urlscan.io logo urlscan.io
SecurityTrails logo

blog.robsheaphotography.com Open in urlscan Pro
76.76.21.61  Public Scan

Go To Rescan Add Verdict Report
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Submission: On July 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 55 HTTP transactions. The main IP is 76.76.21.61, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is blog.robsheaphotography.com.
TLS certificate: Issued by R3 on July 10th 2023. Valid for: 3 months.
This is the only time blog.robsheaphotography.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    76.76.21.61 (Walnut, United States)

ASN16509 (AMAZON-02, US)
blog.robsheaphotography.com
4    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    18.66.91.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-91-100.fra56.r.cloudfront.net
photos.smugmug.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
10 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3580
957 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
210 KB
6 smugmug.com
photos.smugmug.com — Cisco Umbrella Rank: 54356
5 MB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 289
31 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2556
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 113
16 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
178 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
5 KB
3 robsheaphotography.com
blog.robsheaphotography.com
68 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
132 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129
611 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 236
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 126
139 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 4752
408 B
55 15
Domain Requested by
10 www.youtube-nocookie.com blog.robsheaphotography.com
www.youtube-nocookie.com
6 pagead2.googlesyndication.com blog.robsheaphotography.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 photos.smugmug.com 1 redirects blog.robsheaphotography.com
4 jnn-pa.googleapis.com www.youtube-nocookie.com
4 cdn.jsdelivr.net blog.robsheaphotography.com
cdn.jsdelivr.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 blog.robsheaphotography.com blog.robsheaphotography.com
2 www.gstatic.com www.youtube-nocookie.com
www.gstatic.com
2 www.google.com www.youtube-nocookie.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com www.youtube-nocookie.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com blog.robsheaphotography.com
www.googletagmanager.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 yt3.ggpht.com www.youtube-nocookie.com
1 i.ytimg.com www.youtube-nocookie.com
1 www.google.de blog.robsheaphotography.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
55 20
Subject Issuer Validity Valid
blog.robsheaphotography.com
R3		 2023-07-10 -
2023-10-08		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
smugmug.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-10-29		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Frame ID: DD0561830AA85C4679923E91963FA10D
Requests: 26 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Frame ID: 1BB8A21FC7EA8AB2B853E88A19907B90
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Frame ID: 5F18AA41AE1B5C191DD51F88D900A4D2
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: D349E2D26D813F19BC7097C9E82B236C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5044825374897091&output=html&adk=1812271804&adf=3025194257&lmt=1689540062&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fblog.robsheaphotography.com%2F2021%2F08%2F07%2Fupdate-photoshop-actions-color-infrared.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689540062259&bpp=5&bdt=720&idt=421&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7518957936427&frm=20&pv=2&ga_vid=1195976172.1689540062&ga_sid=1689540063&ga_hid=1548692429&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31075630%2C42532280%2C44759876%2C44759927%2C42532278%2C31075643%2C31076010%2C44788441%2C31075886&oid=2&pvsid=4310273328617903&tmod=2106702805&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=449
Frame ID: 04DC6C38C8CEBDA1C9735EFC67BAED5B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A721EBE246B861333FDCE52BDDCC1C02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17D80861950A0FD248A14C7A2805D02D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Updated Photoshop Actions for Color Infrared v3 | Rob Shea Photography

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

55
Requests

96 %
HTTPS

90 %
IPv6

15
Domains

20
Subdomains

21
IPs

3
Countries

6479 kB
Transfer

9762 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://photos.smugmug.com/photos/i-8ZhLRDD/0/b0981373/4K/i-8ZhLRDD-4K.jpg HTTP 301
  • https://photos.smugmug.com/photos/i-8ZhLRDD/1/ad753b38/4K/i-8ZhLRDD-4K.jpg

