urlscan.io logo urlscan.io
SecurityTrails logo

www.roslynannephotography.com Open in urlscan Pro
18.235.135.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.roslynannephotography.com/children
Submission: On January 24 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 4 countries across 20 domains to perform 86 HTTP transactions. The main IP is 18.235.135.157, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.roslynannephotography.com.
TLS certificate: Issued by R3 on December 11th 2022. Valid for: 3 months.
This is the only time www.roslynannephotography.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 18.235.135.157 14618 (AMAZON-AES)
5 142.251.12.95 15169 (GOOGLE)
3 142.250.4.97 15169 (GOOGLE)
2 13.227.254.42 16509 (AMAZON-02)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 157.240.15.13 32934 (FACEBOOK)
1 6 172.67.6.183 13335 (CLOUDFLAR...)
1 13.224.250.108 16509 (AMAZON-02)
1 13.227.254.55 16509 (AMAZON-02)
1 13.35.8.55 16509 (AMAZON-02)
1 172.253.118.157 15169 (GOOGLE)
1 142.250.4.138 15169 (GOOGLE)
1 151.101.1.26 54113 (FASTLY)
1 1 54.247.156.229 16509 (AMAZON-02)
4 13.227.254.56 16509 (AMAZON-02)
1 151.101.192.176 54113 (FASTLY)
1 18.161.97.73 16509 (AMAZON-02)
1 13.33.88.81 16509 (AMAZON-02)
22 23.49.60.170 20940 (AKAMAI-ASN1)
1 74.125.68.99 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
1 3 157.240.13.35 32934 (FACEBOOK)
1 13.33.88.125 16509 (AMAZON-02)
1 13.33.33.129 16509 (AMAZON-02)
3 54.187.119.242 16509 (AMAZON-02)
2 18.66.53.37 16509 (AMAZON-02)
1 23.49.60.194 20940 (AKAMAI-ASN1)
1 34.217.162.9 16509 (AMAZON-02)
1 34.231.43.243 14618 (AMAZON-AES)
1 13.227.254.27 ()
1 13.224.250.49 ()
1 13.35.8.13 ()
1 13.33.33.118 ()
86 33
7    18.235.135.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-135-157.compute-1.amazonaws.com
www.roslynannephotography.com
5    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
3    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
2    13.227.254.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-42.sin52.r.cloudfront.net
image5.photobiz.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    157.240.15.13 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net
6    172.67.6.183 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.dubsado.com
portal.dubsado.com
1    13.224.250.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-108.sin52.r.cloudfront.net
image14.photobiz.com
1    13.227.254.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-55.sin52.r.cloudfront.net
image9.photobiz.com
1    13.35.8.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-55.sin5.r.cloudfront.net
image8.photobiz.com
1    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
googleads.g.doubleclick.net
1    142.250.4.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f138.1e100.net
www.google-analytics.com
1    151.101.1.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    54.247.156.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-156-229.eu-west-1.compute.amazonaws.com
addevent.com
4    13.227.254.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-56.sin52.r.cloudfront.net
cdn.addevent.com
js.stripe.com
1    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
checkout.stripe.com
1    18.161.97.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-97-73.mrs52.r.cloudfront.net
cdn.plaid.com
1    13.33.88.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-81.sin2.r.cloudfront.net
web.squarecdn.com
22    23.49.60.170 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-60-170.deploy.static.akamaitechnologies.com
use.typekit.net
1    74.125.68.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f99.1e100.net
www.google.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
www.google.co.nz
3    157.240.13.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-sin6.facebook.com
www.facebook.com
1    13.33.88.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-125.sin2.r.cloudfront.net
statestore.rollout.io
1    13.33.33.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-129.sin2.r.cloudfront.net
conf.rollout.io
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    18.66.53.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-53-37.bom78.r.cloudfront.net
m.stripe.network
1    23.49.60.194 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-60-194.deploy.static.akamaitechnologies.com
p.typekit.net
1    34.217.162.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-162-9.us-west-2.compute.amazonaws.com
m.stripe.com
1    34.231.43.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-43-243.compute-1.amazonaws.com
push.rollout.io
1    13.227.254.27 (None, )

ASN- ()
image11.photobiz.com
1    13.224.250.49 (None, )

ASN- ()
image10.photobiz.com
1    13.35.8.13 (None, )

ASN- ()
image13.photobiz.com
1    13.33.33.118 (None, )

ASN- ()
image12.photobiz.com
Apex Domain
Subdomains		 Transfer
23 typekit.net
use.typekit.net — Cisco Umbrella Rank: 415
p.typekit.net — Cisco Umbrella Rank: 557
499 KB
9 photobiz.com
image5.photobiz.com — Cisco Umbrella Rank: 527616
image14.photobiz.com — Cisco Umbrella Rank: 548075
image9.photobiz.com — Cisco Umbrella Rank: 539370
image8.photobiz.com — Cisco Umbrella Rank: 546217
image11.photobiz.com
image4.photobiz.com Failed
image10.photobiz.com
image13.photobiz.com
image12.photobiz.com
image6.photobiz.com Failed
2 MB
8 stripe.com
checkout.stripe.com — Cisco Umbrella Rank: 6423
js.stripe.com — Cisco Umbrella Rank: 995
q.stripe.com — Cisco Umbrella Rank: 5906
m.stripe.com — Cisco Umbrella Rank: 991
142 KB
7 roslynannephotography.com
www.roslynannephotography.com
166 KB
6 dubsado.com
hello.dubsado.com — Cisco Umbrella Rank: 239712
portal.dubsado.com
2 MB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
7 KB
3 rollout.io
statestore.rollout.io — Cisco Umbrella Rank: 25257
conf.rollout.io — Cisco Umbrella Rank: 19697
push.rollout.io — Cisco Umbrella Rank: 17718
94 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
432 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
206 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1108
16 KB
2 addevent.com
addevent.com — Cisco Umbrella Rank: 13817
cdn.addevent.com — Cisco Umbrella Rank: 22585
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 153
136 KB
1 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 34884
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 squarecdn.com
web.squarecdn.com — Cisco Umbrella Rank: 27221
103 KB
1 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 14846
40 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1352
462 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
348 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
5 KB
86 20
Domain Requested by
22 use.typekit.net portal.dubsado.com
7 www.roslynannephotography.com www.roslynannephotography.com
5 portal.dubsado.com www.roslynannephotography.com
portal.dubsado.com
5 fonts.googleapis.com www.roslynannephotography.com
portal.dubsado.com
client
3 q.stripe.com www.roslynannephotography.com
3 www.facebook.com 1 redirects www.roslynannephotography.com
3 js.stripe.com portal.dubsado.com
js.stripe.com
3 www.googletagmanager.com www.roslynannephotography.com
www.googletagmanager.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 connect.facebook.net www.roslynannephotography.com
connect.facebook.net
2 image5.photobiz.com www.roslynannephotography.com
1 image12.photobiz.com www.roslynannephotography.com
1 image13.photobiz.com www.roslynannephotography.com
1 image10.photobiz.com www.roslynannephotography.com
1 image11.photobiz.com www.roslynannephotography.com
1 push.rollout.io portal.dubsado.com
1 m.stripe.com m.stripe.network
1 p.typekit.net portal.dubsado.com
1 conf.rollout.io portal.dubsado.com
1 statestore.rollout.io portal.dubsado.com
1 www.google.co.nz www.roslynannephotography.com
1 www.google.com www.roslynannephotography.com
1 web.squarecdn.com portal.dubsado.com
1 cdn.plaid.com portal.dubsado.com
1 checkout.stripe.com portal.dubsado.com
1 cdn.addevent.com portal.dubsado.com
1 addevent.com 1 redirects
1 polyfill.io portal.dubsado.com
1 www.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 image8.photobiz.com www.roslynannephotography.com
1 image9.photobiz.com www.roslynannephotography.com
1 image14.photobiz.com www.roslynannephotography.com
1 hello.dubsado.com 1 redirects
1 cdnjs.cloudflare.com www.roslynannephotography.com
0 image6.photobiz.com Failed www.roslynannephotography.com
0 image4.photobiz.com Failed www.roslynannephotography.com
86 37

