randynoel.exithome.com Open in urlscan Pro
18.210.135.218  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response randynoel.exithome.com/	176 KB 23 KB	1831ms 704ms	Document text/html	18.210.135.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://randynoel.exithome.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.210.135.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-210-135-218.compute-1.amazonaws.com Software openresty / PHP/8.0.20 Resource Hash b97d159aaa51a1af92ee4e8a82fe72ad068218d676bb49485184a987ea725ecd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 16 Mar 2023 14:23:23 GMT Link <https://randynoel.exithome.com/wp-json/>; rel="https://api.w.org/" <https://randynoel.exithome.com/wp-json/wp/v2/pages/27>; rel="alternate"; type="application/json" < >; rel=shortlink Server openresty Transfer-Encoding chunked X-Powered-By PHP/8.0.20 X-Served-By app4
GET H/1.1	200 OK	classic-themes.min.css randynoel.exithome.com/wp-includes/css/	217 B 589 B	113ms 112ms	Stylesheet text/css	18.210.135.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://randynoel.exithome.com/wp-includes/css/classic-themes.min.css?ver=1 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.210.135.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-210-135-218.compute-1.amazonaws.com Software openresty / Resource Hash 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5 Request headers Referer https://randynoel.exithome.com/ dpr 1 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 viewport-width 1600 Response headers Pragma public Date Thu, 16 Mar 2023 14:23:23 GMT Content-Encoding gzip Last-Modified Wed, 08 Mar 2023 05:37:10 GMT Server openresty ETag W/"64081f06-d9" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=172800, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 18 Mar 2023 14:23:23 GMT
GET H2	200	valhalla-tailwind-styles.css static.myrealestateplatform.com/Valhalla/assets/dist/	8 KB 3 KB	149ms 21ms	Stylesheet text/css	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-tailwind-styles.css?v=c7097a88c28ed870ebc8 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d1c55371bd2dfaaa859f39238adbbc35ec24f1468f907c7510b3ad211ce5c18e Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:17:08 GMT content-encoding gzip via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 622 x-amz-server-side-encryption AES256 etag W/"94ec175cef0b316620bf8395d4951a8c" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=86400 x-amz-cf-id PacAhhibRIRDSAo2o2IoiXZReyS6SB_ySWDU7oFvsfO_QQoSz6KqqA==
GET H2	200	valhalla-vendor-styles.css static.myrealestateplatform.com/Valhalla/assets/dist/	114 KB 23 KB	152ms 24ms	Stylesheet text/css	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4938825c2a57ee853cf473f1380806a0c6b0dae6cad16f9c2e6bd0cc63fda346 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:17:08 GMT content-encoding gzip via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 622 x-amz-server-side-encryption AES256 etag W/"e9933f4258127e8a1207f72d80d96755" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=86400 x-amz-cf-id NGkbYSwZxguimxNk2WF4RHJF07r_AX0LYGkARVJKiuJ2wInASQaiXw==
GET H2	200	valhalla-styles.css static.myrealestateplatform.com/Valhalla/assets/dist/	3 MB 153 KB	169ms 41ms	Stylesheet text/css	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-styles.css?v=7167d00c78d4dfdff217 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ef3d3d2a8e8eb887737d531d7a198d72b8466331336dc0ee26e30bb32c122bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:17:08 GMT content-encoding gzip via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 622 x-amz-server-side-encryption AES256 etag W/"d0a41bcc433442ce29824ce92cb86c67" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=86400 x-amz-cf-id 5UhGnJXWJEMfdBVbQBA9EjtRQe0_o8gIiqc5hDh-YgpM7Z7_kd39Vg==
GET H2	200	css fonts.googleapis.com/	5 KB 935 B	89ms 32ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C400%2C500%2C600%2C700&display=swap&ver=6.1.1 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash da5a37ae5ef00874ef34429b11d7ee519ce1d52af35c884d2160d3a62ed0183f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 16 Mar 2023 14:23:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 16 Mar 2023 14:21:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 16 Mar 2023 14:23:23 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	87ms 33ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-7275209-5 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6c2ec15b12084baacac69dbcedda19b69e8fd0be11ecf3bde45552c5b745c2fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44676 x-xss-protection 0 last-modified Thu, 16 Mar 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 16 Mar 2023 14:23:23 GMT