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request update-photoshop-actions-color-infrared.html
blog.robsheaphotography.com/2021/08/07/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
241c5e683aba279bdffe939c0cddb8b6210fcb13ca1196bc3d48d94f24cc8a03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
0
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="update-photoshop-actions-color-infrared.html"
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 20:41:01 GMT
etag
W/"54261472885c9e7e12e6cfa8d7eef8f8"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
MISS
x-vercel-id
fra1::tzbwz-1689540061227-d256cb904f01
main.css
blog.robsheaphotography.com/assets/css/ 		90 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.robsheaphotography.com/assets/css/main.css
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea00f9686585ac5fe0706c92b5930bb16422242da281bd22a63028f71f93fe1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:01 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::tzbwz-1689540061541-38070285ea1d
age
20426
etag
W/"84cc2989a125e5e5232bf5ccf0c2da03"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.css"
all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 20:41:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
8298
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13056
x-served-by
cache-fra-eddf8230023-FRA
x-jsd-version-type
version
etag
W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
i-8ZhLRDD-4K.jpg
photos.smugmug.com/photos/i-8ZhLRDD/1/ad753b38/4K/
Redirect Chain
  • https://photos.smugmug.com/photos/i-8ZhLRDD/0/b0981373/4K/i-8ZhLRDD-4K.jpg
  • https://photos.smugmug.com/photos/i-8ZhLRDD/1/ad753b38/4K/i-8ZhLRDD-4K.jpg
4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/photos/i-8ZhLRDD/1/ad753b38/4K/i-8ZhLRDD-4K.jpg
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Server
18.66.91.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-91-100.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e2fd69f15fb042de9e984cfa712764a98d1997e4caee93ae2fc2ab26924a2b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:55:44 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
content-md5
7LkxhUi+k8ibEfYOMlrhKQ==
x-smug-ph
0.0292
x-ttfb
0.8069
x-amz-cf-pop
FRA56-P2
x-env
a=live, b=photoserve, c=e8889be1, d=i-0225b075660705360
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
1658717
smug-content-length
4075566
content-length
4075566
x-request-id
0de09ed8
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 23 Aug 2022 16:52:29 GMT
server
nginx
x-smug-d
Tue, 27 Jun 2023 08:55:44 PDT
x-smug-rb
0.766 (4075566)
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
noarchive, noindex, nosnippet
link
<https://www.robsheaphotography.com/photos/i-8ZhLRDD/1/ad753b38/4K/i-8ZhLRDD-4K.jpg>; rel="canonical"
x-smug-i
8ZhLRDD-JPG-O_3840x1867@90
x-amz-cf-id
PXZIWOLzvUrFvG4rLM1O_Cl51cEvgAOpz_zxdU5SJ3K3NIe9mXSEzQ==
expires
Wed, 26 Jun 2024 15:55:43 GMT