This site contains links to these domains. Also see Links.

Domain
www.photobiz.com
Subject Issuer Validity Valid
www.roslynannephotography.com
R3		 2022-12-11 -
2023-03-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.photobiz.com
Amazon		 2022-08-01 -
2023-08-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-02 -
2023-01-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-01-10 -
2023-05-10		 4 months crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
web.squarecdn.com
Amazon		 2022-05-02 -
2023-05-31		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
rollout.io
Amazon		 2022-11-24 -
2023-12-22		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-08 -
2023-04-08		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.roslynannephotography.com/children
Frame ID: B4D614BA76928F007E010C05191AE9B4
Requests: 36 HTTP requests in this frame

Frame: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185
Frame ID: 19FAD976A38EE6B00743E68790190225
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: CEE7F0A83C977611C7EB2771160FDEFD
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/?redirect=0
Frame ID: 49764FB7EB2A5CC9D259F2ABA94915B6
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4B401B360F156C193A0E55EBEA85DBFE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Child Headshots Photographer - Northern Virginia + Maryland area

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

86
Requests

90 %
HTTPS

0 %
IPv6

20
Domains

37
Subdomains

33
IPs

4
Countries

5551 kB
Transfer

12101 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://hello.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185 HTTP 302
  • https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185
Request Chain 22
  • https://addevent.com/libs/atc/1.6.1/atc.min.js HTTP 301
  • https://cdn.addevent.com/legacy2000/libs/atc/1.6.1/atc.min.js
Request Chain 59
  • https://www.facebook.com/tr/ HTTP 302
  • https://www.facebook.com/tr/?redirect=0

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request children
www.roslynannephotography.com/ 		42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-135-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a3b01ced5c709c65934975e535593845ddc6bfa465fb2453e43cbac815d59fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 24 Jan 2023 12:58:54 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main-28faef19.css
www.roslynannephotography.com/system/apps/sites/dist/css/ 		197 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.roslynannephotography.com/system/apps/sites/dist/css/main-28faef19.css
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-135-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
633c1e909a20b283ca6a6eb7590d503bb34ee686bbf27d11dd505aa43f64998a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/children
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 04 Jan 2023 18:06:59 GMT
server
Apache
etag
W/"201755-1672855619643-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24273
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 12:58:55 GMT
css
fonts.googleapis.com/ 		1 KB
967 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Dancing+Script
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
9eb663119f14565628eb6ea488d931bd926e98107100a54493003f42a0d68a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:58:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 12:58:55 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11029070502
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a9d45e741ba569140db4c980cd285e221007989d8a7761ab51f2c35d7371f13c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50752
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 24 Jan 2023 12:58:56 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZJKGD43K50
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a32f26daf6cfe16dd6857d5011983a868e1555bfed6c8ce24bc6e9515be653b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79683
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 24 Jan 2023 12:58:56 GMT
main-acfeaace.js
www.roslynannephotography.com/system/apps/sites/dist/js/ 		367 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.roslynannephotography.com/system/apps/sites/dist/js/main-acfeaace.js
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-135-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
902a3ad2067d23eb27fd0dcc2b2f1ced65582b5a30e2fcd47669649582a82b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/children
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Jul 2022 16:11:10 GMT
server
Apache
etag
W/"375691-1657555870141-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 12:58:55 GMT
11_20221215131603_11700782_large.png
image5.photobiz.com/8905/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.photobiz.com/8905/11_20221215131603_11700782_large.png
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-42.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b3d29560eeb6a39a06dd44d6a69f764ef94dfb60ae1b0caa575f3e3cd2f8cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:58 GMT
x-amz-version-id
.2dtkmkrg.KBIfV0RGzbv5EGkP4btd15
via
1.1 4e0b5cb07c18d66b4d938e898c1c7bf2.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 19:16:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
etag
"71c92ea78fa1856963d951d6fea389c0"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
34569
x-amz-cf-id
YVPVOrTiJpQeQRTOtXpIkwRDkohbYMmimjCXq7OBmZPWIRuwTNp2Ug==
placeholder_1px.png
www.roslynannephotography.com/global/images/ 		175 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roslynannephotography.com/global/images/placeholder_1px.png
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-135-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ed5bb9ea302414a1ad9f250d5cd5b5da08f55fe43b18020db13f74966e4bc0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/children
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 16:49:12 GMT
server
Apache
etag
W/"175-1560358152000"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
175
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 12:58:55 GMT
iframeResizer.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.14/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.14/iframeResizer.min.js
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9230675eb04d0dc784320dbbf198ec094109f15ad63f64e9d79f0df6eed885d9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5956939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4500
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-3213"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu%2FSHQA9S3203J1Bkztxvc45AymslNcQ%2B2vUBRTLy2PZf6iO6cZv1aL0RgxTIIKpSM30KMTYDb%2BS0jWbEPRD5n2Ou9h8QGJVpvhY5nKEeZYHUATMSjCuO55CDSKDHehC%2FmNJSvT9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78e8f1814ef71c5e-AKL
expires
Sun, 14 Jan 2024 12:58:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 24 Jan 2023 12:58:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27859
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
NrsfLAY0M3wufxV9oYAfA6fYaioXZKjJ1Ktg3/dqBDYCgqf0nJVaXrCX9FEjZ1ygDZ+FST7K/LUTT5yelT1eTg==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
sites-icon-font-classic.woff2
www.roslynannephotography.com/system/apps/sites/src/css/fonts/sites-icon-font-classic/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.roslynannephotography.com/system/apps/sites/src/css/fonts/sites-icon-font-classic/fonts/sites-icon-font-classic.woff2?15zu11
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-135-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b9fd1aff4b167256e9231e4cc7ccfc86367c587da35ea0d756ae437479c60b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.roslynannephotography.com/children
Origin
https://www.roslynannephotography.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 13:39:33 GMT
server
Apache
etag
W/"9664-1588685973000-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9687
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 12:58:55 GMT
Avalon-Book-webfont.woff2
www.roslynannephotography.com/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.roslynannephotography.com/fonts/Avalon-Book-webfont.woff2
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-135-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
37d17e6a75008bff07f0655b61abe3288abe8381c420522181e684a3f0bb8291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.roslynannephotography.com/children
Origin
https://www.roslynannephotography.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 16:49:09 GMT
server
Apache
etag
W/"22840-1560358149000-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22805
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 12:58:55 GMT
63ac3fd0f9c7d67fab6ce185
portal.dubsado.com/public/form/view/ Frame 19FA
Redirect Chain
  • https://hello.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185
  • https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.6.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58fb1ca37279863bbeec2ee0f8a2c0a0bbf4bc23a9177164e633634383d107b4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.roslynannephotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78e8f189de851c58-AKL
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 24 Jan 2023 12:58:57 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
report-to
[object Object]
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding
x-brand
x-content-type-options
nosniff
x-user

