client2021.reneelemairephoto.com Open in urlscan Pro
75.101.134.27  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response client2021.reneelemairephoto.com/	102 KB 19 KB	176ms 75ms	Document text/html	75.101.134.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-75-101-134-27.compute-1.amazonaws.com Software / Resource Hash 448bbc7fe7fb501513e4011682fa8e5038d1503766fa1a75c527d4512f9a5905 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 14 Aug 2024 00:44:38 GMT etag W/"6da36351fd1eb6c8953da1199b84b9f5" last-modified Thu, 09 Nov 2023 13:39:42 GMT vary Accept-Encoding x-showit hosted
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	163ms 60ms	Stylesheet text/css	173.194.175.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Crimson+Text:regular|Montserrat:regular|Montserrat:300|Crimson+Text:italic|Cormorant:regular Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.175.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS qs-in-f95.1e100.net Software ESF / Resource Hash 66cc028a712f8ba15ea39564285253bb2748582a2c9aa38ff5b59537a9a722a1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 14 Aug 2024 00:44:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 14 Aug 2024 00:44:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 14 Aug 2024 00:44:38 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	225 KB 60 KB	133ms 44ms	Script application/x-javascript	157.240.229.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-iad3.fbcdn.net Software / Resource Hash 4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 14 Aug 2024 00:44:38 GMT document-policy force-load-at-top x-fb-server-load 23 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58865 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1316, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug bSGh3Dww3eFSWZeg8SspFdcOy1nOcFyopCIs4WkgyOKSjEMuEHDI/II8o2h0vlw1f9HFzkheDzqUL67pUS4h3A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/	54 KB 4 KB	68ms 36ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:44:38 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 36185 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3203 last-modified Mon, 04 May 2020 16:04:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d2a-d8e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yv8IRXaj7h0wQ3wrDktDGhRrdsXzKDB5N%2Fd8zwImExKCqw3DrlaI6%2FLDnMFXqSIxO7vCo5c5OOXvW9MJN%2BgpzHVyEOOb3EnQEUMK9OiHXx3SKCIGOjDoLjChfrbtYV5vznahV%2FVy"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8b2ceae31d2cab75-YYZ expires Mon, 04 Aug 2025 00:44:38 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	158ms 53ms	Script text/javascript	209.85.144.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.85.144.95 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS qv-in-f95.1e100.net Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 09 Aug 2024 11:30:39 GMT content-encoding gzip x-content-type-options nosniff age 393239 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Aug 2025 11:30:39 GMT
GET H2	200	showit-lib.min.js Show response lib.showit.co/engine/2.0.1/	48 KB 16 KB	190ms 92ms	Script application/javascript	52.85.151.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/2.0.1/showit-lib.min.js Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-36.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 7fbefabfa47bb61c9f06346df47554cbd68546f45c9d2d75467584e016d21e1f Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 06:57:55 GMT content-encoding gzip via 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront) last-modified Thu, 26 Jan 2023 22:46:27 GMT server AmazonS3 x-amz-cf-pop IAD89-C3 age 496004 etag W/"964b2fb6bb83c92996a9d15472852402" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id sFdz9FQ3vcbU0EWrnGDVF078IbFVSX18tzSvmkZIaCdzOtGyX86RBw==
GET H2	200	showit.min.js Show response lib.showit.co/engine/2.0.1/	59 KB 21 KB	189ms 91ms	Script application/javascript	52.85.151.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/2.0.1/showit.min.js Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-36.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash d19e6661f7429f0c58da1a09b8628c7657a15b58f6bdefd1ea56a6027f45fa2a Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 11:14:24 GMT content-encoding gzip via 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront) last-modified Thu, 26 Jan 2023 22:46:26 GMT server AmazonS3 x-amz-cf-pop IAD89-C3 age 48615 etag W/"219223c2874d9b567b5aea698e5a6665" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id n8JCwtJIJ-9mHTkTEJpRfTee0fHbhybGWaO3uJzQB7yJ4YtE3_eaOg==