Redirect headers

date
Sun, 16 Jul 2023 20:41:01 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-smug-ph
0.0139
x-ttfb
0.0149
x-smug-301
A
x-env
a=live, b=photoserve, c=e8889be1, d=i-0174830ecd4603ecc
x-smug-redirectfromhost
photos.smugmug.com
p3p
CP="This is not a P3P policy. We respect your privacy."
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA56-P2
content-length
0
x-request-id
83c80b01
x-ua-compatible
IE=edge
x-smug-redirectto
https://photos.smugmug.com/photos/i-8ZhLRDD/1/ad753b38/4K/i-8ZhLRDD-4K.jpg
server
nginx
x-smug-d
Sun, 16 Jul 2023 13:41:01 PDT
x-frame-options
DENY
x-ttfb-l
0
content-type
text/html; charset=utf-8
location
https://photos.smugmug.com/photos/i-8ZhLRDD/1/ad753b38/4K/i-8ZhLRDD-4K.jpg
cache-control
private, no-store, no-cache, max-age=0
x-smug-redirectfromuri
/photos/i-8ZhLRDD/0/b0981373/4K/i-8ZhLRDD-4K.jpg
x-smug-ct
m
x-amz-cf-id
qz0-b8zKHlYa5iFth9rKs7bOK7eRHh5VHr5ezJGA1cxbmir1RJyEhA==
expires
Sun, 16 Jul 2023 20:41:01 GMT
i-8njPBD2-S.jpg
photos.smugmug.com/photos/i-8njPBD2/0/a769fd1e/S/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/photos/i-8njPBD2/0/a769fd1e/S/i-8njPBD2-S.jpg
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.91.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-91-100.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7cdecc7f772ea9a17a522886c81105f7c89c21d17f0373032ff0146a265a2a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 09:29:39 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
content-md5
Z5EhAM7vC1gCXfkO6kSiUQ==
x-smug-ph
0.022
x-ttfb
0.1015
x-amz-cf-pop
FRA56-P2
x-env
a=live, b=photoserve, c=ec58e149, d=i-0cf4dee7cc8ec70b7
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
1681882
smug-content-length
44037
content-length
44037
x-request-id
535a5f6f
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Sat, 03 Jun 2023 17:03:04 GMT
server
nginx
x-smug-d
Tue, 27 Jun 2023 02:29:39 PDT
x-response
Buffer
etag
"67912100ceef0b58025df90eea44a251"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
noarchive, noindex, nosnippet
link
<https://www.robsheaphotography.com/photos/i-8njPBD2/0/a769fd1e/S/i-8njPBD2-S.jpg>; rel="canonical"
x-amz-cf-id
zm-IkQSE2qkIb5xkAViuChhaH-jktL_bqJ4BfGeWAH9Ko0ZM009MMg==
expires
Wed, 26 Jun 2024 09:29:39 GMT
live-stream-title-screen_1280.jpg
photos.smugmug.com/Unlisted/n-xQk5qP/YouTube-Thumbnails/i-JsbNhSn/0/e8aa1ac3/O/ 		542 KB
544 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/Unlisted/n-xQk5qP/YouTube-Thumbnails/i-JsbNhSn/0/e8aa1ac3/O/live-stream-title-screen_1280.jpg
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.91.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-91-100.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ed8847abf035aec16060e5f8cb844d7854f002a7f6e90dce079a762a68de0ffb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 09:29:39 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
content-md5
R/jlqxANETeYY4REyYh7hg==
x-smug-ph
0.0293
x-ttfb
0.0309
x-amz-cf-pop
FRA56-P2
x-env
a=live, b=photoserve, c=ec58e149, d=i-074eee8d9a33cd101
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
1681882
smug-content-length
555091
content-length
555091
x-request-id
9256334b
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Thu, 25 May 2023 18:45:37 GMT
server
nginx
x-smug-d
Tue, 27 Jun 2023 02:29:39 PDT
x-response
Stream
etag
"47f8e5ab100d113798638444c9887b86"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
noarchive, noindex, nosnippet
link
<https://www.robsheaphotography.com/Unlisted/n-xQk5qP/YouTube-Thumbnails/i-JsbNhSn/0/e8aa1ac3/O/live-stream-title-screen_1280.jpg>; rel="canonical"
x-amz-cf-id
KHryXdyvUwkMoJkJlsjiVWLRBVxgkNiqqDhz-LPuYlT-yHkUIKFn8w==
expires
Wed, 26 Jun 2024 09:29:39 GMT
2023-05-13-thumbnail.jpg
photos.smugmug.com/Unlisted/n-xQk5qP/YouTube-Thumbnails/i-rNZCRnJ/0/5eaa8906/S/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/Unlisted/n-xQk5qP/YouTube-Thumbnails/i-rNZCRnJ/0/5eaa8906/S/2023-05-13-thumbnail.jpg
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.91.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-91-100.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9b458ced7c47e28540bb134641a927c9cab49ea3b38a83ad55c81ff7a70af5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 09:29:39 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
content-md5
WUj+mJt1HlX/5MN5Yj1e1w==
x-smug-ph
0.0191
x-ttfb
0.0602
x-amz-cf-pop
FRA56-P2
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0019cdbd99adc84d9
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
1681882
smug-content-length
60789
content-length
60789
x-request-id
f1cbb37e
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Sun, 14 May 2023 13:56:36 GMT
server
nginx
x-smug-d
Tue, 27 Jun 2023 02:29:39 PDT
x-response
Buffer
etag