GET H2	200	valhalla-scripts.js Show response static.myrealestateplatform.com/Valhalla/assets/dist/	842 KB 210 KB	168ms 41ms	Script application/javascript	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=62d060cec7 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b2f93af6902da062a4d8bf85681a81b6a5e612ae718ab232e128be71db3f2b4a Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:17:08 GMT content-encoding gzip via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 1223 x-amz-server-side-encryption AES256 etag W/"38515a1e37d2dccad9266db23eaa5eb9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id hMfjuHb5NLewraYR7YOob-Rk4Uvjj-_Vkz_9YheFnKDKjs_Uq81zDw==
GET H2	200	fa-light-300.woff2 static.myrealestateplatform.com/Valhalla/assets/dist/fonts/	180 KB 181 KB	111ms 71ms	Font binary/octet-stream	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-light-300.woff2?v=d3271a5651ab5ba62d85 Requested by Host: static.myrealestateplatform.com URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1ddc6ae069ea7aedb68a92d53a12933a5a326f28c714869b99f335377dcce217 Request headers Referer https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Origin https://randynoel.exithome.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:22 GMT via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 184204 last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 etag "b33449667ce61388905a97b13f01ea16" access-control-max-age 3000 access-control-allow-methods POST, PUT, DELETE, GET, HEAD content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin cache-control max-age=86400 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id xc0XaKqbRjNDm0CKslmhOs5y0sSMtGB9aeyoad9xApLU_kEwWPEKxg==
GET H2	200	QGYsz_wNahGAdqQ43Rh_fKDp.woff2 fonts.gstatic.com/s/worksans/v18/	47 KB 47 KB	76ms 22ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C400%2C500%2C600%2C700&display=swap&ver=6.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://randynoel.exithome.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 16:49:57 GMT x-content-type-options nosniff age 77607 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47728 x-xss-protection 0 last-modified Tue, 23 Aug 2022 17:55:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Mar 2024 16:49:57 GMT
GET H2	200	fa-solid-900.woff2 static.myrealestateplatform.com/Valhalla/assets/dist/fonts/	134 KB 135 KB	66ms 27ms	Font binary/octet-stream	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-solid-900.woff2?v=54dfc8f551be346014e4 Requested by Host: static.myrealestateplatform.com URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522 Request headers Referer https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Origin https://randynoel.exithome.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:22 GMT via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 137104 last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 etag "dbf1fc91f1beec2915123257ea4d58ef" access-control-max-age 3000 access-control-allow-methods POST, PUT, DELETE, GET, HEAD content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin cache-control max-age=86400 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id NS9T-5xt8iPI37PPz6ge93LJW11sl0vuSZ42uy6mU_LioACFMWvWRg==
GET H2	200	fa-regular-400.woff2 static.myrealestateplatform.com/Valhalla/assets/dist/fonts/	165 KB 166 KB	103ms 64ms	Font binary/octet-stream	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-regular-400.woff2?v=33904a1b964c9b363ce7 Requested by Host: static.myrealestateplatform.com URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3bbb0df89b8dbe8001e8c24de4e2d1693f94997b29f007a7bda22a9802832768 Request headers Referer https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Origin https://randynoel.exithome.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:22 GMT via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 168824 last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 etag "a3d7d331957546ae10ad69bb44b83a04" access-control-max-age 3000 access-control-allow-methods POST, PUT, DELETE, GET, HEAD content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin cache-control max-age=86400 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id UahshME48rqjWrgF1U9pY7xlyhLP0sLvE4DjOSni3eGmdcgvREAQag==
