URL: http://rubykingcrownjewel.com/
Submission: On October 13 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 2 countries across 16 domains to perform 54 HTTP transactions. The main IP is 3.33.152.147, located in United States and belongs to AMAZON-02, US. The main domain is rubykingcrownjewel.com.
This is the only time rubykingcrownjewel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
25 rsir.homes
2167739.rsir.homes
101 KB
8 amplistings.com
img.slw.amplistings.com
app.amplistings.com
2 MB
5 adara.com
js.adara.com — Cisco Umbrella Rank: 31742
sdk.adara.com
2 KB
2 doubleclick.net
cm.g.doubleclick.net
794 B
2 yieldoptimizer.com
tag.yieldoptimizer.com
2 KB
2 listtrac.com
code.listtrac.com — Cisco Umbrella Rank: 43843
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 560
p.typekit.net — Cisco Umbrella Rank: 722
2 KB
1 bluekai.com
stags.bluekai.com
218 B
1 gstatic.com
fonts.gstatic.com
25 KB
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 19117
111 B
1 rlcdn.com
di.rlcdn.com — Cisco Umbrella Rank: 2593
1 bkrtx.com
tags.bkrtx.com
16 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2899
222 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
46 KB
1 rubykingcrownjewel.com
rubykingcrownjewel.com
579 B
54 16
Domain Requested by
25 2167739.rsir.homes rubykingcrownjewel.com
2167739.rsir.homes
6 img.slw.amplistings.com 2167739.rsir.homes
4 sdk.adara.com js.adara.com
2 cm.g.doubleclick.net 1 redirects 2167739.rsir.homes
2 tag.yieldoptimizer.com 2 redirects
2 app.amplistings.com 2167739.rsir.homes
2 code.listtrac.com 2167739.rsir.homes
code.listtrac.com
2 fonts.googleapis.com 2167739.rsir.homes
1 stags.bluekai.com tags.bkrtx.com
1 fonts.gstatic.com fonts.googleapis.com
1 deviceid.trueleadid.com 2167739.rsir.homes
1 di.rlcdn.com 2167739.rsir.homes
1 js.adara.com www.googletagmanager.com
1 tags.bkrtx.com www.googletagmanager.com
1 api.ipify.org 2167739.rsir.homes
1 www.googletagmanager.com code.listtrac.com
1 p.typekit.net use.typekit.net
1 use.typekit.net 2167739.rsir.homes
1 rubykingcrownjewel.com
54 19

This site contains no links.

Subject Issuer Validity Valid
*.rsir.homes
AlphaSSL CA - SHA256 - G4
2023-02-21 -
2024-03-24
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2024-10-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.listtrac.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-27 -
2024-03-29
a year crt.sh
support12.cdnetworks.net
GlobalSign RSA OV SSL CA 2018
2023-05-17 -
2024-01-23
8 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2023-02-07 -
2024-02-18
a year crt.sh
app.amplistings.com
R3
2023-09-30 -
2023-12-29
3 months crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-18 -
2024-01-17
a year crt.sh
virtusest.com
GTS CA 1D4
2023-09-23 -
2023-12-22
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
deviceid.trueleadid.com
Amazon RSA 2048 M02
2023-02-24 -
2024-01-06
10 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.adara.com
Go Daddy Secure Certificate Authority - G2
2023-05-31 -
2024-07-01
a year crt.sh

This page contains 3 frames:

Primary Page: http://rubykingcrownjewel.com/
Frame ID: D816C6DFA473D69A8524B3A7B4F31E03
Requests: 1 HTTP requests in this frame