"5948fe989b751e55ffe4c379623d5ed7"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
noarchive, noindex, nosnippet
link
<https://www.robsheaphotography.com/Unlisted/n-xQk5qP/YouTube-Thumbnails/i-rNZCRnJ/0/5eaa8906/S/2023-05-13-thumbnail-S.jpg>; rel="canonical"
x-amz-cf-id
isKJ07KkvX8CUOFUfDJsHowx2ko8lbFHF0OtY7DuIRZKkYhCiNdydQ==
expires
Wed, 26 Jun 2024 09:29:39 GMT
i-HMzMpkw-4K.jpg
photos.smugmug.com/photos/i-HMzMpkw/0/7d65055b/S/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/photos/i-HMzMpkw/0/7d65055b/S/i-HMzMpkw-4K.jpg
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.91.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-91-100.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1d8e8aaaf56c79f54567c9e6e5d6e2544f3429fd6be24b74dfc734ad4ff46c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 09:29:39 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
content-md5
H3KhIp2DFCo423FIlVLQTw==
x-smug-ph
0.0188
x-ttfb
0.0477
x-amz-cf-pop
FRA56-P2
x-env
a=live, b=photoserve, c=4cf206a9, d=i-01eebcd5f382b9b82
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
1681882
smug-content-length
33892
content-length
33892
x-request-id
ddc7ce8e
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Thu, 11 May 2023 22:10:08 GMT
server
nginx
x-smug-d
Tue, 27 Jun 2023 02:29:39 PDT
x-response
Buffer
etag
"1f72a1229d83142a38db71489552d04f"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
noarchive, noindex, nosnippet
link
<https://www.robsheaphotography.com/photos/i-HMzMpkw/0/7d65055b/S/i-HMzMpkw-S.jpg>; rel="canonical"
x-amz-cf-id
UX3O6qiWuw0mAnaryw2taFbF_4dfZZAzPzsztFBoww5WtHD1tx8dMw==
expires
Wed, 26 Jun 2024 09:29:39 GMT
main.min.js
blog.robsheaphotography.com/assets/js/ 		119 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.robsheaphotography.com/assets/js/main.min.js
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9894b29b4f5585579a7f4ef75161cb14b6aa287616abf83c20fbac78641d1833
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:01 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::42fhg-1689540061575-19808182006c
age
98990
etag
W/"fb27901cc2293438a956dcba2fc1e06b"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.min.js"
js
www.googletagmanager.com/gtag/ 		125 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-169224011-2
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3c9ccb15d7806e1910f41d23affcf2f952fcce2ab9032aee2797e13b6812e0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49188
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 20:41:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
365fcf7d389742130d5174ddf7dc2aaa659a0aa8cb80aa61b33e2fe333cb0117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50436
x-xss-protection
0
server
cafe
etag
1185931577377401263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 20:41:01 GMT
vpcTqeUF5ic
www.youtube-nocookie.com/embed/ Frame 1BB8 		53 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.robsheaphotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 20:41:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-solid-900.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://blog.robsheaphotography.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 20:41:01 GMT
x-content-type-options
nosniff
age
42220
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
78268
x-served-by
cache-fra-eddf8230072-FRA
x-jsd-version-type
version
etag
W/"131bc-DMssgUp+TKEsR3iCFjOAnLA2Hqo"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
fa-brands-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-brands-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://blog.robsheaphotography.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 20:41:01 GMT
x-content-type-options
nosniff
age
16885
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
76736
x-served-by
cache-fra-eddf8230072-FRA
x-jsd-version-type
version
etag
W/"12bc0-BhPH67pV7kfvMCwPd2YyRpL4mac"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
fa-regular-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-regular-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://blog.robsheaphotography.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 20:41:01 GMT
x-content-type-options
nosniff
age
23101
x-jsd-version
5.15.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13224
x-served-by
cache-fra-eddf8230072-FRA
x-jsd-version-type
version
etag
W/"33a8-E1F1Ka/6OeJYXFkayubcM2tqqRc"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
www-player.css
www.youtube-nocookie.com/s/player/4cc5d082/ Frame 1BB8 		0
0
vpcTqeUF5ic