GET H2	200	fa-brands-400.woff2 static.myrealestateplatform.com/Valhalla/assets/dist/fonts/	75 KB 76 KB	63ms 26ms	Font binary/octet-stream	18.66.112.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-brands-400.woff2?v=df56145e6ac7861a1c0a Requested by Host: static.myrealestateplatform.com URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-70.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4 Request headers Referer https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ab29f5afc30fffa2219 Origin https://randynoel.exithome.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:22 GMT via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 76728 last-modified Tue, 14 Mar 2023 12:42:12 GMT server AmazonS3 etag "f4120760fb40152d1bdb109103063c13" access-control-max-age 3000 access-control-allow-methods POST, PUT, DELETE, GET, HEAD content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin cache-control max-age=86400 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id _X9F76lRWGXazQIQy-OEm0stHDi-yKOWkdz2ZH_EHTgyirXmJCEzQg==
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	103ms 22ms	Script text/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 16 Mar 2023 13:15:46 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4058 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Thu, 16 Mar 2023 15:15:46 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	75ms 21ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-7275209-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 16 Mar 2023 14:14:45 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 519 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Thu, 16 Mar 2023 16:14:45 GMT
POST H/1.1	200 OK	event Show response events-va.placester.com/	35 B 194 B	729ms 111ms	XHR application/json	34.225.128.189 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events-va.placester.com/event Requested by Host: static.myrealestateplatform.com URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=62d060cec7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.225.128.189 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-225-128-189.compute-1.amazonaws.com Software Jetty(9.0.3.v20130506) / Resource Hash a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce Request headers Referer https://randynoel.exithome.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Server Jetty(9.0.3.v20130506) Connection keep-alive Content-Length 35 Content-Type application/json
GET H2	200	widget.js Show response cdn.userway.org/	1 KB 1 KB	224ms 45ms	Script application/javascript	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widget.js Requested by Host: static.myrealestateplatform.com URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=62d060cec7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ffb1535be6dcebead0c5d8989c7d2daa8f979e05fe7898c996e73bc1c59c46e9 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-77-pop frankfurtDE date Thu, 16 Mar 2023 14:23:24 GMT via 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop MUC50-P2 age 122 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 1387 x-77-nzt Abk73BBmVMz/awUAAA x-accel-expires @1678978817 last-modified Wed, 15 Mar 2023 22:56:44 GMT server CDN77-Turbo etag W/"72479864b0dc728eb7c241e0557ce4a2" x-77-nzt-ray 908339304227eaf55c2613648aeff41c access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=3600, public content-type application/javascript x-amz-cf-id uzueH5Yf6XY5l2foMGVfQUXeJ1fztmLqgaFe0to2Axf4kprkuVyoXQ==
GET DATA	200 OK	truncated /	34 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	images%2F5137be26d37bb66fb4000001%2F560471692%2F560471692_1.jpg uploads-cf.cdn.placester.net/	19 KB 19 KB	128ms 48ms	Image image/webp	99.86.4.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560471692%2F560471692_1.jpg?d=400x225 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.4.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-97.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash d4dbe1572da5927cabdffee032af0b6dcfcfa93a1ad2629a717d5d34c58732a5 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Thu, 16 Mar 2023 14:23:21 GMT Via 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront) Server AmazonS3 x-amz-request-id J587PE6D5CF2CSHT X-Amz-Cf-Pop FRA6-C1 Age 1 X-Cache Hit from cloudfront Content-Type image/webp Connection keep-alive Content-Length 19240 x-amz-id-2 PGF1CAHIeQCeFW6Rl9/j+Gz4e05Q3mYay8Psv4Hyuy+9l4OUZM5pWqIzFtxd9A6EzWDJWs0BtRs= X-Amz-Cf-Id IzgP5Id5JA7dXeS6v4XuGOVm8BoFNcfGp00wCLw6b08s4WqFk3lrZA==