Frame: https://2167739.rsir.homes/
Frame ID: F245632A609D1FDD2B568717DDA861F1
Requests: 49 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/23198?ret=html&phint=RE%3D1&phint=RE_01%3D1&phint=RE_02%3D1&phint=RE_03%3D1&phint=RE_04%3D1&phint=RE_06%3D1&phint=RE_09%3D1&phint=CT%3D1&phint=CT_01%3D1&phint=CT_02%3D1&phint=CT_03%3D1&phint=CT_04%3D1&phint=F_01%3D1&phint=F_03%3D1&phint=F_04%3D1&phint=F_06%3D1&phint=F_07%3D1&phint=HG%3D1&phint=HG_01%3D1&phint=HG_02%3D1&phint=HG_03%3D1&phint=HG_04%3D1&phint=HG_05%3D1&phint=HG_06%3D1&phint=HG_07%3D1&phint=HG_08%3D1&phint=HG_09%3D1&phint=HG_10%3D1&phint=HG_11%3D1&phint=HG_12%3D1&phint=HG_13%3D1&phint=HG_14%3D1&phint=HI%3D1&phint=HI_01%3D1&phint=HI_02%3D1&phint=HI_03%3D1&phint=HI_04%3D1&phint=HI_05%3D1&phint=HI_06%3D1&phint=HI_07%3D1&phint=HI_08%3D1&phint=HI_09%3D1&phint=HI_10%3D1&phint=HI_11%3D1&phint=HI_12%3D1&phint=HI_13%3D1&phint=HI_14%3D1&phint=HI_15%3D1&phint=HI_16%3D1&phint=HI_17%3D1&phint=HI_18%3D1&phint=HI_19%3D1&phint=TH%3D1&phint=TH_01%3D1&phint=id%3D1ffb5506-eb2b-4f06-8e81-74504285d892&phint=__bk_t%3D1130%20Ruby%20King%20Loop%20-%20Cle%20Elum%2C%20WA%2098922%20-%20MLS%20%232167739%20%7C%20Brian%20Hopper&phint=__bk_k%3D&phint=__bk_pr%3Dhttp%3A%2F%2Frubykingcrownjewel.com%2F&phint=__bk_l%3Dhttps%3A%2F%2F2167739.rsir.homes%2F&phint=__bk_v%3D3.1.10&limit=10&r=21255946
Frame ID: 74A3010151412193AD4E74DD5B8435B5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

** 1130 Ruby King Loop **

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

54
Requests

94 %
HTTPS

28 %
IPv6

16
Domains

19
Subdomains

18
IPs

2
Countries

1857 kB
Transfer

3285 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2407&_yoid=6d36196f-5bb9-495d-8e44-d678369ef23a&_yosid=ec4868b2-4fe5-4e9d-881e-03772d4b0335 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=8642021&t=i&p=2407&_yoid=6d36196f-5bb9-495d-8e44-d678369ef23a&_yosid=ec4868b2-4fe5-4e9d-881e-03772d4b0335 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzcxMTIwMzQwMg&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzcxMTIwMzQwMg&google_sc=&google_tc=

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rubykingcrownjewel.com/
334 B
579 B
Document

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
334
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 16:13:18 GMT
Server
ip-100-74-3-188.eu-west-2.compute.internal
X-Request-Id
af88fda3-b781-4edc-9e18-affd8b26a8fb
/
2167739.rsir.homes/ Frame F245
51 KB
12 KB
Document
General
Full URL
https://2167739.rsir.homes/
Requested by
Host: rubykingcrownjewel.com
URL: http://rubykingcrownjewel.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash
21c2d93df9904038e20d04e27d883ebd3b60bc4bffa2907146ebfac4ce05c7c0

