exchange.shutterphoto.net Open in urlscan Pro
2606:4700:3034::6815:4db3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchange.shutterphoto.net/
Submission: On March 19 via api (March 19th 2024, 1:07:36 pm UTC) from US — Scanned from US

Summary HTTP 80 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 7 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3034::6815:4db3, located in United States and belongs to CLOUDFLARENET, US. The main domain is exchange.shutterphoto.net.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2024. Valid for: 3 months.

This is the only time exchange.shutterphoto.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3034::6815:4db3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
1 8	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
22	2607:f8b0:400... 2607:f8b0:4004:c1f::84	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c06::68	15169 (GOOGLE) (GOOGLE)
2	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
80	10

21 2606:4700:3034::6815:4db3 (United States)

ASN13335 (CLOUDFLARENET, US)

exchange.shutterphoto.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1d::9d (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4004:c1f::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::68 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	822 KB
21	shutterphoto.net exchange.shutterphoto.net	301 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	128 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	114 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	1 KB
80	7

	Domain	Requested by
22	tpc.googlesyndication.com	pagead2.googlesyndication.com exchange.shutterphoto.net googleads.g.doubleclick.net tpc.googlesyndication.com
21	exchange.shutterphoto.net	exchange.shutterphoto.net
16	pagead2.googlesyndication.com	exchange.shutterphoto.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.gstatic.com	exchange.shutterphoto.net googleads.g.doubleclick.net
3	fonts.googleapis.com	exchange.shutterphoto.net googleads.g.doubleclick.net
2	www.googleadservices.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
80	9

This site contains links to these domains. Also see Links.

Domain
mythemeshop.com

Subject Issuer	Validity	Valid
shutterphoto.net GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://exchange.shutterphoto.net/
Frame ID: 77986FE36FE31028818DCCE0A17FC1A5
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148880354764995&output=html&adk=318159125&adf=2184669829&lmt=1710853647&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fexchange.shutterphoto.net%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710853646143&bpp=1284&bdt=370&idt=1647&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5000219795390&frm=20&pv=2&ga_vid=1952561935.1710853648&ga_sid=1710853648&ga_hid=2042233242&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081576%2C31081906%2C31081982%2C42531706%2C44798934%2C95327951%2C95327955%2C31081947%2C95320376&oid=2&pvsid=2267526588070770&tmod=1034945420&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1706
Frame ID: 2ED070676EEA9EB70B94CFACA1AAA110
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: BBACAC0F1E1253A78663256C37338360
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 7D724CDAEC0BF71B5BF3CBCD662A1367
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: B38291DB7749E2D365CE7217307A7BDD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 439468A35A835CF7EB4CB182B15CC23C
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8D867B85CB8352E235DF65ADE6D3881F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9403378A8418D728831579DB9E2ECF93
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1BD94973FA6D78D547B432FC63167814
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49ABCE9F283F58FA43AF6412FACBCBD6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: CB832D78CC2FE3C975675CF5B0130875
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: B30FF3BDDAEF057A55AA7AA09817BEB0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: B438B28294A4BE840F9D8B068431FDBC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: B909F22E425405211E5BFE31D95DBAAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exchange.shutterphoto.ne

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

98 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

1370 kB
Transfer

3659 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://mythemeshop.com/
Title: MyThemeShop