GET H2	200	EXITLogoforMarketingWebsitesKnockouthighresBLACKTEXTcopy.png media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTZiM2JhMmYtMjUxMC00MDI2LWFmYzktOTZmNjkyOGFiZWE5/content/2021/07/	27 KB 27 KB	284ms 165ms	Image image/webp	2a04:4e42:200::614 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTZiM2JhMmYtMjUxMC00MDI2LWFmYzktOTZmNjkyOGFiZWE5/content/2021/07/EXITLogoforMarketingWebsitesKnockouthighresBLACKTEXTcopy.png Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash b5c88afea0d859c75409230f08857db8b5a767948e8fa5270cba917762ae4488 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:24 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="EXITLogoforMarketingWebsitesKnockouthighresBLACKTEXTcopy.webp" server-timing fastly;dur=145;cpu=1;start=2023-03-16T14:23:24.470Z;desc=miss,rtt;dur=19,cloudinary;dur=49;start=2023-03-16T14:23:24.516Z content-length 27166 last-modified Sun, 15 Jan 2023 13:30:52 GMT server Cloudinary etag "8dd8550d5c44c2aad6afa883227c0e70" vary Save-Data content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=31557600 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	images%2F5137be26d37bb66fb4000001%2F560289326%2F560289326_1.jpg uploads-cf.cdn.placester.net/	24 KB 24 KB	117ms 37ms	Image image/webp	99.86.4.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560289326%2F560289326_1.jpg?d=400x225 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.4.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-97.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 701a7da0f2c5751224bd42d17a55ed83c9464523542034c233d6ad4b0a9348ab Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Thu, 16 Mar 2023 14:23:21 GMT Via 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront) Server AmazonS3 x-amz-request-id J588022YVBKDN2JT X-Amz-Cf-Pop FRA6-C1 Age 2 X-Cache Hit from cloudfront Content-Type image/webp Connection keep-alive Content-Length 24092 x-amz-id-2 55BAumCy8H0GqJauCpOmoH7pPuqt4SBBm58yauazcCAL7IFTxO6HDZj81fCaSoObsKvmNuZvL4E= X-Amz-Cf-Id iCUIn0yaxH0mPQLR3nx82NgBG-slQTBwrr42EVIagjAP9kUaMaSOIg==
GET H2	200	heromelrose2-2.png media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/	113 KB 113 KB	640ms 522ms	Image image/webp	2a04:4e42:200::614 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose2-2.png Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 63ba48c6307550316eaa9140138e0e2b7faa6f17b0f636eaa252a1c0bb301f2c Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:24 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="heromelrose2-2.webp" server-timing fastly;dur=502;cpu=1;start=2023-03-16T14:23:24.470Z;desc=miss,rtt;dur=19,cloudinary;dur=53;start=2023-03-16T14:23:24.784Z content-length 115580 last-modified Tue, 03 Jan 2023 21:11:45 GMT server Cloudinary etag "eceb3d151416b45ae972810840fde478" vary Save-Data content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=31557600 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	images%2F5137be26d37bb66fb4000001%2F560459966%2F560459966_1.jpg uploads-cf.cdn.placester.net/	19 KB 19 KB	123ms 43ms	Image image/webp	99.86.4.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560459966%2F560459966_1.jpg?d=400x225 Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.4.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-97.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash ad1c085d64a7cb9d243ac294e4a2b268137794601969ddf93080177742f23e18 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Thu, 16 Mar 2023 14:23:21 GMT Via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) Server AmazonS3 x-amz-request-id J585KEP38HJWA95X X-Amz-Cf-Pop FRA6-C1 Age 2 X-Cache Hit from cloudfront Content-Type image/webp Connection keep-alive Content-Length 19060 x-amz-id-2 Elg75OhdlxiKbcocUhK2tlGDdcITBe4XjYZ4/mgaq+dMpT2IzRxoxhJFYlBEz0pcCgXNRBfX/9A= X-Amz-Cf-Id I6Avfz8_uwEDxK7WJP0G5OIdW1OHhac2pTsBs1fVODfSmkzGCALfhg==
GET H2	200	heromelrose1-3.png media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/	201 KB 201 KB	289ms 172ms	Image image/webp	2a04:4e42:200::614 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose1-3.png Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 40bd81f59247b2ba974b7818fe3467c764c9f754893f97780185cd05c1fb494e Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:24 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="heromelrose1-3.webp" server-timing fastly;dur=153;cpu=1;start=2023-03-16T14:23:24.470Z;desc=miss,rtt;dur=19,cloudinary;dur=55;start=2023-03-16T14:23:24.523Z content-length 205708 last-modified Tue, 03 Jan 2023 21:11:45 GMT server Cloudinary etag "30e1cffcaf08ec66c4cae54392a30ae9" vary Save-Data content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=31557600 accept-ranges bytes timing-allow-origin *