GET H2	200	showit.css lib.showit.co/engine/2.0.1/	7 KB 3 KB	141ms 44ms	Stylesheet text/css	52.85.151.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/2.0.1/showit.css Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.151.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-151-36.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 06:57:53 GMT content-encoding gzip via 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront) last-modified Thu, 26 Jan 2023 22:46:26 GMT server AmazonS3 x-amz-cf-pop IAD89-C3 age 496006 etag W/"8e74b817a46d3ed438a34b919f7bd280" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id ZcVqX1VpzjyWSOk1b_xPlB9w7Tn42rwXAFlYxmpruDN4HL-8e7amkw==
GET H2	200	1330761540443461 Show response connect.facebook.net/signals/config/	62 KB 13 KB	98ms 97ms	Script application/x-javascript	157.240.229.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1330761540443461?v=2.9.164&r=stable&domain=client2021.reneelemairephoto.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-iad3.fbcdn.net Software / Resource Hash a7cc2b0a6bbddc3158501fe203c3a32275fe23be48288c21aa452f06eb0842ca Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 14 Aug 2024 00:44:38 GMT document-policy force-load-at-top x-fb-server-load 51 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=42, rtx=5, c=35, mss=1316, tbw=64388, tp=-1, tpl=-1, uplat=53, ullat=0 pragma public x-fb-debug b12SekCn+c7/A/sZmtIBjFDmIZHOMIMilbGzJlgrEYA/mxuRqD5SMW6p7W0Cicm0E3KjJsPk9ZzaVuH/yInaKQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	wlpogwHKFkZgtmSR3NB0oRJfajhRK_Y.woff2 fonts.gstatic.com/s/crimsontext/v19/	25 KB 26 KB	149ms 58ms	Font font/woff2	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajhRK_Y.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Crimson+Text:regular|Montserrat:regular|Montserrat:300|Crimson+Text:italic|Cormorant:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash ded83489adaeec098ee0d639252e72be7de219f759b939ba4b2e606e5e68b272 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://client2021.reneelemairephoto.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 07:09:05 GMT x-content-type-options nosniff age 322533 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26052 x-xss-protection 0 last-modified Tue, 24 May 2022 18:28:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 10 Aug 2025 07:09:05 GMT
GET H2	200	wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 fonts.gstatic.com/s/crimsontext/v19/	25 KB 25 KB	220ms 129ms	Font font/woff2	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Crimson+Text:regular|Montserrat:regular|Montserrat:300|Crimson+Text:italic|Cormorant:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://client2021.reneelemairephoto.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 06:53:58 GMT x-content-type-options nosniff age 323440 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25184 x-xss-protection 0 last-modified Tue, 24 May 2022 18:26:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 10 Aug 2025 06:53:58 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	193ms 102ms	Font font/woff2	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Crimson+Text:regular|Montserrat:regular|Montserrat:300|Crimson+Text:italic|Cormorant:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://client2021.reneelemairephoto.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 06:58:53 GMT x-content-type-options nosniff age 323145 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 10 Aug 2025 06:58:53 GMT