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://googleads.g.doubleclick.net/pagead/adview?ai=CFIkEEI75ZbxmvI2Q8g-IzZC4DLOuwbN2haerwKISkcPj644OEAEg67vIbmDJ7o6LwKSMEKAB4aaP3CjIAQKoAwHIA8kEqgTkAU_QtXNgu7i9vIMzP7fSYzgC_OHgMdabOWbhNmZTlLc3rkxy-syW52NcqXAuEueF0m78_6ST_zUmPkGbut0EzH36oLRThyuTXzalVfF9iUkkXZnEX9P4Imp3NIpGHEoUA_DcIZ6KclMxy6yF-CyX4A6jb3ZmBA0uevBT07uoy5ZtVfP4lBplBzMQFgTCEwaaG6Kl4b56nH1z5WmD3jxUTafb8bRw9iDksMrGDhXQMTcxb5hhVUn7p7XSVZHEqS8mQJPlAe6JExFcgYsTTqlwPUxVDhYyVApoGZeAQTwTasVntXn-xcAE5ceYqNEEiAXJ4um1TpIFBAgEGAGSBQQIBRgEoAYCgAfir4K4BKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEPKxDNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljejc2_soCFA5oJyQRodHRwczovL2ltcHJvdmVkZXhwZXJpZW5jZXMuY29tL3dvcmstbGlmZS91bmRlcnN0YW5kaW5nLXRoZS1pbXBvcnRhbmNlLW9mLWFudGlib2R5LXB1cmlmaWNhdGlvbj9hX2NpZD0xMDYzOSZhX2ZlZWQ9cnNvYyZhX3ZjPTMyJmhwPTEmcmFjPUFudGlib2R5JmRrd3M9YW50aWJvZHkrcHVyaWZpY2F0aW9uK2tpdCUyQ2FudGlib2R5K3B1cmlmaWNhdGlvbiUyQ2FudGlib2R5K2V4dHJhY3Rpb24rYW5kK3B1cmlmaWNhdGlvbiUyQ2FudGlib2R5K2V4dHJhY3Rpb24rcHVyaWZpY2F0aW9uJTJDYW50aWJvZHkrZXhwcmVzc2lvbitwdXJpZmljYXRpb24lMkNhbnRpYm9keStleHByZXNzaW9uK2FuZCtwdXJpZmljYXRpb24mbWF0Y2h0eXBlPSZrZXl3b3JkPSZuZXR3b3JrPWQmZGV2aWNlPWMmYWRwb3NpdGlvbj0mc291cmNlPWdvb2dsZSZjYW1wYWlnbmlkPTIxMDUwODQ3NTYxJmFkZ3JvdXBpZD0xNTkyNjY1MTM4OTMmYWRpZD02OTIxMDc1NDI0MTUmcGxhY2VtZW50PWV4Y2hhbmdlLnNodXR0ZXJwaG90by5uZXQmdGFyZ2V0PXNlZ21lbnRfYmVfYV8zMDY4NzQxMjIzMTU3MDM4NjE5JmxvY19waHlzX21zPTkwMDU1MzImbG9jX2ludF9tcz2ACgHICwHaDBEKCxCwypGF7ey378cBEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi04MTQ4ODgwMzU0NzY0OTk1GACyGAkSAuhOGAIiAQA&sigh=IZsc_aQplLk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqd13B84uZRfUfeu8YbRs5IHjcRQHFYa6LSHY9nyDE6lCbDD_xck4EOwVYqcIn6dL_l8sx75vPUOQ91QCyvMuWESnHQ4SS6JLc5xgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x475b16c75c6b2a820000000000000000%22,%222%22:%220x816a7d6a11ad5cad0000000000000000%22,%223%22:%220xe693ab522e88c370000000000000000%22,%224%22:%220x71cfa2ea3eb3850c0000000000000000%22,%225%22:%220x4f28f46cebd783de0000000000000000%22},%22debug_key%22:%222912296355797307016%22,%22debug_reporting%22:true,%22destination%22:%22https://improvedexperiences.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930606945%22],%2222%22:[%22true%22],%224%22:[%2203-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210286504027012616865%22}&andc=true

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exchange.shutterphoto.net/ 52 KB
9 KB 963ms
711ms Document
text/html 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0a03b015d71ad31453cfc84b84c2c42c1aac59545caa44df0f518895085d67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 866daf71ae424bc9-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Mar 2024 13:07:25 GMT
link: <https://exchange.shutterphoto.net/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sTntq36CWg3BrkN2VIbWz1DHgr%2FSShGaIpZBDT2yJZSNZzHW%2BN5a5F%2Bmtqi8MKXfZqnUSjNKj2IXSVl2bJb72EWq5Qgii0lVspXeNTrlvw3SCC41QuKVy%2BtuUjIqsvj8sh8W60dTqeNTUdX7rEepVKvV9F5pUAh2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 237ms
118ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8148880354764995

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

898dc6331e24f33a7187dc44bea948d6046fc2b3630d1f4f66721314f9b7b1d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.shutterphoto.net/
Origin: https://exchange.shutterphoto.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51191
x-xss-protection: 0
server: cafe
etag: 9414973743907745489
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 19 Mar 2024 13:07:25 GMT

GET
H2 200 style.min.css
exchange.shutterphoto.net/wp-includes/css/dist/block-library/ 108 KB
15 KB 1513ms
1474ms Stylesheet
text/css 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 09:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ae43-65f02733-289c15;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppUHyhgGKFydb5efY5eCo56ztmBNQIGazImYLhVH92fbbjftLLYYKF4hA5u53ef1JiWGuTPRvMJJNv%2B1lxXRM2u7rhhHnGfejyQIV6lUNUzFOD6q24WO8wfwgCUr%2BlGAjFBYvQ2tFunA6xLRXCKuByD1WTaSwC5G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 866daf766fc04bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H2 200 style.css
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/ 70 KB
14 KB 668ms
630ms Stylesheet
text/css 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/style.css?ver=6.4.3
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974e4845984871c49feed0117ec5fa685f94ed0116e94dce8ec5fa87ca71ed7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11842-65f02df9-58348c;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RlYhEWu5eSNCFL3TPBNCve3j0awNGxceeCsmWa0j%2Bl42Ew8KoGwsWiuRDObW6jeuWqVlAfJFNx5Tj8SzpXbVZTFIgSOcu%2BrIV5QS%2B4%2FFT%2FA8iMRcr4J02twNnCE7ADdbT%2BPfMtsLlNKY1jP3TDg%2F7IAyAzk%2Bg%2B9b"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 866daf767fc14bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 13:07:26 GMT