GET H2	200	IMG_2084%20%281%29.jpg media.placester.com/image/upload/c_fill,dpr_1.0,f_auto,fl_lossy,h_30,q_auto,w_30/v1/inception-app-prod/NGEyZDhiYTYtYjdhNi00ZDFkLWE1NTctMWEzNDdkZTkyYjli/content/2021/07/	302 B 749 B	242ms 126ms	Image image/webp	2a04:4e42:200::614 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.placester.com/image/upload/c_fill,dpr_1.0,f_auto,fl_lossy,h_30,q_auto,w_30/v1/inception-app-prod/NGEyZDhiYTYtYjdhNi00ZDFkLWE1NTctMWEzNDdkZTkyYjli/content/2021/07/IMG_2084%20%281%29.jpg Requested by Host: randynoel.exithome.com URL: https://randynoel.exithome.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 92f26e260a568e1762535d4648bfbbbe99c37d6ca2b2e4ec1728db9c335687ff Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:24 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="IMG_2084 (1).webp" server-timing fastly;dur=106;cpu=1;start=2023-03-16T14:23:24.470Z;desc=miss,rtt;dur=19,cloudinary;dur=14;start=2023-03-16T14:23:24.518Z content-length 302 last-modified Fri, 06 Jan 2023 12:51:40 GMT server Cloudinary etag "18c50cb61c1fde764c390ddda2827920" vary Save-Data content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=31557600 accept-ranges bytes timing-allow-origin *
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 212 B	29ms 28ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1254540410&t=pageview&_s=1&dl=https%3A%2F%2Frandynoel.exithome.com%2F&ul=en-us&de=UTF-8&dt=Randy%20Noel%20-%20Paving%20Your%20Way%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1364680479&gjid=1514488707&cid=1735338646.1678976604&tid=UA-7275209-5&_gid=281498568.1678976604&_r=1&gtm=457e33d0&z=1027209064 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://randynoel.exithome.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 16 Mar 2023 14:23:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://randynoel.exithome.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 351 B	88ms 28ms	XHR text/plain	2a00:1450:400c:c00::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-7275209-5&cid=1735338646.1678976604&jid=1364680479&gjid=1514488707&_gid=281498568.1678976604&_u=YEBAAUAAAAAAACAAI~&z=1756164807 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://randynoel.exithome.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 16 Mar 2023 14:23:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://randynoel.exithome.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget_app_base_1678920784227.js Show response cdn.userway.org/widgetapp/2023-03-15/	132 KB 39 KB	55ms 55ms	Script application/javascript	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-03-15/widget_app_base_1678920784227.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 51f653c444a0f6acc68545c75f46cadafb24755cb3729c29917df334add80108 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-77-pop frankfurtDE date Thu, 16 Mar 2023 14:23:24 GMT via 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop MUC50-P2 age 120 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 55401 x-77-nzt Abk73BCmBq7/adgAAA x-accel-expires @1704841203 last-modified Wed, 15 Mar 2023 22:56:39 GMT server CDN77-Turbo etag W/"2d7f8589014914e9f9214fcb2ca4d693" x-77-nzt-ray 908339304227eaf55c26136412bd781f access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/javascript x-amz-cf-id Krzlpbq0JgkL7iM0kHto9T5DqoFr1qTH0CzvfRVEArIQaPg7VliELQ==
POST H2	200	prdCKqbzRS Show response api.userway.org/api/tunings/	836 B 1 KB	1006ms 192ms	XHR application/json	34.208.60.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.userway.org/api/tunings/prdCKqbzRS Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-03-15/widget_app_base_1678920784227.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.60.42 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-60-42.us-west-2.compute.amazonaws.com Software / Resource Hash 14be314b70a3849c00e89b39f04cc8b81bab61b3a233178e5a588392e9312ea0 Request headers Referer https://randynoel.exithome.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 16 Mar 2023 14:23:25 GMT etag W/"344-unqrsoKJrxHZLiQnFTtBiptyJ6s" access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-service-request-id usr8f778939cacb41b access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control no-cache, no-store, must-revalidate access-control-allow-headers * content-length 836 x-service-version uw-pr