Request headers

Referer
http://rubykingcrownjewel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 16:13:18 GMT
etag
"ca93-kkI/KnxnPiApVgKNIPWhQHt14BQ"
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
x-powered-by
Next.js
snc3xkh.css
use.typekit.net/ Frame F245
13 KB
2 KB
Stylesheet
General
Full URL
https://use.typekit.net/snc3xkh.css
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
93c7d6d8984e05413e7881c3da89e329b6c25bae33387c381a92d388446a4487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 13 Oct 2023 16:13:19 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1319
css
fonts.googleapis.com/ Frame F245
864 B
827 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Caslon+Display&display=swap
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4098ac07e40664418705f87df2d33ea666143b46f00ba79024a9add242a5541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 16:13:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 16:13:19 GMT
css
fonts.googleapis.com/ Frame F245
2 KB
534 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Caslon+Text:400,400i,700&display=swap
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e959634e1a8bd5f5c5a4d01762e121e49f80563cd0309ed8d4e1d527dcadb1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 16:13:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 16:13:19 GMT
intersection-observer.js
2167739.rsir.homes/js/ Frame F245
26 KB
7 KB
Script
General
Full URL
https://2167739.rsir.homes/js/intersection-observer.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
6aa9ed4a18cf442961060e28c3bd04e480382d42f7aaab14bdca0080d422420c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Fri, 17 Jan 2020 08:38:08 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"66e7-16fb2a708f5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
modal.js
2167739.rsir.homes/js/ Frame F245
601 B
532 B
Script
General
Full URL
https://2167739.rsir.homes/js/modal.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
88f0d6283dc7017bbe34b88d4cd43ef53897f9dac422d0b3a14237ccfc8d96f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Wed, 26 Feb 2020 19:07:18 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"259-17082e56e42"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
amp-event.js
2167739.rsir.homes/js/ Frame F245
2 KB
1 KB
Script
General
Full URL
https://2167739.rsir.homes/js/amp-event.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0f491b55b6974bbfd2f0eefdb1d8fbf9fa59efba31e8d2f2b7b2f5a07e527cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 17:14:10 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"83d-183c80a2086"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
monitor.ashx
code.listtrac.com/ Frame F245
4 KB
3 KB
Script
General
Full URL
https://code.listtrac.com/monitor.ashx?acct=x_101197&nonjq=1
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.122.169.58 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
63b95224e25f4dbd15df3f886d0965f94913bf4bb9c50c276968ca1fce8c09f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,HEAD,PUT,OPTIONS
content-type
application/x-javascript; charset=utf-8
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
access-control-expose-headers
X-Olaround-Debug-Mode, X-Olaround-Request-Start-Timestamp, X-Olaround-Request-End-Timestamp, X-Olaround-Request-Time, X-Olaround-Request-Method, X-Olaround-Request-Result, X-Olaround-Request-Endpoint
cache-control
public
access-control-allow-headers
Origin, X-Olaround-Debug-Mode, Authorization, Accept
content-length
2037
expires
Thu, 12 Oct 2023 16:13:19 GMT
6480a0b9.c1943913.chunk.css
2167739.rsir.homes/_next/static/css/ Frame F245
912 KB
0
Stylesheet
General
Full URL
https://2167739.rsir.homes/_next/static/css/6480a0b9.c1943913.chunk.css
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"36c5b3-18a82fb1bf5"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
d8311422eb8d90a641323eaad11e91480676f25c_CSS.30a3658d.chunk.css
2167739.rsir.homes/_next/static/css/ Frame F245
21 KB
4 KB
Stylesheet
General
Full URL
https://2167739.rsir.homes/_next/static/css/d8311422eb8d90a641323eaad11e91480676f25c_CSS.30a3658d.chunk.css
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
d39c8f0c3731d25b74805d11f8a25f83af6d8e3728772afa15b739259ef487af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"52cd-18a82fb1bfd"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
styles.38812f47.chunk.css
2167739.rsir.homes/_next/static/css/ Frame F245
32 KB
8 KB
Stylesheet
General
Full URL
https://2167739.rsir.homes/_next/static/css/styles.38812f47.chunk.css
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
c68d2b457b6f86c341b113ed585e2beb7eeb5b04f733c15dc7f92b0d739534b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"803b-18a82fb1bfd"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-b1ad57ad2bc8e3bb72ef.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
26 KB
9 KB
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/main-b1ad57ad2bc8e3bb72ef.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
d03e44668900c1f54de45e257a78b0e8b0f5c9ef2ea08deafcae4344f0c6795c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"68bb-18a82fb1c05"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-d7b2fb72fb7257504a38.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
2 KB
1 KB