GET
H2 200 font-awesome.min.css
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/css/ 30 KB
7 KB 1499ms
1461ms Stylesheet
text/css 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/css/font-awesome.min.css?ver=6.4.3
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"78d5-65f02df8-583028;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DaWAfa5gLkGXsPYxTpNklhdDwof7jmSBm0zV9RwPGi9HmFScnblnjxHdPAz536tipv%2F6zT%2B7EsGgUOqGRsjnQ1AQ6%2F27N6QJS%2F5o%2Frsf%2F%2B578gKMPHQMMH8KPBzRvySeagkiWqM6Xx0%2BtY0iA1yDCiLFb6%2BneeZp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 866daf767fc24bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H2 200 responsive.css
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/css/ 14 KB
3 KB 669ms
630ms Stylesheet
text/css 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/css/responsive.css?ver=6.4.3
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6c677e99da1f9014faa8aff613db3d9ccf06138b6e94190921c365835df19c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"380b-65f02df8-58302a;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8TLNjxsvcwPYacwvsok72aakTX6GUneTuHIpQ7y7MREKasEkFJbbWTROA2%2BKw8lBnPTWQBK3m9mhn8zzZu9wkjINBTTtG6sCiVezGdyzI0spgqR02rAgIz0Ubt5R6C1bA8WpMybigYWlf%2BCnjQzwl85d7%2Fqp%2BUy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 866daf767fc34bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 13:07:26 GMT

GET
H2 200 jquery.min.js Show response
exchange.shutterphoto.net/wp-includes/js/jquery/ 86 KB
31 KB 1052ms
1014ms Script
text/javascript 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 09:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-65f02733-289e2e;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ifjX6nUIWtAAFi813k%2Ba98dz2ORzXb1acg%2FagWZG3auU1MY4c4xMck8ooRgLNl3t8rbN%2FAIxLlL%2FZjcwZCJNNeXGqzmbSF8DC7Kk6sgsTHhI%2FDhYcjJSnh8OV4pJVsZopEPvrWXXspi5yAzzYLYtnEOUo%2BaSwYQk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 866daf767fc44bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
exchange.shutterphoto.net/wp-includes/js/jquery/ 13 KB
5 KB 666ms
628ms Script
text/javascript 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 09:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-65f02733-289e28;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHT0I76qQZfCgaT3DpBZp7Z%2FRDWKxq6iOuYL8QUbSxENGl1ykBc08feYCfeFl2Y1SHnuD6PYtE2JnoKqhqurFrNc5EehFyyPNs%2Bst1t83A%2BStVD9IPepFf%2Bguy4P%2BDJ1Uo5XLqSG%2BECQzXV%2FML%2F%2F4VRHJAI%2FgemY"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 866daf767fc54bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 customscript.js Show response
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/js/ 11 KB
3 KB 1510ms
1473ms Script
text/javascript 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/js/customscript.js?ver=6.4.3
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60ee135c332e44acb7d54dbac9674027d629058f509c6c4293731dfd76b8d4c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c90-65f02df9-58309b;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPlRU3FZh%2FruqybWV0lQu0TjEc%2FGEM9V4NjHrRG7LYfeUtebf7rYKLehy9VqTrEX0ibgqM4nZMybSjxnM9LCJk8D6%2B2zkuiDAJlr4JLHPR7e9ywHXmu2Pjj2KOh5xLEgXDAbvhiZD0d9lXtZEcmTS1%2Bv9YNX8fCD"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 866daf767fc64bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.webticker.min.js Show response
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/js/ 5 KB
2 KB 663ms
626ms Script
text/javascript 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/js/jquery.webticker.min.js?ver=6.4.3
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800ac569bf0aaac1ad3e5ed4bd2fd4523c546e965a7cb9345ed6a1ea9ac2c21a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"141e-65f02df9-58309f;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRyZqEE%2F1S8j5lt7RE9ulIEDdgCJcCeAsyHO2%2F30FUlUAqPSOzagjqlaMrBx3Stox6Ru5hg%2Br3ZBpk1%2Bh0HmR8SiAiZeTaYRY%2BIDeBDfG017m9wmFsEbOH37sZo%2FmZzc0X2%2FMzCtrJxSfUkEf6oilspaDiSMy2dp"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 866daf767fc74bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 162ms
51ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600|Merriweather:700|Open+Sans:normal&subset=latin

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14fe89197263ded5e7d1525c958e688e4399af7f9a5bf3e337e8ea4f31e34da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Mar 2024 13:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 12:50:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Mar 2024 13:07:25 GMT

GET
H2 200 nothumb-featured.png
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/images/ 691 B
1020 B 667ms
631ms Image
image/png 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/images/nothumb-featured.png
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e7c3c64d5299169d97e1ed3959b17087b9a9e6f299252d83d565f952d0c27a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:26 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2b3-65f02df9-58306b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5fHkrKAhwECIcQev8tCQI51PMis8DezwYQJqKZST0iSpKR4O9IFJ3uPMBcA1P4uM1YfZxjiTxlZ%2FXKE16mJSosSPEo8415nNiQF4EL90txtwnHLYy9eh0RafqyG4N%2BWa5d5pHGgxOAGMZkXzR2OfEom4%2F2LrKRL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf767fc84bc9-BUF
alt-svc: h3=":443"; ma=86400
content-length: 691
expires: Tue, 26 Mar 2024 13:07:26 GMT

GET
BLOB 200
OK ce66401f-03d2-4832-9774-0dd3aaadaa4b
https://exchange.shutterphoto.net/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://exchange.shutterphoto.net/ce66401f-03d2-4832-9774-0dd3aaadaa4b
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 285ms
209ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8148880354764995

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

179e92ae95b14a4d3fbedf9c03fdb5423e5598c7e1381790503a21b64ba484e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141437
x-xss-protection: 0
server: cafe
etag: 11399684668163219252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 13:07:27 GMT