GET H2	200	en-US.json Show response cdn.userway.org/widgetapp/2023-03-15/locales/	468 B 884 B	117ms 38ms	XHR application/json	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-03-15/locales/en-US.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2023-03-15/widget_app_base_1678920784227.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09 Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-77-pop frankfurtDE date Thu, 16 Mar 2023 14:23:25 GMT via 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop MUC50-P2 age 120 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 61821 x-77-nzt Abk73BB3x87/ffEAAA x-accel-expires @1704834784 last-modified Wed, 15 Mar 2023 20:58:15 GMT server CDN77-Turbo etag W/"ae2d00e3f5dbecf4eb4c641c591a6154" x-77-nzt-ray 908339300c1d08115d2613645e07ae2a access-control-max-age 3000 vary Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type application/json x-amz-cf-id YYqNUvB9gsL_xlLzp8QvTez_gFilD-XUaYnC7V6zmM13JPShGq3lWA==
GET H2	200	heromelrose3-2.png media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/	169 KB 169 KB	218ms 217ms	Image image/webp	2a04:4e42:200::614 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose3-2.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:26 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="heromelrose3-2.webp" server-timing fastly;dur=197;cpu=0;start=2023-03-16T14:23:25.974Z;desc=miss,rtt;dur=19,cloudinary;dur=102;start=2023-03-16T14:23:26.024Z content-length 173106 last-modified Tue, 03 Jan 2023 21:11:45 GMT server Cloudinary etag "608b765c8c03cb08a3dc90b5fdd771d3" vary Save-Data content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=31557600 accept-ranges bytes timing-allow-origin *
GET H2	200	body_wh.svg cdn.userway.org/widgetapp/images/	931 B 1 KB	39ms 39ms	Image image/svg+xml	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/body_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-77-pop frankfurtDE date Thu, 16 Mar 2023 14:23:26 GMT via 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop MUC50-P2 age 75702 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 521567 x-77-nzt Abk73BD6K5//X/UHAA x-accel-expires @1704375039 last-modified Fri, 13 Jan 2023 11:00:14 GMT server CDN77-Turbo etag W/"2ec2767a3bb93656fb9b75c893d7be75" x-77-nzt-ray 908339304227eaf55e261364d662100a access-control-max-age 3000 vary Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type image/svg+xml x-amz-cf-id 7Jn55JyOh65HdUmr_mc7VOT-exwAuHW89VRAWFFkzw1ta1qWOHp9cg==
GET H2	200	spin_wh.svg cdn.userway.org/widgetapp/images/	2 KB 1 KB	40ms 40ms	Image image/svg+xml	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/spin_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-77-pop frankfurtDE date Thu, 16 Mar 2023 14:23:26 GMT via 1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop MUC50-P2 age 75702 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 521567 x-77-nzt Abk73BCGQ2b/X/UHAA x-accel-expires @1704375039 last-modified Fri, 13 Jan 2023 11:00:14 GMT server CDN77-Turbo etag W/"8e0a35946bf39d10f46a1f1653366a0a" x-77-nzt-ray 908339304227eaf55e261364f7bb160a access-control-max-age 3000 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, HEAD, PUT, POST, DELETE access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public content-type image/svg+xml x-amz-cf-id g3X5l1KucsXN1wASdnP6Kh_HJMWfugtORUe34ROd_X5EtwY2q3ckxA==
GET H2	200	heromelrose3-2.png media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/	169 KB 169 KB	21ms 21ms	Image image/webp	2a04:4e42:200::614 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose3-2.png Requested by Host: static.myrealestateplatform.com URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=62d060cec7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:26 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="heromelrose3-2.webp" server-timing fastly;dur=1;start=2023-03-16T14:23:26.376Z;desc=hit,rtt;dur=19 content-length 173106 last-modified Tue, 03 Jan 2023 21:11:45 GMT server Cloudinary etag "608b765c8c03cb08a3dc90b5fdd771d3" vary Save-Data content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=31557600 accept-ranges bytes timing-allow-origin *