GET H2	200	melika_letter-webfont.woff static.showit.co/file/_ForabeHT-agTl5B2KfEmA/shared/	43 KB 43 KB	227ms 50ms	Font application/font-woff	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.showit.co/file/_ForabeHT-agTl5B2KfEmA/shared/melika_letter-webfont.woff Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash 42b2d6bcf9d267eecced3b4e937d32ed1bc6d7d576912f89d87c6d3b44e56f83 Request headers Referer https://client2021.reneelemairephoto.com/ Origin https://client2021.reneelemairephoto.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 11:00:04 GMT via 1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront) last-modified Thu, 28 Jul 2016 19:08:06 GMT server nginx x-amz-cf-pop IAD55-P4 age 49474 etag b22a6d920aee86e784deb276bbdf8390 vary Accept-Encoding x-cache Hit from cloudfront content-type application/font-woff access-control-allow-origin * x-amz-cf-id eGlnuGXVNqpmUkiNL1lqJhhk_l-X9WPcfGu1N7vXRmzr1tj9Mav6hQ== content-length 44016 media-server node expires Wed, 13 Aug 2025 11:00:04 GMT
GET H2	200	H4c2BXOCl9bbnla_nHIA47NMUjsNbCVrFhFTc7Nq7Q.woff2 fonts.gstatic.com/s/cormorant/v21/	20 KB 20 KB	134ms 43ms	Font font/woff2	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cormorant/v21/H4c2BXOCl9bbnla_nHIA47NMUjsNbCVrFhFTc7Nq7Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Crimson+Text:regular|Montserrat:regular|Montserrat:300|Crimson+Text:italic|Cormorant:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 91d9ff83c6612004b2d6e5e2de303322cec560c566ee0cac180a7686395f8a5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://client2021.reneelemairephoto.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 06:55:23 GMT x-content-type-options nosniff age 323355 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20292 x-xss-protection 0 last-modified Mon, 20 Mar 2023 20:59:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 10 Aug 2025 06:55:23 GMT
GET H2	200	002.jpg static.showit.co/1600/3sZANwSVRaaWe-ot-oTfmw/64443/	203 KB 203 KB	287ms 150ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1600/3sZANwSVRaaWe-ot-oTfmw/64443/002.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash e059703acffd0924ceea9eeaa9854ec3b658a4bc3ddf05164de4cd8c51811ef7 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:00:20 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Wed, 08 Feb 2017 00:00:44 GMT server nginx x-amz-cf-pop IAD55-P4 age 2658 etag 7e93d7a7f5b3530ea36609ebc40bad32 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id psRERGNdnFHX6ygkkcFzLGgowq0HhK84PJ4uTWFrMDk62uizVNZzIA== content-length 207708 media-server node expires Thu, 14 Aug 2025 00:00:20 GMT
GET H2	200	063.jpg static.showit.co/1600/1usHjpqgS1mMYA6ZOL5XnA/64443/	319 KB 320 KB	334ms 198ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1600/1usHjpqgS1mMYA6ZOL5XnA/64443/063.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash 5ef354a0f30489f159dece33f38cb5cfd81dc8e5525e493c4369f509fc2e5a1f Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:00:20 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Wed, 22 Aug 2018 01:13:51 GMT server nginx x-amz-cf-pop IAD55-P4 age 2658 etag 84ca8c3ee9a2a00ee9650169df5169e2 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id x5vuWwU1uDSzrAkp_RewrlH5B5acBWgs3dybeKQQxzQ2bDQH4uI05w== content-length 326512 media-server node expires Thu, 14 Aug 2025 00:00:20 GMT
GET H2	200	054.jpg static.showit.co/1600/CLRJTI0TRii4deCqe93OWw/64443/	187 KB 187 KB	449ms 312ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1600/CLRJTI0TRii4deCqe93OWw/64443/054.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash 469b47552fa7adaf1d561ad0f1024e2014b4a69946d7ea53212ec4dcef910577 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:44:38 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Wed, 08 Feb 2017 00:00:34 GMT server nginx x-amz-cf-pop IAD55-P4 etag 0879aa7079a73a30b36dd27cda6efa0c x-cache Miss from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id Vy1jzk3BYFJ9CeTw7B99cKCBvWSd3NRQPn3VJM_udI1_pDzNPOvFew== content-length 190979 media-server node expires Thu, 14 Aug 2025 00:44:38 GMT
GET H2	200	secondary_logo_script_copy.png static.showit.co/800/I-5YheqATWmTyce1wja6Dw/64443/	66 KB 66 KB	191ms 54ms	Image image/png	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/800/I-5YheqATWmTyce1wja6Dw/64443/secondary_logo_script_copy.png Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash 980dda9e15f23729bc179040ee2fb8ebb2ffeb392788429e304b41074beec9aa Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:27:47 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Mon, 14 May 2018 19:50:15 GMT server nginx x-amz-cf-pop IAD55-P4 age 1011 etag 4db5b33b91f759313cdd36addd306edd x-cache Hit from cloudfront content-type image/png access-control-allow-origin x-amz-cf-id ODMId6rpxEN2FhjgU_M_w5RunkhAQ4kQ-9u_PO30wEfJ4hsZLST4pQ== content-length 67478 media-server node expires Thu, 14 Aug 2025 00:27:47 GMT