GET
H3 200 nobg.png
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/images/ 68 B
575 B 666ms
664ms Image
image/png 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/images/nobg.png
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:28 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "44-65f02df9-58306a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLVT66MvZObmVK7BMcOHzlr%2FHEruSDfaKyAns%2FI0ecso9j0%2F7kSPXMr28QRyhkAaX5ii59oLLeGv5QJuKsHoWvLiZNcol7jJuIjaaUThUYmSGxp5nRor3x6HkS6DPWkldwZN9sehdUHer8TuaNdaeu88oAsefaeW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf803d8b4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 68
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 258ms
52ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600|Merriweather:700|Open+Sans:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exchange.shutterphoto.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:08:45 GMT
x-content-type-options: nosniff
age: 489522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 21:08:45 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 277ms
110ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600|Merriweather:700|Open+Sans:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exchange.shutterphoto.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 09:19:30 GMT
x-content-type-options: nosniff
age: 532077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 09:19:30 GMT

GET
H3 200 fontawesome-webfont.woff2
exchange.shutterphoto.net/wp-content/themes/mts_newsonline/fonts/ 75 KB
76 KB 1408ms
1374ms Font
font/woff2 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/fonts/fontawesome-webfont.woff2
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/css/font-awesome.min.css?ver=6.4.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://exchange.shutterphoto.net/wp-content/themes/mts_newsonline/css/font-awesome.min.css?ver=6.4.3
Origin: https://exchange.shutterphoto.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:28 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 10:27:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12d68-65f02df8-583031;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYE6KuwzHFgqO9FtAdfYwHvdJV5D%2F5ABLW5Ish9Fui4fYLTU72et8pJylWyu033Tv2DG6PXcoazLZ5UiHuKmCsY%2FtaBotXRDgc9fyt165mWnmFqqK9%2BcsnlCASZgqCseJQwKTmnLTejfNA3fwL7xyKLH67%2BWLYyQ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf80ddd04bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H3 200 bankroll-management-sports-betting-450x220.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 17 KB
18 KB 1204ms
1199ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/bankroll-management-sports-betting-450x220.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7be5fba4cba80de53e9505c44c5770e14dab39d4f51b06893091c99430865f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:28 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:46:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4484-65f09510-51862d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKkDyEWUrmRl1fzAMvrw%2FjXPJgdfcTaaOlP4KTbTquxfrAcRhX30JD7%2B9pYbCdhd99DN6V4wPPWT2pU2BBGubWm73ef3zkU5hlm%2F85%2FtAXzGWtaCKB%2B3zIyGhQRi8o0QCjvsKJ6IsRv%2B%2FYKzCbM0pwd2w0eauO3I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf812ded4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 17540
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H3 200 vince-camuto-platform-heels-370x215.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 12 KB
12 KB 386ms
381ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/vince-camuto-platform-heels-370x215.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4155db818a898c704e968f7dc0db285d2451e43fbdb6aba77d7b0155aa5d3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:27 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:43:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e46-65f0945a-518618;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tE85Ydpmd0I8g0YUeamlp5ekAQNnXYwAjAhODmMIifOIDxVWjuJeD6mKkntWcQHuTkkfNmCB%2F8%2BQwMK0qB7p5HuyXTSVdqpOqPfHgIdxF29F%2BRRVlZwotZosYzkBH0rTyn5ugBwG3wFlpmi4xdK%2BOdmPuyuij%2FSk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf812dee4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 11846
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H3 200 online-mba-in-healthcare-management-370x215.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 13 KB
14 KB 667ms
662ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/online-mba-in-healthcare-management-370x215.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092860ab2dd1fd578bfd6cf61d99bd1f6390b0c181a98cd1d66d1faacf8879fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:28 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3481-65f093c3-5185f7;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yiyeJ5%2B8wMwOz01Ujj0%2FMau9IvW4JrhDVAH4Z4IYxxYOuPoy%2B70DLkYLGCbnlzU67glG2Y%2BxSq8rRhltc1LGIgLy9gDTERd5bzLyb878R7it09eymE5oVBZuMLYRf%2F4TbMNXH9zEbUaCfx5gRY3I7vTPren6l4jy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf812df14bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 13441
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H3 200 wp-emoji-release.min.js Show response
exchange.shutterphoto.net/wp-includes/js/ 18 KB
5 KB 361ms
361ms Script
text/javascript 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.shutterphoto.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 09:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-65f02733-289f4f;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWIc7l3XJYirG5c7FjhuNDgrajN5jCugkP9ZyA%2BstnXXZN4KMv5QGneOvIkhE7%2F9Fm%2FhgRtlwjc%2BvVA5YAP1J84wSZSyxXGrOrPMXYgN0762rktNTqoPThxqVPflBTvoKEPHNeHkPJ8yYqTAx7NXntNHyvaBn%2BQI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 866daf812df24bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 dental-practice-management-consultants-370x215.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 16 KB
16 KB 2194ms
2169ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/dental-practice-management-consultants-370x215.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293875f072ec160a6357e9fab23315e468e4ff636776307f2a7cf5e9cb5d0e78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:29 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3f67-65f0932c-5185d9;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzHrvSPr4yufCJeICkkRYDkunAHfUupxldtZqL2GU95Sus0JUXyzCsF5prsFn2bTzsA8g6Zc7EeWg0FWACwLffrq2jjf8w8VKJIE9srmw%2BtB7fGevCVQ6BsyonvNlkFraQI1cJR%2BJAv8VFP4VdX1xuNmWVAubynr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf818e164bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 16231
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H3 200 tier-1-crypto-exchange-370x215.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 14 KB
14 KB 2777ms
2753ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/tier-1-crypto-exchange-370x215.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d93a5109c92f69ee3bab76ff49f20c292ffc934059114ef7c12a85f7fe1828