GET H2	200	heromelrose3-2.png media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/	169 KB 169 KB	21ms 21ms	Image image/webp	2a04:4e42:200::614 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose3-2.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://randynoel.exithome.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 16 Mar 2023 14:23:26 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="heromelrose3-2.webp" server-timing fastly;dur=1;start=2023-03-16T14:23:26.404Z;desc=hit,rtt;dur=20 content-length 173106 last-modified Tue, 03 Jan 2023 21:11:45 GMT server Cloudinary etag "608b765c8c03cb08a3dc90b5fdd771d3" vary Save-Data content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=31557600 accept-ranges bytes timing-allow-origin *

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _gaq function| gtag object| dataLayer object| ValhallaConfig object| _pdata object| valhallaUserway function| trim function| MarkerClusterer function| Cluster function| ClusterIcon function| $ function| jQuery function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| Outlayer function| Isotope function| Masonry function| Packery function| moment function| Pikaday function| Cookies object| valhalla object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _userway_config object| _gat object| gaplugins object| gaGlobal object| gaData object| UserWayWidgetApp function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| supportedLanguages object| mapToSupportedLanguages object| supportedLocales string| DEFAULT_FALLBACK_LANGUAGE function| supports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway object| UserWay

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			randynoel.exithome.com/	1970-01-20 19:08:32	Name: placester_events_uuid Value: 542825e5-2f51-4e2c-8861-c81d84cb90fc
			randynoel.exithome.com/	1969-12-31 23:59:59	Name: placester_events_expiry Value: 1679005403
			randynoel.exithome.com/	1969-12-31 23:59:59	Name: placester_events_session Value: b073522f-b8cf-4eb1-9c2b-53f189e96a50
			randynoel.exithome.com/	1970-01-20 10:23:25	Name: placester_events_session_timestamp Value: 1678976604322
			.exithome.com/	1970-01-20 19:58:56	Name: _ga Value: GA1.2.1735338646.1678976604
			.exithome.com/	1970-01-20 10:24:23	Name: _gid Value: GA1.2.281498568.1678976604
			.exithome.com/	1970-01-20 10:22:56	Name: _gat_gtag_UA_7275209_5 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
events-va.placester.com
fonts.googleapis.com
fonts.gstatic.com
media.placester.com
randynoel.exithome.com
ssl.google-analytics.com
static.myrealestateplatform.com
stats.g.doubleclick.net
uploads-cf.cdn.placester.net
www.google-analytics.com
www.googletagmanager.com
18.210.135.218
18.66.112.70
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9a
2a02:6ea0:c700::10
2a04:4e42:200::614
34.208.60.42
34.225.128.189
99.86.4.97
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14be314b70a3849c00e89b39f04cc8b81bab61b3a233178e5a588392e9312ea0
1ddc6ae069ea7aedb68a92d53a12933a5a326f28c714869b99f335377dcce217
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4
3bbb0df89b8dbe8001e8c24de4e2d1693f94997b29f007a7bda22a9802832768
40bd81f59247b2ba974b7818fe3467c764c9f754893f97780185cd05c1fb494e
4938825c2a57ee853cf473f1380806a0c6b0dae6cad16f9c2e6bd0cc63fda346
51f653c444a0f6acc68545c75f46cadafb24755cb3729c29917df334add80108
58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
63ba48c6307550316eaa9140138e0e2b7faa6f17b0f636eaa252a1c0bb301f2c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2ec15b12084baacac69dbcedda19b69e8fd0be11ecf3bde45552c5b745c2fd
701a7da0f2c5751224bd42d17a55ed83c9464523542034c233d6ad4b0a9348ab
8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522
92f26e260a568e1762535d4648bfbbbe99c37d6ca2b2e4ec1728db9c335687ff
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce
ad1c085d64a7cb9d243ac294e4a2b268137794601969ddf93080177742f23e18
b2f93af6902da062a4d8bf85681a81b6a5e612ae718ab232e128be71db3f2b4a
b5c88afea0d859c75409230f08857db8b5a767948e8fa5270cba917762ae4488
b97d159aaa51a1af92ee4e8a82fe72ad068218d676bb49485184a987ea725ecd
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
d1c55371bd2dfaaa859f39238adbbc35ec24f1468f907c7510b3ad211ce5c18e
d4dbe1572da5927cabdffee032af0b6dcfcfa93a1ad2629a717d5d34c58732a5
da5a37ae5ef00874ef34429b11d7ee519ce1d52af35c884d2160d3a62ed0183f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef3d3d2a8e8eb887737d531d7a198d72b8466331336dc0ee26e30bb32c122bb3
f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09
ffb1535be6dcebead0c5d8989c7d2daa8f979e05fe7898c996e73bc1c59c46e9