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78e8f1846af71c58-AKL
content-type
text/html; charset=utf-8
date
Tue, 24 Jan 2023 12:58:56 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
report-to
[object Object]
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept
x-brand
x-content-type-options
nosniff
x-user
11_20220801103553_11470274_large.jpg
image14.photobiz.com/10152/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image14.photobiz.com/10152/11_20220801103553_11470274_large.jpg
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-108.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ea92c403d0d0116948a9c960a1fa78a1806c5532a6ff38c1e7238c865921155

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:59 GMT
x-amz-version-id
XgrWT5KN1Wjvp5FZsJka.kN1ZvD_LNqN
via
1.1 2aabea8a9cbe7f03f67c33c45d1d592c.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 15:35:54 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"bff1293337b1702c36ff876865faf2bb"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
112640
x-amz-cf-id
BModYs1b47YRlq2Du1Sk9wonsaT8-OBTz2o7fxHFwhNHe_4KlGKuGw==
11_20220729192317_11468098_xlarge.png
image9.photobiz.com/8584/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image9.photobiz.com/8584/11_20220729192317_11468098_xlarge.png
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-55.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8dd7c4e448bcae5bc70a6f016c74fcd1a8bc54554a5b5825905e4d77f79179f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
x-amz-version-id
lf4OPHJ3X1BGwuNUdR6kR9CqR59tWUz5
via
1.1 e947961d46d4aa161784258339d7564e.cloudfront.net (CloudFront)
last-modified
Sat, 30 Jul 2022 00:23:21 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
etag
"22d947026842b7af1021bed4ba2d373a"
x-cache
Miss from cloudfront
content-type
image/png
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
2001251
x-amz-cf-id
rb0q3koOwjQZzEWBm_f4PCFF4SRz6yaAAEJlgr8CU7S_nuD5F9PYuA==
11_20220729192326_11468131_large.jpg
image8.photobiz.com/8585/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.photobiz.com/8585/11_20220729192326_11468131_large.jpg
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-55.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
898914fc213c942dda079f34bc221da4c08dfb5ddac4c4bb435494b0128419d7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:59 GMT
x-amz-version-id
bp9gvBa3MKr8f4TnJME0dsrLAphK95Va
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
last-modified
Sat, 30 Jul 2022 00:23:27 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
etag
"1df5dfb3cec51b9d9c4872e48db664eb"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
94565
x-amz-cf-id
rxyYJCf1jNQLHw5AdRQIfmpjVSOdllFFZL-JQchnjywX1lAESKSDpA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11029070502/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11029070502/?random=1674565136884&cv=11&fst=1674565136884&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.roslynannephotography.com%2Fchildren&tiba=Child%20Headshots%20Photographer%20-%20Northern%20Virginia%20%2B%20Maryland%20area&auid=820714355.1674565137&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11029070502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
29a4449b1abfa726679e152176b1d2f9ff20d4d2e6ade86f37154f2ad92ca9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Jan 2023 12:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
925
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZJKGD43K50&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11029070502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
26826e2aa10b6457ae01ab98be670a6072ff628d6328ce1a8c9d8a8042ad2598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79697
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 24 Jan 2023 12:58:57 GMT
collect
www.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZJKGD43K50&gtm=2oe1n0&_p=727282000&cid=743502137.1674565137&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674565137&sct=1&seg=0&dl=https%3A%2F%2Fwww.roslynannephotography.com%2Fchildren&dt=Child%20Headshots%20Photographer%20-%20Northern%20Virginia%20%2B%20Maryland%20area&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJKGD43K50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Jan 2023 12:58:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.roslynannephotography.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
704471757649439
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/704471757649439?v=2.9.94&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
656a7429d5fcaa043186d3720a34b6d5406d9e311e62133bd2f3fba5babbeaa7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 24 Jan 2023 12:58:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
GDgpvCYEDbBCF0bBdnok+IQLKbj2EP+T/5GN5QusmDbG0cujukUO9yHUgKDt2p76ptzOQQcaoFl4AzVFksT6qQ==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/ Frame 19FA 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,500|Raleway:400,400i,700,700i|Allura|Cinzel:400,700|Fanwood+Text:400,400i|Josefin+Sans:400,400i,600,600i|La+Belle+Aurore|Lato:400,400i,700,700i|Lora:400,400i,700,700i|Montserrat:400,400i,600,600i|Oswald:400,600|Playfair+Display:400,400i,700,700i|Special+Elite
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
10910f33875aa5bdbf393d72caba250129d8c5964d4fffc4bce5f47d9d6649ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 12:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:58:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 12:58:57 GMT
css
fonts.googleapis.com/ Frame 19FA 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cormorant+Garamond:400,400i,700,700i|Old+Standard+TT:400,400i,700|Open+Sans:400,400i,700,700i|Pacifico|Pinyon+Script|Poppins:400,700|Quicksand:300,400,700|Roboto+Condensed:400,400i,700,700i|Roboto:400,400i,700,700i|Comfortaa:300,400,700|Istok+Web:400,400i,700
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
26f1f458eceb5d935708f917cf14575bc548fa3fae2068238502104ecb67d607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 12:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:58:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 12:58:57 GMT
polyfill.min.js
polyfill.io/v3/ Frame 19FA 		101 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Intl
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:58 GMT
content-encoding
br
last-modified
Thu, 12 Jan 2023 11:53:04 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/89.0.0
server-timing
PASS, fastly;desc="Edge time";dur=15
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
94
atc.min.js
cdn.addevent.com/legacy2000/libs/atc/1.6.1/ Frame 19FA
Redirect Chain
  • https://addevent.com/libs/atc/1.6.1/atc.min.js
  • https://cdn.addevent.com/legacy2000/libs/atc/1.6.1/atc.min.js
32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.addevent.com/legacy2000/libs/atc/1.6.1/atc.min.js
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Server
13.227.254.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-56.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cfddf20d04f7f3f75603868ad2b4bdbcfd5b5520e177d0231f6e2ab2241354d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 00:41:28 GMT
content-encoding
br
via
1.1 58b09a46630ea2f6a75154a66e58b2e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN52-C3
age
44253
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 Jun 2022 09:22:36 GMT
server
AmazonS3
etag
W/"d4881a6054da56bd933dff9367745f8c"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
l800JMB6aXyIqbx3JYSr4HG6SvDrG1fTNKCnqjHdGx4SDwqAmRqXMg==

