013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12058
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:41 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 91AC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
162 B

40ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk7j8lQevt_4RF7ZTBfvDnLW0-zevFvSG0m5cxvtbZ9bW840TphVn4-bmbz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Feb 2021 10:19:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 13-Feb-2021 11:19:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 13 Feb 2021 10:19:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Feb 2021 10:19:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/CTA.png?1607440627338

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166546432362a275af899542d876583bb41224b2c13cdf399bb1871edff5c5ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:42 GMT

GET
H2 200 wSDlzm44Tw92KsZzdz8Ism0icNLDPdmXdQGqhtcdkOM.js Show response
pagead2.googlesyndication.com/bg/ Frame 14E4 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wSDlzm44Tw92KsZzdz8Ism0icNLDPdmXdQGqhtcdkOM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c120e5ce6e384f0f762ac673773f08b26d2270d2c33dd9977501aa86d71d90e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 67088
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6268
x-xss-protection: 0
expires: Sat, 12 Feb 2022 15:41:26 GMT

GET
H3-Q050 200 CTA_blanc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/CTA_blanc.png?1607440627338

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

868295bb1ecfe7de3f367b2836344af8ca73478c6b5fa70591572fb29c50eda9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:43 GMT

GET
H3-Q050 200 logo1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/logo1.png?1607440627338

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d50d00c4738db2e3744ec44d948362eac945b8f958e0094ec71ab9ad6e9c448

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:43 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 55ms
41ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aaf87943717b4cd1131409c2effa3c06224e96fa1aaef899acd56fb10209857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Feb 2021 10:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6537
x-xss-protection: 0

GET
H3-Q050 200 logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 1 KB
1 KB 8ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/logo2.png?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b6ec53515b953bbff9ea96a60b97745b030ac091126917f4cda407ab98ee2c9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1422
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:43 GMT

GET
H3-Q050 200 tableau1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 15 KB
15 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau1.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7551a858fe76234c54c69dbecee02fab2bd31ef2a3de1f9a7f1d15fa54ed0b66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 107088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15673
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Fri, 12 Feb 2021 04:34:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:34:46 GMT

GET
H3-Q050 200 tableau10.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 33 KB
33 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau10.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc355d7d52b9b712f88e6e4142f729dd29f946b81a0054926ed97dfcdc1bf0c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33378
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 tableau2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 19 KB
19 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau2.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa499ff4ba1b9bad1be1a4a6fe3527d487897cfa4aba3db7d930272f17b7a26a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19080
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 10:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 13 Feb 2021 10:19:34 GMT

GET
H3-Q050 200 tableau3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 7 KB
7 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau3.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b3d91c90f14fdb7cc9307b363a77a859bbe6c55edae87d6e5604d4bd5118c52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7465
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 tableau4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 5 KB
6 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau4.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39be389adf8d58efa1896ebdb2c6e4a24ceb50c666fc73e2ab2f3b55433a9d0c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5112
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9879 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hdwallsource.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hdwallsource.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 13 Feb 2021 10:01:54 GMT
expires: Sun, 13 Feb 2022 10:01:54 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1060
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 tableau5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau5.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb6343cf6b0259bf7980f13c8d6b7aec22787e269f02e79f67ff9232d8d826a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4006
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 tableau6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 18 KB
18 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau6.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df0ca7fc3a27a1455577229c3d03a0cd6037954539ec403515f70c75f32efd54

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18456
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 dfZxd03ctMAtOzJA0awyJ9FYXT3-SPE4vneR-Lkp6e0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9879 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dfZxd03ctMAtOzJA0awyJ9FYXT3-SPE4vneR-Lkp6e0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f671774ddcb4c02d3b3240d1ac3227d1585d3dfe48f138be7791f8b929e9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 10:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 171086
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6227
x-xss-protection: 0
expires: Fri, 11 Feb 2022 10:48:08 GMT

GET
H3-Q050 200 tableau7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau7.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bbe7b17924cea5a310139b17b89f434a664e1921566dfc7cf2b3627e496568

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8171
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 tableau8.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 5 KB
5 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau8.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f3f5a9f9af6eac95e29484050e568d516f50ba1999c49d06bbb3d753492f38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 107088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4915
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Fri, 12 Feb 2021 04:34:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:34:46 GMT

GET
H3-Q050 200 tableau9.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 4 KB
4 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau9.jpg?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbffbe1b980722af33cb630f70cf0c484aa1ffc4be4b58559d7c9afa6adc96ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4138
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 txt1_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/txt1_1.png?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74d986f56c5ee88c038417c10d626e8e6ba182100c06a603c7c296cd69da328f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3038
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:49 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:49 GMT

GET
H3-Q050 200 txt1_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 4 KB
4 KB 9ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/txt1_2.png?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ed69fe012de9255a0662c46691693c154011e9042e1adf56759921a1f4a38e9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4437
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:50 GMT

GET
H3-Q050 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 14E4 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/txt2.png?1607440627338