GET H2	200	dsc_3483.jpg static.showit.co/400/3ybaFD9DRWya0l-3-0G5FA/64443/	69 KB 70 KB	448ms 312ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/400/3ybaFD9DRWya0l-3-0G5FA/64443/dsc_3483.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash 03f72f0d694de84d0c0fd28a076a67fc1ec8c01526e2b4d7372fae360e06c889 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:44:38 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Fri, 16 Oct 2020 15:58:13 GMT server nginx x-amz-cf-pop IAD55-P4 etag 860daa1a73f9bf5a06e192c6960dc1d5 x-cache Miss from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id KpP-7InT3X3BE5XN-MA5g9nfsvZKEjeGTrueq7szGljmWUrSSIVb_A== content-length 70734 media-server node expires Thu, 14 Aug 2025 00:44:38 GMT
GET H2	200	horomanski155-2.jpg static.showit.co/400/-qWpVmSFT5aVLnAEBjz7kw/64443/	71 KB 71 KB	290ms 289ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/400/-qWpVmSFT5aVLnAEBjz7kw/64443/horomanski155-2.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash cce1d130cc6806e5ddc5b3688a25cf583850ef78acdfe97ec3739a72bf2d3308 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:00:20 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Wed, 08 Feb 2017 22:08:47 GMT server nginx x-amz-cf-pop IAD55-P4 age 2658 etag 98a2f75cd19ce5d616c80a9e67838ea2 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id esUwPWvPLYXGxC6hVd1Yejtxa8F3weFt0813X4e6Lc4bmamN5Zq7RQ== content-length 72332 media-server node expires Thu, 14 Aug 2025 00:00:20 GMT
GET H2	200	siegle103.jpg static.showit.co/800/xqnVaRPEQTS-2eyCaeuiZA/64443/	209 KB 209 KB	292ms 292ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/800/xqnVaRPEQTS-2eyCaeuiZA/64443/siegle103.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash 119438c1464eb6963aad7ed702f7bccd845cc0c9e195ff474e3ce2da02546daf Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:00:20 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Thu, 23 Feb 2017 23:29:58 GMT server nginx x-amz-cf-pop IAD55-P4 age 2658 etag 5aae2a598bb6315e8454ef4589a1aefd x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id l3kN0gB22DAOz76NWX0_ayRK1XhHr5hzA94soMsRcvuRNQRfYC8RlA== content-length 213803 media-server node expires Thu, 14 Aug 2025 00:00:20 GMT
GET H2	200	mckinney241.jpg static.showit.co/400/xcthEq7lSdWWDMRtVcyLzg/64443/	112 KB 113 KB	291ms 291ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/400/xcthEq7lSdWWDMRtVcyLzg/64443/mckinney241.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash a4a806ef315225c2487a9d14c9c51743bc967c9fed1d05e0f9908cb80bc7420f Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:00:20 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Wed, 05 Sep 2018 22:50:06 GMT server nginx x-amz-cf-pop IAD55-P4 age 2658 etag bba495f3e863383c55ef61adf2734356 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id uISO7eyY_qxl-ub74ayIaot62SQPeqAprTBVZftfEMVu5dLIZcdKiQ== content-length 115011 media-server node expires Thu, 14 Aug 2025 00:00:20 GMT
GET H2	200	perry_f067.jpg static.showit.co/400/-4Ud4771STqtvEPW4Kzkrw/64443/	85 KB 85 KB	296ms 296ms	Image image/jpeg	18.165.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/400/-4Ud4771STqtvEPW4Kzkrw/64443/perry_f067.jpg Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-97.iad55.r.cloudfront.net Software nginx / Resource Hash 86afa13014fa5263cd11ecb87fe4d955f5ad1fefcecfb5111423133b7f37b2f3 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:00:20 GMT via 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront) last-modified Wed, 05 Sep 2018 22:52:17 GMT server nginx x-amz-cf-pop IAD55-P4 age 2658 etag 88446e74d976f44228102b1238ecff61 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin x-amz-cf-id CPgRM-ibqh1Cl-8DrHxN7Jnx9NiIIEwwGrkdbWkY2ps6S2bIb8uQlg== content-length 86740 media-server node expires Thu, 14 Aug 2025 00:00:20 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	173ms 44ms	Image text/plain	157.240.229.