Redirect headers

location
https://cdn.addevent.com:443/legacy2000/libs/atc/1.6.1/atc.min.js
date
Tue, 24 Jan 2023 12:58:59 GMT
server
awselb/2.0
content-length
134
content-type
text/html
checkout.js
checkout.stripe.com/ Frame 19FA 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.stripe.com/checkout.js
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Jan 2023 12:58:58 GMT
via
1.1 varnish
age
14
x-cache
HIT
content-length
22937
x-request-id
fb627711-306a-421a-af77-e3382a40791f
x-served-by
cache-fty21383-FTY
last-modified
Wed, 13 Jul 2022 15:14:21 GMT
server
Fastly
x-timer
S1674565138.127609,VS0,VE1
etag
"9df39fdc36e7b7d12c767cc16f78989c"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
1
v3
js.stripe.com/ Frame 19FA 		424 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-56.sin52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
027d288604f8fe654cab2130e8df9ff43b1af1c3bd6dc6b4e43d521fdb70ff45
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Jan 2023 12:58:57 GMT
via
1.1 ce37b125bad795f4918cd50b3f95260a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
4
x-cache
Hit from cloudfront
last-modified
Mon, 23 Jan 2023 22:40:52 GMT
server
Cloudfront
etag
W/"7b8e93709370de6c19669aad7e51d79d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
2tIDenFfh7XxZgJfCYyPkPTwR-U2BI-mgpDBWfaxl4lRNQR9jyRTOw==
link-initialize.js
cdn.plaid.com/link/v2/stable/ Frame 19FA 		125 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-73.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a496db4afdb3891f0d1d0c0393eb5bc583ea2a46f5818a739b708542e40f680d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Olz7vHS2338JOTgdQDy.quPH4S1stpH6
content-encoding
gzip
via
1.1 ab0b1e7cbd7487a4d0b7fa6622ab2758.cloudfront.net (CloudFront)
date
Tue, 24 Jan 2023 04:14:22 GMT
x-amz-request-id
V3DSARAEFAXGV0XA
x-amz-cf-pop
MRS52-P3
x-amz-server-side-encryption
AES256
age
31576
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
UNeLemsQCmAKG/dKmt9N6asqs2l1fiFsfvUFJ5X3xXNEVzZsFJOF8qe3Fi7vNgOdwQ6P5s3AoDA=
last-modified
Fri, 20 Jan 2023 21:48:01 GMT
server
AmazonS3
etag
W/"353f8766665513254498e596ae3de7ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-id
0uIm50cRGpw_4opP7_cw9SlmQF9TFaLxW4tvcLDvlMcnquldGUuwKA==
square.js
web.squarecdn.com/v1/ Frame 19FA 		352 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/v1/square.js
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-81.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37271fc29689a77b16ee8fb5eaa2690e74be69eb0fd67a5d90a840b65cf7d54e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
frXKycdj_OQX9sKDKUKOIV_SdWs2mzxH
content-encoding
gzip
via
1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront)
date
Mon, 23 Jan 2023 20:03:55 GMT
x-amz-cf-pop
SIN2-P2
age
60905
x-cache
Hit from cloudfront
x-amz-meta-websdk-version
1.45.2
last-modified
Sat, 21 Jan 2023 00:16:00 GMT
server
AmazonS3
etag
W/"3cb73a374b8ad64c0751d09a5c082151"
access-control-max-age
300
x-amz-meta-md5checksum
PLc6N0uK1kwHUdCaXAghUQ==
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=300
vary
Accept-Encoding
x-amz-cf-id
ULMyIJwu9wEjxluFoXUBtmUlymHOAa5447qrTMthNaV-EsCXtLvnog==
bbs7myv.js
use.typekit.net/ Frame 19FA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/bbs7myv.js
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c82634ecfbe7aa305207512a6ee60e68d3a327def4ad8fdbc2e3025135a0fac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 24 Jan 2023 12:58:58 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7266
iframeResizer.contentWindow.min.js
portal.dubsado.com/plugins/ Frame 19FA 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.dubsado.com/plugins/iframeResizer.contentWindow.min.js
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.6.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2017 18:51:24 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
age
146870
etag
W/"59fb692c-3654"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
cf-ray
78e8f18c3ffe1c58-AKL
expires
Wed, 25 Jan 2023 16:24:06 GMT
publicReactV2.css
portal.dubsado.com/js/ Frame 19FA 		145 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.dubsado.com/js/publicReactV2.css
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.6.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48faf5f488fb81b7104ef002985e3ce1566506e2afabe95a0167be3c83ecf110
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Fri, 20 Jan 2023 20:04:26 GMT
server
cloudflare
content-encoding
gzip
cf-polished
origSize=149076
etag
W/"63caf3ca-24654"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
cf-ray
78e8f18c3ffd1c58-AKL
expires
Thu, 01 Jan 1970 00:00:01 GMT
publicReactV2.js
portal.dubsado.com/js/ Frame 19FA 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.dubsado.com/js/publicReactV2.js
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.6.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51a9e4a34a8c96da6eb38100e273593e9dbf5c9cb9c7ebeb0809b786e09f75e0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Jan 2023 20:04:26 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
etag
W/"63caf3ca-59b5df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
cf-ray
78e8f18c3fff1c58-AKL
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
www.google.com/pagead/1p-user-list/11029070502/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11029070502/?random=1674565136884&cv=11&fst=1674561600000&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.roslynannephotography.com%2Fchildren&tiba=Child%20Headshots%20Photographer%20-%20Northern%20Virginia%20%2B%20Maryland%20area&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3237843226&rmt_tld=0&ipr=y
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Jan 2023 12:58:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.nz/pagead/1p-user-list/11029070502/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/pagead/1p-user-list/11029070502/?random=1674565136884&cv=11&fst=1674561600000&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.roslynannephotography.com%2Fchildren&tiba=Child%20Headshots%20Photographer%20-%20Northern%20Virginia%20%2B%20Maryland%20area&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3237843226&rmt_tld=1&ipr=y
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Jan 2023 12:58:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=704471757649439&ev=PageView&dl=https%3A%2F%2Fwww.roslynannephotography.com%2Fchildren&rl=&if=false&ts=1674565138829&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674565138828.668102266&it=1674565137230&coo=false&rqm=GET
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 24 Jan 2023 12:58:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
css2
fonts.googleapis.com/ Frame 19FA 		1 KB
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Dancing+Script&display=swap
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/js/publicReactV2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
9eb663119f14565628eb6ea488d931bd926e98107100a54493003f42a0d68a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 12:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:49:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 12:58:59 GMT
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ Frame 19FA 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"6aeae62b893768150f3460329dc461358e8ab2f5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29820
ee68817ca8a4722643db8fe17a9c2942
statestore.rollout.io/5d5497f3c3cb8b1634f09971/ Frame 19FA 		14 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://statestore.rollout.io/5d5497f3c3cb8b1634f09971/ee68817ca8a4722643db8fe17a9c2942
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/js/publicReactV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ae277e741844927863cae71ab0bec2158f46bba0636e5a9b18a590f28f40fc5