www.youtube-nocookie.com/embed/ Frame 5F18 		75 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/assets/js/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15ea037635e32f6323a781118fffe923e732d4ef9d434cf2ee1f7e3a7baed189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.robsheaphotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 20:41:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		245 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QLRZDQQ71H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169224011-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96ea9de45164aa35f8eaf31f07d8ad49214c7285f8b9baab2ecfab0458da2802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85735
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 20:41:02 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169224011-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 19:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5785
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 16 Jul 2023 21:04:37 GMT
www-player.css
www.youtube-nocookie.com/s/player/4cc5d082/ Frame 5F18 		376 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/4cc5d082/www-player.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20c2f0579cc25ebc1abd6ad10b1bc912b28451c9f2258c8b7d8b996577982be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
390917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47953
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:05:45 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/4cc5d082/www-embed-player.vflset/ Frame 5F18 		312 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3d55d5382139da20f3fe217a9908ff703fd6532067f2ef0b17fc8dc0edb58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 19:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
178545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95779
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Jul 2024 19:05:17 GMT
base.js
www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/ Frame 5F18 		2 MB
742 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4aab6e7479fd508f7e22a26b81515d83d239dd588e9c51dc6cecbf9813f36459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
759847
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:05:45 GMT
fetch-polyfill.js
www.youtube-nocookie.com/s/player/4cc5d082/fetch-polyfill.vflset/ Frame 5F18 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/4cc5d082/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 10:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
36417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2625
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 15 Jul 2024 10:34:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F18 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:54:58 GMT
x-content-type-options
nosniff
age
157564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:54:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F18 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 20:23:37 GMT
x-content-type-options
nosniff
age
433045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 20:23:37 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QLRZDQQ71H&gtm=45je37c0&_p=1548692429&_gaz=1&cid=1195976172.1689540062&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689540062&sct=1&seg=0&dl=https%3A%2F%2Fblog.robsheaphotography.com%2F2021%2F08%2F07%2Fupdate-photoshop-actions-color-infrared.html&dt=Updated%20Photoshop%20Actions%20for%20Color%20Infrared%20v3%20%7C%20Rob%20Shea%20Photography&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLRZDQQ71H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 20:41:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.robsheaphotography.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QLRZDQQ71H&cid=1195976172.1689540062&gtm=45je37c0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLRZDQQ71H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 20:41:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.robsheaphotography.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QLRZDQQ71H&cid=1195976172.1689540062&gtm=45je37c0&aip=1&z=182982179
Requested by
Host: blog.robsheaphotography.com
URL: https://blog.robsheaphotography.com/2021/08/07/update-photoshop-actions-color-infrared.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 20:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5044825374897091&plah=blog.robsheaphotography.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bea2368245073574fb480bc8ca30a53d26ae18769914f53b62e4ba5ed9c3f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125350
x-xss-protection
0
server
cafe
etag
6871203626307010536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 20:41:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame D349 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.robsheaphotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7591
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 18:34:31 GMT
etag
12368291122986407432
expires