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:30 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:35:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3701-65f0927a-5185c5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NVktWHDJwkmtacuCB8OMARfx1wOER%2B2EjovFFmo0AEBwNEYnCU%2FifK2FqaeMq%2BMQnJzMhiTnFzaa6XKU8zM8w98%2Feb%2BWh1wK1NJ1YIZP3LaleUGTF%2FFehqqI8%2F0kYnjLpO9OS%2FOZ1UGrZV8qu3Eh18x7tzKTIkXi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf818e184bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 14081
expires: Tue, 26 Mar 2024 13:07:28 GMT

GET
H3 200 project-management-accounting-software-370x215.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 20 KB
21 KB 1186ms
1162ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/project-management-accounting-software-370x215.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed4c692ca98f37be9b0dfc2557152c42562186dd9f27fb627ac29cca2e548560

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:28 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:34:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5088-65f09233-5185b1;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6XYnA3etVRy%2B9cVHQD4f24psghLlUwqVoq5u82qrXytt356qEJTHeGbYNvR7N5tBZg%2BWxSKKYz5XQoUFaAAvIqBylSX040GtF5kOHupgSJWidZkcelLCT1TTUzkNTPHLimjM8ezzPSgxlHZ1qnXuq7e1vm650ROG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf818e194bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 20616
expires: Tue, 26 Mar 2024 13:07:28 GMT

GET
H3 200 ecm-enterprise-content-management-370x215.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 20 KB
21 KB 2464ms
2441ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/ecm-enterprise-content-management-370x215.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f886e7cce93f535f96c26146fe5b2e0c6149fbb8393b50f8fc88640fcb0caaff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:29 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5171-65f091df-51859d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpyymI7yO8ZNvu0PcIwbyG8B8GGgV%2Fafk2mIyOIrmUV9r9oNRLjQsaMXHTb0oA7hbajbqMn8WYYeFGGqs7QjidL%2FWucSp68UCJJ%2BMJUFVQEW842yrBTRpKzeMzb527O1D7EDtiWo7U1oCZXs1cGrcZjhbmpRv2qQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf818e1a4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 20849
expires: Tue, 26 Mar 2024 13:07:28 GMT

GET
H3 200 best-stock-trade-platform-370x215.jpg
exchange.shutterphoto.net/wp-content/uploads/2024/03/ 12 KB
12 KB 382ms
358ms Image
image/jpeg 2606:4700:3034::6815:4db3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.shutterphoto.net/wp-content/uploads/2024/03/best-stock-trade-platform-370x215.jpg
Requested by: Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4db3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89eb39269fe81b500cdaf66a7df576a71104c8e4e22ce5bdcc17f37077568357

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:27 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Mar 2024 17:32:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2f42-65f09193-518595;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Op8WU35m%2FWuWctnGPiz3jpmetbYLp6JGiauKe4JZoB3o1LGluKzeg6qPSZenfaJRXLIEH0gmujqNTANP49QRDSlaN8FAKMA1dFgDli7rZrssniK8T1OMaKQBe46tQPDQvIQvXq7Tke%2BGZMPev9EZuKFyHreHAfqu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 866daf818e1b4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 12098
expires: Tue, 26 Mar 2024 13:07:27 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2ED0 606 KB
112 KB 1111ms
1022ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148880354764995&output=html&adk=318159125&adf=2184669829&lmt=1710853647&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fexchange.shutterphoto.net%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710853646143&bpp=1284&bdt=370&idt=1647&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5000219795390&frm=20&pv=2&ga_vid=1952561935.1710853648&ga_sid=1710853648&ga_hid=2042233242&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081576%2C31081906%2C31081982%2C42531706%2C44798934%2C95327951%2C95327955%2C31081947%2C95320376&oid=2&pvsid=2267526588070770&tmod=1034945420&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1706