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal.dubsado.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 21:15:36 GMT
content-encoding
gzip
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
56605
x-cache
Hit from cloudfront
content-length
34
last-modified
Sat, 21 Jan 2023 19:29:14 GMT
server
AmazonS3
etag
"87d1790312276e91ba9f837e0f0960cb"
access-control-max-age
3000
access-control-allow-methods
GET
content-language
en
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
znkJ31MDXRw1z9BDLigwBnY6FX2EclYRY_-qLsV-f7At-amcCJ0OTQ==
57b135f084258d6ae1e5d944a2392565
conf.rollout.io/5d5497f3c3cb8b1634f09971/ Frame 19FA 		238 KB
94 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://conf.rollout.io/5d5497f3c3cb8b1634f09971/57b135f084258d6ae1e5d944a2392565?distinct_id=46ebeb7a-0b60-42cf-bb8b-54d48d26a2e2
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/js/publicReactV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-129.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a90f27ccf45638de7f419b5fc59af6d03a024e2bbf07e80e9ab54d453ba2b69c

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal.dubsado.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vPrE61gNXAOhuSMka6SITJi..Fi.8dgg
content-encoding
gzip
via
1.1 beabd6d4d869f3809233bc395642a58e.cloudfront.net (CloudFront)
date
Tue, 24 Jan 2023 12:59:02 GMT
x-amz-cf-pop
SIN2-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
95269
last-modified
Mon, 23 Jan 2023 09:44:45 GMT
server
AmazonS3
etag
"91399e69c2892e26583005928dea7c37"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
content-language
en
cache-control
no-cache
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
wN7JCm8d9ARHa8dBfahC0QCRF1pLNEStuQKgR6QVEXixRyKyL2Nzng==
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame CEE7 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-56.sin52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.dubsado.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3597
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Jan 2023 12:57:40 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Fri, 20 Jan 2023 19:49:38 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 ce37b125bad795f4918cd50b3f95260a.cloudfront.net (CloudFront)
x-amz-cf-id
6qP2Yi0NSShrFJFxXgNw3tK4VVdisci_yPfB3S6VWusJ8c8BdSMAJg==
x-amz-cf-pop
SIN52-C3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ Frame 19FA 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30704
l
use.typekit.net/af/4de20a/00000000000000007735e604/30/ Frame 19FA 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4de20a/00000000000000007735e604/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"59a4b2c03f9b7609599aab6c503269f21dd7d06e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32312
l
use.typekit.net/af/154cda/00000000000000007735e601/30/ Frame 19FA 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/154cda/00000000000000007735e601/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c862e09dc14a6d0ba890b78cb2f57a6e1df993395106e91bf95d202fc33c4b60

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"bb527db1d82be3f299f746453df8abe5f2b6ac67"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28764
l
use.typekit.net/af/7283cd/00000000000000007735e608/30/ Frame 19FA 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7283cd/00000000000000007735e608/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i1&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
22ad3fbc37b5eda2d488eb0d75b3f9d67d327ba4c21e4bd0c0caf3e03bb99fa0

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"fc85207db6e91703a4278329beefdaa4d7ef92f0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30244
l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ Frame 19FA 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"1d1aed9a298449b26ef6d57c78caa88b6b5de306"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29764
l
use.typekit.net/af/144da4/00000000000000007735e619/30/ Frame 19FA 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/144da4/00000000000000007735e619/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a74ee265f5a490c09bdc8c45acbe58543a11971d63b9c8de6f6b709fbd79e681

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"b3c4560c9c21c17e860a7847836a63e08d8c1f46"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30992
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ Frame 19FA 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"45b6acdd85bc39b5dfc108ace1ad2dbe5fca28ba"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31620
l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ Frame 19FA 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"174f4ede5c586799404565373f175cfaf1562181"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30008
l
use.typekit.net/af/40d372/00000000000000007735e607/30/ Frame 19FA 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/40d372/00000000000000007735e607/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4902549b48d7ff4f031ae6460e12dd960510ada7e1dfca654b8beb117b0ddff3

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"01c852f9fa366dcbc0e5f55fac36fa3969f7f517"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31652
l
use.typekit.net/af/69c1f9/00000000000000007735a53a/30/ Frame 19FA 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/69c1f9/00000000000000007735a53a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
91afe8034e64b598b36f57aa1de0840bc04e1d138f8a836d71c9abae5974e174

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"f85672bfc73086e76cab0c94b64976dfdde3e6e9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17156
l
use.typekit.net/af/017a45/00000000000000007735a53f/30/ Frame 19FA 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/017a45/00000000000000007735a53f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
28de1f1cd7d57173c18d05e519cd8629d5654e356d0e8f3728e380c955dd3119

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"db071060d785a4b56dfdc37460aef42acf9fa5b2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19552
l
use.typekit.net/af/da581f/00000000000000007735a540/30/ Frame 19FA 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/da581f/00000000000000007735a540/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b6715e33848287dd8600843b5a427554eab899a9de842eaa5dfd2d1fa0823e0f

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"ff6115176ef40b2007d17b316eaeef44a30d492d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17028
l
use.typekit.net/af/0e8f68/00000000000000007735a541/30/ Frame 19FA 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0e8f68/00000000000000007735a541/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i2&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7095c0a3425f7b3bafa8fa9b7d1aa0fc14b78bd1f3d622b9a6ccbb5835026e1d

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"ce4f2cc3abee1ca8286988ceddc44a2d5d68b0b9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19352
l
use.typekit.net/af/987a60/00000000000000007735a543/30/ Frame 19FA 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/987a60/00000000000000007735a543/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fcf9ad39a58bd521789931e384b831a9ce7bbe3b5f9a05bf02c352e1e60c7ebb