Sun, 30 Jul 2023 18:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1548692429&t=pageview&_s=1&dl=https%3A%2F%2Fblog.robsheaphotography.com%2F2021%2F08%2F07%2Fupdate-photoshop-actions-color-infrared.html&ul=en-us&de=UTF-8&dt=Updated%20Photoshop%20Actions%20for%20Color%20Infrared%20v3%20%7C%20Rob%20Shea%20Photography&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=496500291&gjid=2082182194&cid=1195976172.1689540062&tid=UA-169224011-2&_gid=1994068136.1689540062&_r=1&gtm=457e37c0&jsscut=1&z=664338354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.robsheaphotography.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 20:41:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.robsheaphotography.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 20:41:02 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5F18 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b89fad73f0efc0424dcee1ef0fd7ab922a8396a3e1b515549a54acfddc1bc1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31706
x-xss-protection
0
remote.js
www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/ Frame 5F18 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
152ea96453a755a75272226474d70fb1600b59412ba14bdd56159d924610958c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
390816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33612
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:07:26 GMT
V7JOy9E5LPAmHC4-uXpPG1TUC0v77ajXJMI6Ew5elJ8.js
www.google.com/js/th/ Frame 5F18 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/V7JOy9E5LPAmHC4-uXpPG1TUC0v77ajXJMI6Ew5elJ8.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57b24ecbd1392cf0261c2e3eb97a4f1b54d40b4bfbeda8d724c23a130e5e949f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
296970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14661
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 10:11:32 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/vpcTqeUF5ic/ Frame 5F18 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/vpcTqeUF5ic/maxresdefault.webp
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59d3fa4f06cfdf60eec8d9f1149acb0276466db88b52893f91831f506f767a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142342
x-xss-protection
0
server
sffe
etag
"1628351616"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 16 Jul 2023 22:41:02 GMT
embed.js
www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/ Frame 5F18 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e886129a96348ffb4eea9d16c79431b4e6ea3f00dca8d3ce89fecee03aaaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
390916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8166
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:05:46 GMT
truncated
/ Frame 5F18 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
AOPolaTRD9BHFJXWANg5ganIOiPzOGwRy0zFp7_EMTw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5F18 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AOPolaTRD9BHFJXWANg5ganIOiPzOGwRy0zFp7_EMTw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
62a4e362de0c370858d28ece6073763614bab1340daa1e2c6358cf6268007846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 19:17:31 GMT
x-content-type-options
nosniff
age
5011
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2328
x-xss-protection
0
server
fife
etag
"v70"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 17 Jul 2023 19:17:31 GMT
cookie.js
partner.googleadservices.com/gampad/ 		411 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=blog.robsheaphotography.com&callback=_gfp_s_&client=ca-pub-5044825374897091
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5044825374897091&plah=blog.robsheaphotography.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc440000f7389f8d2ac6c3f009da659f895a6e0040968fe71b02d5d782286e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
259
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blog.robsheaphotography.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5044825374897091&plah=blog.robsheaphotography.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 04DC 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5044825374897091&output=html&adk=1812271804&adf=3025194257&lmt=1689540062&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fblog.robsheaphotography.com%2F2021%2F08%2F07%2Fupdate-photoshop-actions-color-infrared.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689540062259&bpp=5&bdt=720&idt=421&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7518957936427&frm=20&pv=2&ga_vid=1195976172.1689540062&ga_sid=1689540063&ga_hid=1548692429&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31075630%2C42532280%2C44759876%2C44759927%2C42532278%2C31075643%2C31076010%2C44788441%2C31075886&oid=2&pvsid=4310273328617903&tmod=2106702805&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=449