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb853fa9d5b000b500c0e2e7c6968d2cc6c80897f9d671a8abd3a1a00e13fb4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:19 GMT
server: sffe
date: Thu, 11 Feb 2021 19:42:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:42:50 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
175 B 39ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=1421224490034426&bg=!zc6lzo3NAAXRs2QT0TsAKQB2-DxaRK8P2Hh0jY8H76KCEacYPVwlUcnLOncBl8rdq5Y_yMeB1zsCAgAAAIZSAAAAD2gBBwoAgPy0Jrt2wPvgT-ACRY8-zjdhpwFXd1T9SJOheuee6JDfdAkfznYkLEJnfskYNguELWnG_bqygBQDgHWg3fIn4jtYxAEiW1tbqPNRkrJAbZZFGfIiEIYt0t51s7d5wKAE-9RB2x6AdmGV4KgcoPe6CME11_VRAxsCFJokNQmXSmSOmQHMUiw7nwz6ed0KLw16tceoREJghh4xI2zEpLpZ2Ic0B0OZw-xIpPTAwpXJ33j5oW07H0m-i-_9QY-vif3MjJkOIonTLkaCp9g4dhQjb9KHRECvKqxlbPQizDtuamQz9GW0j2gnSRa8ChoukNkuJ35dhRI1J1Dw21SBuyLsHU7PnfdxsSre_r0XJ2zQBhlLMv5Nm3BoSkoTr-eTsQxu-BI0WAuSaa0qkbALNkLgWMkk6MSkGf7I4Op0Ma1wazLJeSrYNqnSRe6IN76C1M2Uyqrl4ix7NPV8NxITOI6i8mFN5AAotjGTiOv-6XIyzMBdi1JtDy2JFYBwwgthT6u-y0PYokh_L1B_1-OfPpSmzg8nDwEyvqSPndy3L1NOxRe0VUPjPPcMD792hLhLmuSoxvTL5ed-Vc-aWDiFdF7JUHpnZeTf4cy66ueU0WP5ofBcGFVICvJnAO2wgQqEJXSDIjiI3cCNEKUbUstNjTw5FzmH37pgcqLSNnEQR22zDi6a_1RmCwZm2WhSXO0_98X8mlZwfZWSY04FKr5el6TQaIamTA1W1vbVeMmFSZigTdlUgiP6tB8eBOSFR9Gzej96WmbNo_TxAtt1sY0zUuxHIA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdwallsource.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Feb 2021 10:19:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 16:06:55	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-20 01:28:27	Name: IDE Value: AHWqTUk7j8lQevt_4RF7ZTBfvDnLW0-zevFvSG0m5cxvtbZ9bW840TphVn4-bmbz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
hdwallsource.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.hdwallsource.com
142.250.186.66
205.185.124.2
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2004
2a00:1450:400c:c04::9a
2a03:2880:f02d:12:face:b00c:0:3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04e4726130c1bb81f822aad461f745214d952ffc64c070574c7c17a67550eb6d
0b6ec53515b953bbff9ea96a60b97745b030ac091126917f4cda407ab98ee2c9
0fefe57cc4c4889eae7d6bd372e0faf72f03b5d4f5eef0a56132135aaecd4ba1
166546432362a275af899542d876583bb41224b2c13cdf399bb1871edff5c5ab
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
175a3f319c764675a52115d92326887ab2750f394fd71066e9c9574e6546a44d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18439577c1db4a5861b1456aece85949df06dc19cc8a6d30bb8bdf106e0f535c
1a3194751129172219e963dae5fd56f9782067529d64f1d115b9dc6d3fd15cf4
1a5625e564a5fafb3310cdf390b03b5aa107bac3fdb8f3ca01f6c35e86253314
1b3d91c90f14fdb7cc9307b363a77a859bbe6c55edae87d6e5604d4bd5118c52
1c4bb92c67b29e30733781f22f6339360707bbbb6319672825d6b6e0684fa3a9
1d50d00c4738db2e3744ec44d948362eac945b8f958e0094ec71ab9ad6e9c448
22c4af5b897c7c87d9353a89b00fb4b64a9bd46517f729d5aa90ab96c438fffe
237d9de33d1ebe849dacbeb9d619613abe3843d0a4bc64eca0d1073b0a687a02
29154a28a8925bd0994c36c76595d2c4f1edd831dcb439b911832b269a77f19e
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
39be389adf8d58efa1896ebdb2c6e4a24ceb50c666fc73e2ab2f3b55433a9d0c
3aaf87943717b4cd1131409c2effa3c06224e96fa1aaef899acd56fb10209857
3dd0f99522a8917891c81455399e06fe7f18f2c7e07598478552520240e5bd95
4171016fb1b42789f9bed8d1217a2de5a8db10eddf6337d06ae5985d25f65de0
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a0b22979d02a8118999bdbee62bce1aec1472f11533961bd7b8c9fd936535b5
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
519412738fbe95e8e7f578ba489d94ce7502307ad1b7d657b434b377e02f6ad4
54b31be1be4ae9334092d61b96eb948762c26bf48ade9d42405b666537420302