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"5e75b786eedb2c68e3ea4f8e9407f415881535c8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18064
l
use.typekit.net/af/6c50f4/00000000000000007735a544/30/ Frame 19FA 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6c50f4/00000000000000007735a544/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"bd36aa533bb1fdd3f69db9026cbb8450c993a3ee"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18008
l
use.typekit.net/af/56af16/00000000000000007735a545/30/ Frame 19FA 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/56af16/00000000000000007735a545/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
67f123415f29ccfa2062392764fd92b8551c7d865b52c36f8405c3ed9475d5ba

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"a7d1374c4c5a1819de8e76d1d0ba7be379472882"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19880
l
use.typekit.net/af/19dd88/00000000000000007735e53c/30/ Frame 19FA 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/19dd88/00000000000000007735e53c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0988c98965ebe5c25b06472ef69dce137b497c89e5b320903bedd8098b766425

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"e4b0f983ca6ea440c60d8bd680d8274cad45e422"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14056
l
use.typekit.net/af/37e7f5/00000000000000007735a548/30/ Frame 19FA 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/37e7f5/00000000000000007735a548/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e0839094a0f5d0f20dc868eb8b91942289ec146624fbd3719b6d82f8893d9dd9

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"3fde2bbf02a4c0772d0cbb68120a5d1012540029"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17300
l
use.typekit.net/af/be28cc/00000000000000007735a54a/30/ Frame 19FA 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/be28cc/00000000000000007735a54a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"fe068450069fac8d4a7027a68334d63a0dea2f78"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13768
l
use.typekit.net/af/bc6c28/00000000000000007735a54c/30/ Frame 19FA 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bc6c28/00000000000000007735a54c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.170 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
53afe1d2c0421e4eaf9116735fe7d77682e5bdd27a67356261879d3f0e5ec797

Request headers

Referer
https://portal.dubsado.com/
Origin
https://portal.dubsado.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
server
nginx
etag
"f26625a80709eb1685925bef2d910ee17e128004"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17948
/
www.facebook.com/tr/ Frame 4976
Redirect Chain
  • https://www.facebook.com/tr/
  • https://www.facebook.com/tr/?redirect=0
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/?redirect=0
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.roslynannephotography.com
Referer
https://www.roslynannephotography.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 24 Jan 2023 12:59:00 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 24 Jan 2023 12:58:59 GMT
expires
0
location
/tr/?redirect=0
pragma
no-cache
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
csp-report
q.stripe.com/ Frame CEE7 		0
601 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CEE7 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 24 Jan 2023 12:59:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame CEE7 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-56.sin52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 24 Jan 2023 12:57:41 GMT
x-content-type-options
nosniff
via
1.1 ce37b125bad795f4918cd50b3f95260a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
3597
x-cache
Hit from cloudfront
content-length
631
last-modified
Wed, 18 Jan 2023 19:53:29 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2bU1OaIJSMhU_KpZdZWPWWgoVru4w9QsP_G9zbxmF1WGKi5atnvmaA==
inner.html
m.stripe.network/ Frame 4B40 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.53.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-53-37.bom78.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
42
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 24 Jan 2023 12:58:19 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 e9084c02bcee1041b869b6af229eb0c2.cloudfront.net (CloudFront)
x-amz-cf-id
1lXnZ63Tz8uLAGyl27KFJrpsxxpS_M0MnSOkmBMyI_TpraglmNG0TA==
x-amz-cf-pop
BOM78-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
css2
fonts.googleapis.com/ Frame 19FA 		11 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter&family=Open+Sans:ital,wght@0,400;0,600;1,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
a28f1d4f019b007adb51867d409046e4f2c66348dfe5708c46107ac65cd5d149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 12:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 12:59:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 12:59:00 GMT
csp-report
q.stripe.com/ Frame 4B40 		0
374 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
green
pragma
no-cache
date
Tue, 24 Jan 2023 12:59:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 4B40 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.53.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-53-37.bom78.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 24 Jan 2023 12:57:01 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 e9084c02bcee1041b869b6af229eb0c2.cloudfront.net (CloudFront)
x-amz-cf-pop
BOM78-P2
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
122
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
DSG1j5ZTg2h1MKV1IRDrcFCaI3zgE5cLS-L_F3F2Q_w8ZKBzPLBkMg==
p.gif
p.typekit.net/ Frame 19FA 		35 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=bbs7myv&ht=tk&h=portal.dubsado.com&f=139.140.171.172.173.174.175.176.5474.5475.24349.24351.24352.24353.24354.24355.24356.43307.43309.43311.43313&a=6385777&js=1.21.0&app=typekit&e=js&_=1674565141491
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.194 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-194.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
date
Tue, 24 Jan 2023 12:59:02 GMT
last-modified
Sun, 03 Oct 2021 07:53:18 GMT
server
nginx
etag
"6159616e-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
6
m.stripe.com/ Frame 4B40 		156 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.162.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-162-9.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c31fefeed8e4927a23dd5d5396d5566a123eae3804ac6f9b79e59a045582af25
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 24 Jan 2023 12:59:02 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
5d5497f3c3cb8b1634f09971
push.rollout.io/sse/ Frame 19FA 		5 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://push.rollout.io/sse/5d5497f3c3cb8b1634f09971
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.43.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-43-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://portal.dubsado.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 24 Jan 2023 12:59:02 GMT
cache-control
no-cache, no-transform
access-control-allow-headers
cache-control,accept,*
access-control-allow-methods
*
content-type
text/event-stream
63ac3fd0f9c7d67fab6ce185
portal.dubsado.com/api/forms/u/ Frame 19FA 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://portal.dubsado.com/api/forms/u/63ac3fd0f9c7d67fab6ce185?isOnScheduler=false
Requested by
Host: portal.dubsado.com
URL: https://portal.dubsado.com/js/publicReactV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.6.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74a099699518ca9ac88101345aeb73dac4ea6c62f45a10a80bcbfc7511f4256c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://portal.dubsado.com/public/form/view/63ac3fd0f9c7d67fab6ce185?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-user
x-brand
server
cloudflare
etag
W/"12ad-7fAGmoZQJiOBD39hdCPfavPWED4"
x-ratelimit-remaining
999
vary
Accept-Encoding
report-to
[object Object]
content-type
application/json; charset=utf-8
cache-control
no-cache
x-ratelimit-reset
1674565643
x-ratelimit-limit
1000
cf-ray
78e8f1a84c6b1c58-AKL
x-frame-options
SAMEORIGIN
expires
Thu, 01 Jan 1970 00:00:01 GMT
index.cfm
www.roslynannephotography.com/ 		18 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.roslynannephotography.com/index.cfm?action=block.loadMore
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/system/apps/sites/dist/js/main-acfeaace.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-135-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c606920138b904e925f01cc669e9f5b18a31f0fab293bd42c5e0f46c545775c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.roslynannephotography.com/children
X-Requested-With
XMLHttpRequest
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 24 Jan 2023 12:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-xss-protection
1; mode=block
vary
Accept-Encoding,User-Agent
content-type
application/json;charset=UTF-8
11_20220729192324_11468127_large.jpg
image5.photobiz.com/8905/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.photobiz.com/8905/11_20220729192324_11468127_large.jpg
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-42.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cea8ee5fda5fdcca0fd78c0743b2c4c40405f249c378325649e9e26f75520183