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e7994aaf08cc77d24f3fd70352aaa96fd3d8b25d5d83c681140687a4d42004a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.shutterphoto.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 113721
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 13:07:28 GMT
expires: Tue, 19 Mar 2024 13:07:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 101ms
100ms XHR
application/json 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240314&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21983cf8b656ea3e5bc86cfe2a766412d551fed03731120b6de8ed83f9cc75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12285
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 108ms
107ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js?bust=31081947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bd3b37fd7df00107c57b4bf78a7d1a56d62119173cc316a092680dce31c33a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57714
x-xss-protection: 0
server: cafe
etag: 14384232607784621210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 13:07:29 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 150ms
47ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 13:07:29 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame BBAC 9 KB
4 KB 37ms
36ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.shutterphoto.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 43774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 00:57:55 GMT
etag: 5035419970550746386
expires: Tue, 02 Apr 2024 00:57:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 7D72 9 KB
4 KB 48ms
47ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.shutterphoto.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 43774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 00:57:55 GMT
etag: 5035419970550746386
expires: Tue, 02 Apr 2024 00:57:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame B382 9 KB
4 KB 39ms
38ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.shutterphoto.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 43774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 00:57:55 GMT
etag: 5035419970550746386
expires: Tue, 02 Apr 2024 00:57:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 4394 9 KB
4 KB 38ms
34ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.shutterphoto.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 43774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 00:57:55 GMT
etag: 5035419970550746386
expires: Tue, 02 Apr 2024 00:57:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 8D86 14 KB
1 KB 61ms
60ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Mar 2024 13:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 11:19:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Mar 2024 13:07:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 8D86 2 KB
1 KB 48ms
47ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame 8D86 23 KB
9 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 02:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 02:33:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 8D86 3 KB
1 KB 41ms
41ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 8D86 20 KB
8 KB 48ms
48ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8D86 206 KB
62 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 12:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 13:58:52 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 8D86 36 KB
15 KB 131ms
45ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 16:38:40 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/elements/html/ Frame BBAC 15 KB
6 KB 37ms
14ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:27:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:27:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BBAC 205 B
516 B 130ms
85ms Image
image/png 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:24 GMT
x-content-type-options: nosniff
age: 5
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Mar 2025 13:07:24 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BBAC 604 B
694 B 130ms
86ms Image
image/png 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:03:22 GMT
x-content-type-options: nosniff
age: 247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Mar 2025 13:03:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/elements/html/ Frame BBAC 22 KB
9 KB 56ms
49ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 7D72 2 KB
822 B 38ms
36ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame 7D72 23 KB
9 KB 38ms
36ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 02:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 02:33:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 7D72 3 KB
1 KB 51ms
48ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 7D72 20 KB
8 KB 39ms
36ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7D72 206 KB
62 KB 36ms
34ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 12:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 13:58:52 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 7D72 36 KB
15 KB 44ms
37ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 16:38:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B382 6 KB
728 B 59ms
59ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Mar 2024 13:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 11:24:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Mar 2024 13:07:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame B382 2 KB
822 B 44ms
44ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame B382 23 KB
9 KB 50ms
50ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 02:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 02:33:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame B382 3 KB
1 KB 72ms
72ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame B382 20 KB
8 KB 64ms
64ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B382 206 KB
62 KB 63ms
63ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 12:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 13:58:52 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame B382 36 KB
15 KB 62ms
61ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 16:38:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame 4394 23 KB
9 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 02:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 02:33:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9403 143 B
166 B 55ms
45ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 12:55:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 4394 3 KB
1 KB 51ms
43ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 4394 20 KB
8 KB 51ms
43ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:26:21 GMT

GET
H3 200 13868589119137133793
tpc.googlesyndication.com/daca_images/simgad/ Frame 4394 101 KB
101 KB 58ms
50ms Image
image/png 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13868589119137133793

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32fbc34bcc0f902297925fc93ca738794677686ab990052d76a22e1d42c0eb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 13 Mar 2025 15:49:12 GMT
date: Wed, 13 Mar 2024 15:49:12 GMT
x-content-type-options: nosniff
age: 508697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103685
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 19:40:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4394 206 KB
62 KB 49ms
42ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 12:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 13:58:52 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 4394 36 KB
14 KB 67ms
60ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd468608e8dabf6e0e7a356f45f66683848d768e8ade1569072e175acea8955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14726
x-xss-protection: 0
server: cafe
etag: 8517996084005999798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 19:28:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1BD9 13 KB
5 KB 53ms
37ms Document
text/html 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.shutterphoto.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 53059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 22:23:10 GMT
expires: Tue, 18 Mar 2025 22:23:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49AB 829 B
1 KB 176ms
56ms Document
text/html 2607:f8b0:4004:c06::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2e4c9956166069d4ca63a510188fa0aff4779e95bfd26fffe5eb4b0b9d08603

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AFYHWn1q62_8Vvj1tHZT7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange.shutterphoto.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AFYHWn1q62_8Vvj1tHZT7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 13:07:29 GMT
expires: Tue, 19 Mar 2024 13:07:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 4394 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1e9020049a57a74932234f633aae990d2509a50454e7c434e1d7b975f15ee95

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9403
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
49ms

Document
text/html

2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 13:07:30 GMT
expires: Tue, 19 Mar 2024 13:07:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 13:07:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame CB83 52 KB
20 KB 50ms
49ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 19:27:33 GMT

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame B30F 52 KB
20 KB 44ms
43ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 19:27:33 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4394
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFIkEEI75ZbxmvI2Q8g-IzZC4DLOuwbN2haerwKISkcPj644OEAEg67vIbmDJ7o6LwKSMEKAB4aaP3CjIAQKoAwHIA8kEqgTkAU_QtXNgu7i9vIMzP7fSYzgC_OHgMdabOWbhNmZTlLc3rkx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x475b16c75c6b2a820000000000000000%22,%222%22:%220x816a7d6a11ad5cad0000000000000000%22,%223%22:%220xe693ab...