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5044825374897091&plah=blog.robsheaphotography.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.robsheaphotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 20:41:02 GMT
expires
Sun, 16 Jul 2023 20:41:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5F18 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 20:41:02 GMT
generate_204
www.youtube-nocookie.com/ Frame 5F18 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube-nocookie.com/generate_204?8nBvwQ
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 20:41:02 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5F18 		90 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ff5918c76c6f6a9a65a282c3b067e19f03884925bf2b8b874ef245f2360f3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 16 Jul 2023 20:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/114/ Frame 5F18 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/114/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 14:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15225
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 15:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 17 Jul 2023 14:48:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5044825374897091&plah=blog.robsheaphotography.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36d4f9a0fcbb7d4423bd0112cfdb7b0f8fff46d40b7a6fbcb11ae4e2b96bc508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11784
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5044825374897091&plah=blog.robsheaphotography.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 20:41:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A721 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.robsheaphotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 18:21:30 GMT
expires
Mon, 15 Jul 2024 18:21:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 17D8 		783 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b652553541b778f6beaa9a6a70faea60cc1824f3c7e3052cf5819bd4f971a3d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4AAbX9Ux9dRVKqmN0ifHxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.robsheaphotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-4AAbX9Ux9dRVKqmN0ifHxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 20:41:03 GMT
expires
Sun, 16 Jul 2023 20:41:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame A721 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 13:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
544309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 13:29:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 17D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=4310273328617903&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A721 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nVOWQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 20:41:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=4310273328617903&bg=!mJulm8_NAAb90kgr3dI7ADkAdvg8WoO-I8j0FvH_91WCqdaYG4fLbQadiSxCzEIVaH-mzHgTc_gr4WfpcGme3WSvZX1k7DWrgIoCAAAAYlIAAAAHaAEHCgAQih4-w8uY5rH4ESM3LzFUo5kCxZdP2Aydb-cfpbzYTPntzKck3Eb7e6ssu0dbTphEqavhTMzPe3iwbpLkX6l0SLrZhgDrTGNelkGKdSKwSbfqNQgeEvUOoYqzQu9bGMAAlT3SEXgZ6bzx7Fh_qJW9Ddyq9jod09sjhWs_gvo_fTkd-pqZiSdGYc7XN_WIWsLQ8y0k_hEE_IkgkSgJqGnHrpB_GU_9ko0Ropxyfdj-R3iBzdOq4MzRBEZgctWxGd7RY_Jd6oehdZGXWashDth1og31IC501DDzHOg55JhHtBFeLw2MaM79I3UGK2lhSnqZz12n1dc9VkA6EMpjvePMIYSODwdH9Ki9k07EHPZQuKkdWQdFWMkB1TWDCAdjoWGwEfTZcRAY4UP0n1ryDBtmrxlrjd9DehByaHGEmO2mUAojOUarDbgnSw0xSqzH1Wr1_WriFX_WIc465LGsvRIVdqSgqpxMxn8pd6kxhzJTGA0DTk8CkyPvz7fPCQCW91qw4Dt9hj0VaP-jlGUT4tYYFdWtY3dAlD82Gr2-VmIrZH9aKYO9rmArilS0TPo0Y3m13CHsmxlhvFCUpgl7zOIvu_-B8LaXFH3nb9sJA-2VjXg_Y0I--urhWNziav48-LP10QFSOi75QtRAPX9wiYlVOvJzTjbr39azri7ON7i9McCOTuSN2V0334FEHOAvZU_4Kl4QJiPOiTpXvPt_yZ1phovCLojRaZcixLiU0P7jrYlEDRZLrWqLM9c8GmWAB-b8ez1nxUTo5QinJBg5UDey0wmUcOZWranzLvMJUJG7jI1ZhGdKXqBule8VWlXUGco8v8wt__sd7oWrc-GRQOkV5rs3YZbbh4U5qwEUWx5zrx3M1H1uQfoKHfZg1P1ApgB6eUdjPTeiJ-T31CbmBanbRsELt8iJDhs-KvEPW220vuC0gO7b_ZqRblOBMxrvk3MLsB7brAhWLBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.robsheaphotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 5F18 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Goog-Request-Time
1689540064998
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/vpcTqeUF5ic
X-YouTube-Client-Version
1.20230711.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtqRzJGNHlTQlpLTSjdq9GlBg%3D%3D
X-YouTube-Ad-Signals
dt=1689540062383&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C936%2C527&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 16 Jul 2023 20:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sun, 16 Jul 2023 20:41:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/s/player/4cc5d082/www-player.css