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:03 GMT
x-amz-version-id
KoL.HCHKmqTxgbWdCtgDJ4MrTBc0bm.W
via
1.1 4e0b5cb07c18d66b4d938e898c1c7bf2.cloudfront.net (CloudFront)
last-modified
Sat, 30 Jul 2022 00:23:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
etag
"274bbf6e7fc9f402fa6f8e08856d7251"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
221991
x-amz-cf-id
6mdZzUzzpi9beyVrIOe6ik0nPCdz67kbIBWqgW14EcOYoD1S-w81rA==
11_20220729192325_11468128_large.jpg
image11.photobiz.com/8586/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image11.photobiz.com/8586/11_20220729192325_11468128_large.jpg
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.27 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:04 GMT
x-amz-version-id
1lTeezobk14ptI3x01hrXS12H8XUFsbM
via
1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
last-modified
Sat, 30 Jul 2022 00:23:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
etag
"ffaf35564d47d8a7d9f956f3dd7c30e1"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
116166
x-amz-cf-id
j7hy6EAdUxzs_WCQDN0i0YIe0A8dU2SCT3FcBEGGukz2JLMlfJwG0Q==
11_20220729192326_11468134_large.jpg
image4.photobiz.com/8911/ 		0
0
11_20220729192317_11468097_xlarge.jpg
image10.photobiz.com/8495/ 		66 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image10.photobiz.com/8495/11_20220729192317_11468097_xlarge.jpg
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.49 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:04 GMT
x-amz-version-id
VECD3tboXOrQrF26D9.udoVJg1pD743i
via
1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
last-modified
Sat, 30 Jul 2022 00:23:18 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"39f068e61f477574df591f1260b23815"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
233449
x-amz-cf-id
T-a-gjEDqgopGtwlcnlklem1BQ2fnME2DRM7p1K9yuG3lMgOVXGTsA==
11_20220729192317_11468096_large.jpg
image13.photobiz.com/10309/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image13.photobiz.com/10309/11_20220729192317_11468096_large.jpg
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.13 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:04 GMT
x-amz-version-id
u7BlnoqGz9.SZnNCqm24UyGXitwTZydG
via
1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified
Sat, 30 Jul 2022 00:23:18 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
etag
"4196cab78312f0b496d91c0c5cc1147b"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
155201
x-amz-cf-id
zu2aIcdU2cNbC9A8wqtvvYHoHL2BwJfaJ0vV0fvhBOluohyvWL8CsQ==
11_20220729192318_11468101_large.jpg
image4.photobiz.com/8911/ 		0
0
11_20220729192322_11468117_large.jpg
image12.photobiz.com/7732/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image12.photobiz.com/7732/11_20220729192322_11468117_large.jpg
Requested by
Host: www.roslynannephotography.com
URL: https://www.roslynannephotography.com/children
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.roslynannephotography.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:59:04 GMT
x-amz-version-id
OPqtnGXWdxik4OqFgaxNd_0ufAea_bnK
via
1.1 a0111b438d5ff26611042379c81df136.cloudfront.net (CloudFront)
last-modified
Sat, 30 Jul 2022 00:23:24 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
etag
"76e86e9c9bfd08ba2150a4d9b9e4a8c4"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
186401
x-amz-cf-id
31bSZ0Bnaj27AB56AjFwP5C-OV7J_IckFj6dTEvk35yjkuGFanks0Q==
11_20220729192319_11468102_large.jpg
image6.photobiz.com/8933/ 		0
0
11_20220729192325_11468130_large.jpg
image12.photobiz.com/7732/ 		0
0
11_20220729192325_11468129_large.jpg
image10.photobiz.com/8495/ 		0
0
11_20220729192324_11468126_large.jpg
image6.photobiz.com/8933/ 		0
0
11_20220729192321_11468111_large.jpg
image12.photobiz.com/7732/ 		0
0
11_20220729192320_11468107_large.jpg
image14.photobiz.com/10152/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
image4.photobiz.com
URL
https://image4.photobiz.com/8911/11_20220729192326_11468134_large.jpg
Domain
image4.photobiz.com
URL
https://image4.photobiz.com/8911/11_20220729192318_11468101_large.jpg
Domain
image6.photobiz.com
URL
https://image6.photobiz.com/8933/11_20220729192319_11468102_large.jpg
Domain
image12.photobiz.com
URL
https://image12.photobiz.com/7732/11_20220729192325_11468130_large.jpg
Domain
image10.photobiz.com
URL
https://image10.photobiz.com/8495/11_20220729192325_11468129_large.jpg
Domain
image6.photobiz.com
URL
https://image6.photobiz.com/8933/11_20220729192324_11468126_large.jpg
Domain
image12.photobiz.com
URL
https://image12.photobiz.com/7732/11_20220729192321_11468111_large.jpg
Domain
image14.photobiz.com
URL
https://image14.photobiz.com/10152/11_20220729192320_11468107_large.jpg

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| gtag object| dataLayer function| fbq function| _fbq function| iFrameResize object| pbizServer function| $ function| jQuery object| Modernizr function| Hammer object| Validator object| ParsleyConfig object| ParsleyExtend object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| pbizSites object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal

11 Cookies

Domain/Path Name / Value
.roslynannephotography.com/ Name: _gcl_au
Value: 1.1.820714355.1674565137
.roslynannephotography.com/ Name: _ga
Value: GA1.1.743502137.1674565137
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.roslynannephotography.com/ Name: _fbp
Value: fb.1.1674565138828.668102266
.roslynannephotography.com/ Name: _ga_ZJKGD43K50
Value: GS1.1.1674565137.1.0.1674565139.0.0.0
.facebook.com/ Name: fr
Value: 0yeu0WICgYlYm4K51..Bjz9YT...1.0.Bjz9YT.
www.roslynannephotography.com/ Name: SESSIONSTORAGE
Value: sessionStorageA3
www.roslynannephotography.com/ Name: SESSIONSTORAGEEXPIRATION
Value: %7Bts%20%272023-01-25%2006%3A59%3A01%27%7D
www.roslynannephotography.com/ Name: cfid
Value: 12ba1093-29c0-4e16-ae37-fdfb95cfa10c
www.roslynannephotography.com/ Name: cftoken
Value: 0
m.stripe.com/ Name: m
Value: 82d8bf00-d714-4f1f-b526-f48c73c1215e97b715