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1330761540443461&ev=PageView&dl=https%3A%2F%2Fclient2021.reneelemairephoto.com%2F&rl=&if=false&ts=1723596278637&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723596278635.99703323707136777&ler=empty&cdl=API_unavailable&it=1723596278516&coo=false&rqm=GET Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-iad3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2791, tp=-1, tpl=-1, uplat=1, ullat=1 strict-transport-security max-age=31536000; includeSubDomains date Wed, 14 Aug 2024 00:44:38 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	507ms 378ms	Image image/png	157.240.229.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1330761540443461&ev=PageView&dl=https%3A%2F%2Fclient2021.reneelemairephoto.com%2F&rl=&if=false&ts=1723596278637&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723596278635.99703323707136777&ler=empty&cdl=API_unavailable&it=1723596278516&coo=false&rqm=FGET Requested by Host: client2021.reneelemairephoto.com URL: https://client2021.reneelemairephoto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-iad3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Wed, 14 Aug 2024 00:44:38 GMT document-policy force-load-at-top x-fb-server-load 35 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402789646547852005", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=3109, tp=-1, tpl=-1, uplat=45, ullat=0 pragma no-cache x-fb-debug oBa2HHAzV+tM7IRVtXJHAyztZZdYBb4ceNwPstLTPoodBQzBkccRJXNoTzsrVi0AfNjggqhQ/ugkII0DckYFAQ== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402789646547852005"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	favicon.ico client2021.reneelemairephoto.com/	198 B 311 B	44ms 43ms	Other application/octet-stream	75.101.134.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://client2021.reneelemairephoto.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-75-101-134-27.compute-1.amazonaws.com Software / Resource Hash 9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b Request headers Referer https://client2021.reneelemairephoto.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 00:44:39 GMT last-modified Tue, 17 Aug 2021 15:56:00 GMT accept-ranges bytes etag "611bdc10-c6" content-length 198 content-type text/plain

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery object| device object| television function| Waypoint function| lazyload function| showit-lib object| showit function| initPage object| S5

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.reneelemairephoto.com/	1970-01-21 00:56:12	Name: _fbp Value: fb.1.1723596278635.99703323707136777

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
client2021.reneelemairephoto.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
lib.showit.co
static.showit.co
www.facebook.com
104.17.24.14
157.240.229.1
157.240.229.35
172.253.122.94
173.194.175.95
18.165.98.97
209.85.144.95
52.85.151.36
75.101.134.27
03f72f0d694de84d0c0fd28a076a67fc1ec8c01526e2b4d7372fae360e06c889
119438c1464eb6963aad7ed702f7bccd845cc0c9e195ff474e3ce2da02546daf
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
42b2d6bcf9d267eecced3b4e937d32ed1bc6d7d576912f89d87c6d3b44e56f83
448bbc7fe7fb501513e4011682fa8e5038d1503766fa1a75c527d4512f9a5905
469b47552fa7adaf1d561ad0f1024e2014b4a69946d7ea53212ec4dcef910577
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
5ef354a0f30489f159dece33f38cb5cfd81dc8e5525e493c4369f509fc2e5a1f
66cc028a712f8ba15ea39564285253bb2748582a2c9aa38ff5b59537a9a722a1
7fbefabfa47bb61c9f06346df47554cbd68546f45c9d2d75467584e016d21e1f
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73
86afa13014fa5263cd11ecb87fe4d955f5ad1fefcecfb5111423133b7f37b2f3
91d9ff83c6612004b2d6e5e2de303322cec560c566ee0cac180a7686395f8a5b
980dda9e15f23729bc179040ee2fb8ebb2ffeb392788429e304b41074beec9aa
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
a4a806ef315225c2487a9d14c9c51743bc967c9fed1d05e0f9908cb80bc7420f
a7cc2b0a6bbddc3158501fe203c3a32275fe23be48288c21aa452f06eb0842ca
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cce1d130cc6806e5ddc5b3688a25cf583850ef78acdfe97ec3739a72bf2d3308
d19e6661f7429f0c58da1a09b8628c7657a15b58f6bdefd1ea56a6027f45fa2a
ded83489adaeec098ee0d639252e72be7de219f759b939ba4b2e606e5e68b272
e059703acffd0924ceea9eeaa9854ec3b658a4bc3ddf05164de4cd8c51811ef7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d