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| SmoothScroll function| Gumshoe function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaData function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.robsheaphotography.com/ Name: _ga_QLRZDQQ71H
Value: GS1.1.1689540062.1.0.1689540062.60.0.0
.robsheaphotography.com/ Name: _ga
Value: GA1.2.1195976172.1689540062
.robsheaphotography.com/ Name: _gid
Value: GA1.2.1994068136.1689540062
.robsheaphotography.com/ Name: _gat_gtag_UA_169224011_2
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.robsheaphotography.com/ Name: __gads
Value: ID=d5bfc95efe0a7372-2201d8c8c2e2009b:T=1689540062:RT=1689540062:S=ALNI_MaD4Aay7A931vFI4hJR4WKUr7kSPQ
.robsheaphotography.com/ Name: __gpi
Value: UID=00000c3e841d03d3:T=1689540062:RT=1689540062:S=ALNI_MbNDjQdIF3Vz3oDRN2vFubjCL2ijQ

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
blog.robsheaphotography.com
cdn.jsdelivr.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
photos.smugmug.com
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube-nocookie.com
yt3.ggpht.com
www.youtube-nocookie.com
18.66.91.100
2001:4860:4802:34::36
2a00:1450:4001:801::2008
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2016
2a00:1450:400c:c1b::9c
2a04:4e42:200::485
76.76.21.61
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
152ea96453a755a75272226474d70fb1600b59412ba14bdd56159d924610958c
15ea037635e32f6323a781118fffe923e732d4ef9d434cf2ee1f7e3a7baed189
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1bea2368245073574fb480bc8ca30a53d26ae18769914f53b62e4ba5ed9c3f87
1d8e8aaaf56c79f54567c9e6e5d6e2544f3429fd6be24b74dfc734ad4ff46c68
20c2f0579cc25ebc1abd6ad10b1bc912b28451c9f2258c8b7d8b996577982be0
241c5e683aba279bdffe939c0cddb8b6210fcb13ca1196bc3d48d94f24cc8a03
28e886129a96348ffb4eea9d16c79431b4e6ea3f00dca8d3ce89fecee03aaaff
365fcf7d389742130d5174ddf7dc2aaa659a0aa8cb80aa61b33e2fe333cb0117
36d4f9a0fcbb7d4423bd0112cfdb7b0f8fff46d40b7a6fbcb11ae4e2b96bc508
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a3d55d5382139da20f3fe217a9908ff703fd6532067f2ef0b17fc8dc0edb58a
4aab6e7479fd508f7e22a26b81515d83d239dd588e9c51dc6cecbf9813f36459
4ff5918c76c6f6a9a65a282c3b067e19f03884925bf2b8b874ef245f2360f3e3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b24ecbd1392cf0261c2e3eb97a4f1b54d40b4bfbeda8d724c23a130e5e949f
59d3fa4f06cfdf60eec8d9f1149acb0276466db88b52893f91831f506f767a6e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a4e362de0c370858d28ece6073763614bab1340daa1e2c6358cf6268007846
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7cdecc7f772ea9a17a522886c81105f7c89c21d17f0373032ff0146a265a2a9d
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
96ea9de45164aa35f8eaf31f07d8ad49214c7285f8b9baab2ecfab0458da2802
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9894b29b4f5585579a7f4ef75161cb14b6aa287616abf83c20fbac78641d1833
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9b458ced7c47e28540bb134641a927c9cab49ea3b38a83ad55c81ff7a70af5ba
9bc440000f7389f8d2ac6c3f009da659f895a6e0040968fe71b02d5d782286e8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
b652553541b778f6beaa9a6a70faea60cc1824f3c7e3052cf5819bd4f971a3d9
b89fad73f0efc0424dcee1ef0fd7ab922a8396a3e1b515549a54acfddc1bc1d5
d3c9ccb15d7806e1910f41d23affcf2f952fcce2ab9032aee2797e13b6812e0f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2fd69f15fb042de9e984cfa712764a98d1997e4caee93ae2fc2ab26924a2b93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
ea00f9686585ac5fe0706c92b5930bb16422242da281bd22a63028f71f93fe1f
ed8847abf035aec16060e5f8cb844d7854f002a7f6e90dce079a762a68de0ffb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1