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addevent.com
cdn.addevent.com
cdn.plaid.com
cdnjs.cloudflare.com
checkout.stripe.com
conf.rollout.io
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
hello.dubsado.com
image10.photobiz.com
image11.photobiz.com
image12.photobiz.com
image13.photobiz.com
image14.photobiz.com
image4.photobiz.com
image5.photobiz.com
image6.photobiz.com
image8.photobiz.com
image9.photobiz.com
js.stripe.com
m.stripe.com
m.stripe.network
p.typekit.net
polyfill.io
portal.dubsado.com
push.rollout.io
q.stripe.com
statestore.rollout.io
use.typekit.net
web.squarecdn.com
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.roslynannephotography.com
image10.photobiz.com
image12.photobiz.com
image14.photobiz.com
image4.photobiz.com
image6.photobiz.com
104.17.24.14
13.224.250.108
13.224.250.49
13.227.254.27
13.227.254.42
13.227.254.55
13.227.254.56
13.33.33.118
13.33.33.129
13.33.88.125
13.33.88.81
13.35.8.13
13.35.8.55
142.250.4.138
142.250.4.97
142.251.12.95
151.101.1.26
151.101.192.176
157.240.13.35
157.240.15.13
172.253.118.157
172.67.6.183
18.161.97.73
18.235.135.157
18.66.53.37
23.49.60.170
23.49.60.194
34.217.162.9
34.231.43.243
54.187.119.242
54.247.156.229
74.125.68.94
74.125.68.99
027d288604f8fe654cab2130e8df9ff43b1af1c3bd6dc6b4e43d521fdb70ff45
0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229
0988c98965ebe5c25b06472ef69dce137b497c89e5b320903bedd8098b766425
0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf
10910f33875aa5bdbf393d72caba250129d8c5964d4fffc4bce5f47d9d6649ca
18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30
1cfddf20d04f7f3f75603868ad2b4bdbcfd5b5520e177d0231f6e2ab2241354d
22ad3fbc37b5eda2d488eb0d75b3f9d67d327ba4c21e4bd0c0caf3e03bb99fa0
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
26826e2aa10b6457ae01ab98be670a6072ff628d6328ce1a8c9d8a8042ad2598
26f1f458eceb5d935708f917cf14575bc548fa3fae2068238502104ecb67d607
28de1f1cd7d57173c18d05e519cd8629d5654e356d0e8f3728e380c955dd3119
29a4449b1abfa726679e152176b1d2f9ff20d4d2e6ade86f37154f2ad92ca9bd
2b3d29560eeb6a39a06dd44d6a69f764ef94dfb60ae1b0caa575f3e3cd2f8cb9
34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef
37271fc29689a77b16ee8fb5eaa2690e74be69eb0fd67a5d90a840b65cf7d54e
37d17e6a75008bff07f0655b61abe3288abe8381c420522181e684a3f0bb8291
48faf5f488fb81b7104ef002985e3ce1566506e2afabe95a0167be3c83ecf110
4902549b48d7ff4f031ae6460e12dd960510ada7e1dfca654b8beb117b0ddff3
51a9e4a34a8c96da6eb38100e273593e9dbf5c9cb9c7ebeb0809b786e09f75e0
53afe1d2c0421e4eaf9116735fe7d77682e5bdd27a67356261879d3f0e5ec797
58fb1ca37279863bbeec2ee0f8a2c0a0bbf4bc23a9177164e633634383d107b4
5ae277e741844927863cae71ab0bec2158f46bba0636e5a9b18a590f28f40fc5
633c1e909a20b283ca6a6eb7590d503bb34ee686bbf27d11dd505aa43f64998a
63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9
656a7429d5fcaa043186d3720a34b6d5406d9e311e62133bd2f3fba5babbeaa7
67f123415f29ccfa2062392764fd92b8551c7d865b52c36f8405c3ed9475d5ba
7095c0a3425f7b3bafa8fa9b7d1aa0fc14b78bd1f3d622b9a6ccbb5835026e1d
74a099699518ca9ac88101345aeb73dac4ea6c62f45a10a80bcbfc7511f4256c
898914fc213c942dda079f34bc221da4c08dfb5ddac4c4bb435494b0128419d7
8ea92c403d0d0116948a9c960a1fa78a1806c5532a6ff38c1e7238c865921155
902a3ad2067d23eb27fd0dcc2b2f1ced65582b5a30e2fcd47669649582a82b77
91afe8034e64b598b36f57aa1de0840bc04e1d138f8a836d71c9abae5974e174
9230675eb04d0dc784320dbbf198ec094109f15ad63f64e9d79f0df6eed885d9
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c
9eb663119f14565628eb6ea488d931bd926e98107100a54493003f42a0d68a53
a28f1d4f019b007adb51867d409046e4f2c66348dfe5708c46107ac65cd5d149
a32f26daf6cfe16dd6857d5011983a868e1555bfed6c8ce24bc6e9515be653b0
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
a3b01ced5c709c65934975e535593845ddc6bfa465fb2453e43cbac815d59fcc
a496db4afdb3891f0d1d0c0393eb5bc583ea2a46f5818a739b708542e40f680d
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a74ee265f5a490c09bdc8c45acbe58543a11971d63b9c8de6f6b709fbd79e681
a8dd7c4e448bcae5bc70a6f016c74fcd1a8bc54554a5b5825905e4d77f79179f
a90f27ccf45638de7f419b5fc59af6d03a024e2bbf07e80e9ab54d453ba2b69c
a9d45e741ba569140db4c980cd285e221007989d8a7761ab51f2c35d7371f13c
b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9
b6715e33848287dd8600843b5a427554eab899a9de842eaa5dfd2d1fa0823e0f
b9fd1aff4b167256e9231e4cc7ccfc86367c587da35ea0d756ae437479c60b7b
c31fefeed8e4927a23dd5d5396d5566a123eae3804ac6f9b79e59a045582af25
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c606920138b904e925f01cc669e9f5b18a31f0fab293bd42c5e0f46c545775c2
c82634ecfbe7aa305207512a6ee60e68d3a327def4ad8fdbc2e3025135a0fac0
c862e09dc14a6d0ba890b78cb2f57a6e1df993395106e91bf95d202fc33c4b60
cea8ee5fda5fdcca0fd78c0743b2c4c40405f249c378325649e9e26f75520183
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
e0839094a0f5d0f20dc868eb8b91942289ec146624fbd3719b6d82f8893d9dd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5bb9ea302414a1ad9f250d5cd5b5da08f55fe43b18020db13f74966e4bc0f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fcf9ad39a58bd521789931e384b831a9ce7bbe3b5f9a05bf02c352e1e60c7ebb