0
0

181ms
92ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x475b16c75c6b2a820000000000000000%22,%222%22:%220x816a7d6a11ad5cad0000000000000000%22,%223%22:%220xe693ab522e88c370000000000000000%22,%224%22:%220x71cfa2ea3eb3850c0000000000000000%22,%225%22:%220x4f28f46cebd783de0000000000000000%22},%22debug_key%22:%222912296355797307016%22,%22debug_reporting%22:true,%22destination%22:%22https://improvedexperiences.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930606945%22],%2222%22:[%22true%22],%224%22:[%2203-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210286504027012616865%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x475b16c75c6b2a820000000000000000","2":"0x816a7d6a11ad5cad0000000000000000","3":"0xe693ab522e88c370000000000000000","4":"0x71cfa2ea3eb3850c0000000000000000","5":"0x4f28f46cebd783de0000000000000000"},"debug_key":"2912296355797307016","debug_reporting":true,"destination":"https://improvedexperiences.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930606945"],"22":["true"],"4":["03-19"],"6":["true"]},"priority":"500","source_event_id":"10286504027012616865"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Mar 2024 13:07:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Mar 2024 13:07:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x475b16c75c6b2a820000000000000000","2":"0x816a7d6a11ad5cad0000000000000000","3":"0xe693ab522e88c370000000000000000","4":"0x71cfa2ea3eb3850c0000000000000000","5":"0x4f28f46cebd783de0000000000000000"},"debug_key":"2912296355797307016","debug_reporting":true,"destination":"https://improvedexperiences.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930606945"],"22":["true"],"4":["03-19"],"6":["true"]},"priority":"500","source_event_id":"10286504027012616865"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49AB 0
0 129ms
114ms Image
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240314&jk=2267526588070770&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BD9 40 KB
16 KB 50ms
36ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 19:57:00 GMT

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame B438 52 KB
20 KB 37ms
34ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: exchange.shutterphoto.net
URL: https://exchange.shutterphoto.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 19:27:33 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 186ms
97ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Mar 2024 13:07:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame B909 52 KB
20 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 19:27:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1BD9 0
10 B 34ms
33ms Image
text/plain 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zdHL5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 13:07:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4394 42 B
64 B 108ms
107ms Fetch
image/gif 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJ7N_QzyhDCciVV0huPmNye0ZhDeQS07HJuoL_pQv3L2NWcq-QCv5s0M95wlr3Ih8J9bX1bU07bgu3-oGs270EH7AnMphjiCrKefZk9g1jK62ow0KRQxdwCYI8-bsIHZPEjtDEOKfk1mVGljT5IZdC-lvLC0wCyIY&sai=AMfl-YTCi9XHuV9ZiwMFinoHeXNwE6yA3P1FW82O0Jej8m-eTFWzCZhSNDxpJ_q_2uQgQG0JCQGDzqhbfHCxBSeZwhOFa1sUtvOvnZx4CAZW5VcPJwe_MWFQHxtDaNco79u00k8TAmt7I8NWI8sxuN8B&sig=Cg0ArKJSzJI7ODOgrNjQEAE&cid=CAQSTgB7FLtqd13B84uZRfUfeu8YbRs5IHjcRQHFYa6LSHY9nyDE6lCbDD_xck4EOwVYqcIn6dL_l8sx75vPUOQ91QCyvMuWESnHQ4SS6JLc5xgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=373,1001,1001,1001,1001&tos=373,628,0,0,0&v=20240318&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=318159121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=678644900&rst=1710853649305&rpt=670&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 13:07:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240314&jk=2267526588070770&bg=!kZKlkt3NAAZaswqNerM7ADQBe5WfOCIzvVemJfEAMag18G6egXQMiG60eewAc6uwFlWBIlF9Cdu6BtmHFHLtGsZO5BeMAgAAAd1SAAAAKmgBB34ANWAGSFq0q61pf2KeThkuB3U_tLyAzazZSV_y6C4l8sjLq36AmJ6NQIvE3WV46m5m1s8a49hfCgCEVSWPKf3nZdK4VwG4ST-KIJX022OTgfeJh9s2O-M9QGukfXu3RDjMKy6MVOMjhN8NgAcSjE1ZXXzk5UdrfsMjtSQCZZExGlhirISp6gLOLQv-GHsGpL9ZxpMeqdnqEcoAKbbaOeCDJ78p-ge9so-bplgLXJ87xANJnNx8OvHZttG9GOhhmQJ05cWcag1mvtIWesOfokQeq_Aqvxmk38OLiVC3mT7VgeU84vW14fcWHQwGnRV4BT4Kd2HAALNB9_5NsoStOSVgACXGwie-nbhLIs6Gk_aFb8zlWENdFVEh8H2i6bk1TcunWhKqJtUfd5lhez-08FnlEUdd9G7Zq8RPy1k_JEvheik0KufB5mJE4PZ-rMfDo6uqeEtneOJnybw8jb8_8HhW3FyuoTUP7QCDJBorMnhGoFISzaslMZXkjrhmVhVqrZSGYCqrUriMIlRDW6HoMCT0bi-jMiMGX4wwi8_oswdImpPBnXkm2IlrJXonhyvlW_AynY7hJ1zSKVNSg2qIHpbDILQB_VTo83SYTS_uoN0n6Q43CHtHbHuEwUYcTngdugijGySP86PuVIT9Ozn8_ofHpcAoJqbdCCmuWuUHesAIr5MeZaFpb1HGCNGLo51seMNhUbJN0XaP5QlmKpL5D5GjY6xl3rvj0Zs3AQg-KSMuNaMHbX9MdvdjbPphFPr1OMQSNxKSt5zLodmejLgvnR2gujcxBKaPCnrpK_YxzoklYs_z4r2vfeyvxHDB6XUO1afD58ePGYYPCeGpHwQvrT5xDokQVBQCTVs85TmtHaTP5BdjF_VQ-zbGub0lLJuPRf1XEUFzfrWD4ag2pwMh_ex3anU_Vk492ZGAS7-D6N6zLNnTIzmNZwRDMeMLLfBt0hl_qTleSQo124Je_T-AC_yDMCmwJL9QUdleOCRf2bG4aD0FBzuLmyHtKhzd1lz5g-bKA-qdRAqjbsrAjtWdwFtfsRsgpMQOrKubaqH2suotXvWIQOqxFuMecIkDs2Ow8YnapTiCuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exchange.shutterphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shutterphoto.net/	1970-01-21 04:35:49	Name: __gads Value: ID=018c120369baf03c:T=1710853647:RT=1710853647:S=ALNI_Ma2fP_SkLNG74VTy2ohfpOMlfdmxg
.shutterphoto.net/	1970-01-21 04:35:49	Name: __gpi Value: UID=00000dd3bf52dd2b:T=1710853647:RT=1710853647:S=ALNI_MZetryOKT11Obo8_pON5XgWTvpzkw
.shutterphoto.net/	1970-01-20 23:33:25	Name: __eoi Value: ID=a15426fcd86711de:T=1710853647:RT=1710853647:S=AA-AfjbwJ7yocXW3ZjiSPrMOkLXJ
.doubleclick.net/	1970-01-21 04:50:13	Name: IDE Value: AHWqTUn_OcXkhpuCiCW3IPPC1aqF63S87ETOblqFrHNlFJhC676e0iTFoC85u6wylME
.doubleclick.net/	1970-01-20 19:14:17	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 21:23:49	Name: ar_debug Value: 1