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5a28c93a161296d321bbc6a7227d3722442a99c5841a56969820b33a24a3c637
5d010818a732dd0c89008ffdd663327f7ba40c7068e276360bff6f3bd5cf964b
6a3ae6bfa989d3fd7e015d572fcb4bc5c096bbdc9670fd4b7456846199901baa
6a3eb557e0a095e92f28e48455d07c5baeb2670ec21fa9aa61830b2067c314f6
6b61e78da1681c85ab7e4e533822e0fe055e2b2f1bb39200155a9d3be1c698aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7056399efc75e290c1573c1e969d812778c16745cb9457ed7dfc8a632b0ac736
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
74633d019b80037d9a658d6e939463ec4ca71c2b966bbe03580c5e1db173e40e
74d986f56c5ee88c038417c10d626e8e6ba182100c06a603c7c296cd69da328f
7551a858fe76234c54c69dbecee02fab2bd31ef2a3de1f9a7f1d15fa54ed0b66
75f671774ddcb4c02d3b3240d1ac3227d1585d3dfe48f138be7791f8b929e9ed
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
868295bb1ecfe7de3f367b2836344af8ca73478c6b5fa70591572fb29c50eda9
86cd6f0299b02a120684398ac8cde42cbed673bcf64dfca2561575eccf96e72f
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8ed69fe012de9255a0662c46691693c154011e9042e1adf56759921a1f4a38e9
986327dd1db599d7f60d5da49cec8944935a37c5507b72903d9c6217a233e1df
9e5ea50d6dbfbe7abd93159e6ffb2f4d7a6321c2fb430d2393a0ca85a636e5db
9e89461d36a62b856b320f2e53cc0bd90bded17dda07949a3b239c34099737e6
a1bbe7b17924cea5a310139b17b89f434a664e1921566dfc7cf2b3627e496568
a1ed04f3951d56500133fb6dffc0ecebcf8687084daaddeb57bfb45460595f38
a50c8433260d678c8ed2b37aed832503f2483552a5d2f6f8eecbb158e7c5ac33
aa499ff4ba1b9bad1be1a4a6fe3527d487897cfa4aba3db7d930272f17b7a26a
ae2b3702e2a51d00d8b6d71b2457adbbc931df0098e567b4355c0f11c96837d2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6afdc81c71566f3d8df7cb355702d7b517026c433add1fee5cc6e6ea3320154
ba9c85cfcfbac7b132311a15db892ac74cd17f9b8a7e636487f547dfba7e9ae1
bab9d5d43d512871da68d89e9663d40d8cbde887c231150eacb46b707afe5fbb
c120e5ce6e384f0f762ac673773f08b26d2270d2c33dd9977501aa86d71d90e3
c9f3f5a9f9af6eac95e29484050e568d516f50ba1999c49d06bbb3d753492f38
cc355d7d52b9b712f88e6e4142f729dd29f946b81a0054926ed97dfcdc1bf0c7
ccbec3f52bcdc14cd87592288c0d833d9bd800e55dba79ea4b37650cb22ba26b
cf66ab783d1832e8993d93d45a6c0f24f670cb7780ecabb97803170ae0c93804
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8f1fae9228f29ec11da803013644c3f2cdaf7018baa7febca9ca8e3645acf6d
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbffbe1b980722af33cb630f70cf0c484aa1ffc4be4b58559d7c9afa6adc96ac
df0ca7fc3a27a1455577229c3d03a0cd6037954539ec403515f70c75f32efd54
df7cabf43aa0523a0fb82bbd796766cf372242bb16b925986b2a2b5dbc2cea32
e365dc5ac838c5b89dad502d5b1409d35cb960e0796cafe5808fc28e4a83f555
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e57b75bbe022c538705e5ecec4cd63ab1ea2b16f59a758fa561c21b91a665cd9
e6964c67d6d588a104914e781bf13519792c1aaef9d58c7905789b00cb6abb9e
ed9a6593887a2634a24192083f72890ef3f284c4ff946100ad70c3562ea79274
efb6343cf6b0259bf7980f13c8d6b7aec22787e269f02e79f67ff9232d8d826a
f38483b82d83d076a2eec0b46db9867c73d2e63e6381b70b842db9cbd1108826
f7e1e8c17edae21667b9e0a7c066b8d8d94c2862ac3b15bbf7063a209a5e9b4c
fb853fa9d5b000b500c0e2e7c6968d2cc6c80897f9d671a8abd3a1a00e13fb4e
fd1f9ceb8d781546284cff8da37390d2da2b00bb6c8c5db019b434e65d92be93

hdwallsource.com Open in urlscan Pro 205.185.124.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

100 %HTTPS

83 %IPv6

11 Domains

17 Subdomains

12 IPs

3 Countries

1018 kBTransfer

2046 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hdwallsource.com Open in urlscan Pro
205.185.124.2 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

100 %
HTTPS

83 %
IPv6

11
Domains

17
Subdomains

12
IPs

3
Countries

1018 kB
Transfer

2046 kB
Size

2
Cookies

85 HTTP transactions
1 data transactions