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.shutterphoto.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

exchange.shutterphoto.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
172.253.122.155
2606:4700:3034::6815:4db3
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::68
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::9d
2607:f8b0:4004:c1f::84
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
092860ab2dd1fd578bfd6cf61d99bd1f6390b0c181a98cd1d66d1faacf8879fe
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
179e92ae95b14a4d3fbedf9c03fdb5423e5598c7e1381790503a21b64ba484e8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f4155db818a898c704e968f7dc0db285d2451e43fbdb6aba77d7b0155aa5d3b
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
293875f072ec160a6357e9fab23315e468e4ff636776307f2a7cf5e9cb5d0e78
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32fbc34bcc0f902297925fc93ca738794677686ab990052d76a22e1d42c0eb63
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35
4c7be5fba4cba80de53e9505c44c5770e14dab39d4f51b06893091c99430865f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0a03b015d71ad31453cfc84b84c2c42c1aac59545caa44df0f518895085d67
4e7994aaf08cc77d24f3fd70352aaa96fd3d8b25d5d83c681140687a4d42004a
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50e7c3c64d5299169d97e1ed3959b17087b9a9e6f299252d83d565f952d0c27a
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
60ee135c332e44acb7d54dbac9674027d629058f509c6c4293731dfd76b8d4c8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7bd3b37fd7df00107c57b4bf78a7d1a56d62119173cc316a092680dce31c33a7
7fd468608e8dabf6e0e7a356f45f66683848d768e8ade1569072e175acea8955
800ac569bf0aaac1ad3e5ed4bd2fd4523c546e965a7cb9345ed6a1ea9ac2c21a
898dc6331e24f33a7187dc44bea948d6046fc2b3630d1f4f66721314f9b7b1d0
89eb39269fe81b500cdaf66a7df576a71104c8e4e22ce5bdcc17f37077568357
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
974e4845984871c49feed0117ec5fa685f94ed0116e94dce8ec5fa87ca71ed7b
a1e9020049a57a74932234f633aae990d2509a50454e7c434e1d7b975f15ee95
a2e4c9956166069d4ca63a510188fa0aff4779e95bfd26fffe5eb4b0b9d08603
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c14fe89197263ded5e7d1525c958e688e4399af7f9a5bf3e337e8ea4f31e34da
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e21983cf8b656ea3e5bc86cfe2a766412d551fed03731120b6de8ed83f9cc75f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c677e99da1f9014faa8aff613db3d9ccf06138b6e94190921c365835df19c3
ed4c692ca98f37be9b0dfc2557152c42562186dd9f27fb627ac29cca2e548560
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d93a5109c92f69ee3bab76ff49f20c292ffc934059114ef7c12a85f7fe1828
f886e7cce93f535f96c26146fe5b2e0c6149fbb8393b50f8fc88640fcb0caaff

exchange.shutterphoto.net Open in urlscan Pro 2606:4700:3034::6815:4db3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

98 %HTTPS

89 %IPv6

7 Domains

9 Subdomains

10 IPs

1 Countries

1370 kBTransfer

3659 kBSize

6 Cookies

1 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exchange.shutterphoto.net Open in urlscan Pro
2606:4700:3034::6815:4db3 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

98 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

1370 kB
Transfer

3659 kB
Size

6
Cookies

80 HTTP transactions
1 data transactions