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/webpack-d7b2fb72fb7257504a38.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"603-18a82fb1bf5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
framework.b11cd6ab3c62dae3dfb8.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
126 KB
40 KB
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/framework.b11cd6ab3c62dae3dfb8.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
2ce65e5fd87e0eb1a626b570dd69a587f7bb86bbfc2073c83ba0c318906a1e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"1f8b9-18a82fb1bf5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
6480a0b9.8f6f5b95f5e92b2c9bcd.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
69 B
332 B
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/6480a0b9.8f6f5b95f5e92b2c9bcd.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e8bd222b15693d51c180246dba7c4aaf10a9147fb5afff83502cd20f7ead1910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"45-18a82fb1bfd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
69
0c92ad07b65c36cf908ea6f858c577510ca1b002.b26db912ca17554ad26c.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
40 KB
12 KB
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/0c92ad07b65c36cf908ea6f858c577510ca1b002.b26db912ca17554ad26c.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
f34acd3f4170b5d07d652828f48f05bcdc94296fe40ec437447984bd4bb5a742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"a0b2-18a82fb1bf5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app-ee41352e8d0dd8af1617.js
2167739.rsir.homes/_next/static/chunks/pages/ Frame F245
25 KB
7 KB
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/pages/_app-ee41352e8d0dd8af1617.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e23251245ee64489df92d4e367828e0bbd40ad952d5a02413c147cc2b4d6491f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"65ca-18a82fb1c05"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
47f276a056a8038749780df92d9a17e68082ea55.5afe2778bb9ec121257b.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
149 KB
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/47f276a056a8038749780df92d9a17e68082ea55.5afe2778bb9ec121257b.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"3ad1a-18a82fb1bfd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
31dcc66351ae4036755cdc4768f847ad3b7a082f.1bdeb9e1c2b05ccc9eb0.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/31dcc66351ae4036755cdc4768f847ad3b7a082f.1bdeb9e1c2b05ccc9eb0.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"54c0-18a82fb1bfd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
d8311422eb8d90a641323eaad11e91480676f25c.60079ec7d69bf00189ca.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/d8311422eb8d90a641323eaad11e91480676f25c.60079ec7d69bf00189ca.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"5989-18a82fb1bfd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
d8311422eb8d90a641323eaad11e91480676f25c_CSS.c3c33dcc23d96beb9452.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/d8311422eb8d90a641323eaad11e91480676f25c_CSS.c3c33dcc23d96beb9452.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"45-18a82fb1bfd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
69
497bed99ba261b18b1232c4a06cea8f899339b1d.2f9afc2a7942f4f261f0.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/497bed99ba261b18b1232c4a06cea8f899339b1d.2f9afc2a7942f4f261f0.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"c389-18a82fb1bfd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
styles.ed7dc6d1fdbafd6d1535.js
2167739.rsir.homes/_next/static/chunks/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/styles.ed7dc6d1fdbafd6d1535.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"e7-18a82fb1bfd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
231
index-8b5d8cbc107d4c676273.js
2167739.rsir.homes/_next/static/chunks/pages/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/chunks/pages/index-8b5d8cbc107d4c676273.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"228e-18a82fb1c09"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
badge-01.png
2167739.rsir.homes/images/ Frame F245
0
0
Image
General
Full URL
https://2167739.rsir.homes/images/badge-01.png
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
last-modified
Wed, 26 Feb 2020 19:11:23 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"1164-17082e92b35"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
content-length
4452
marker-icon.png
2167739.rsir.homes/images/ Frame F245
0
0
Image
General
Full URL
https://2167739.rsir.homes/images/marker-icon.png
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:19 GMT
last-modified
Wed, 26 Feb 2020 19:11:24 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"af7-17082e92ba1"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2807
69-brian_hopper-d44yjz38zch84vycvs98wfk887i.jpg
img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/ Frame F245
12 KB
13 KB
Image
General
Full URL
https://img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/69-brian_hopper-d44yjz38zch84vycvs98wfk887i.jpg?xyz=20231011T1128400700&w=220&h=280&func=crop
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
400f41ff1ce0dd2bd133747937dbb8c79fba6207dee2594d1cc993c309280d6a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via
1.1 PS-FRA-018SR149:4 (W), 1.1 PSdgflkfFRA1je97:17 (W)
x-hexa-masterrefresh
x-hexa-originusedcode
200
x-origin-visibility
OV_NORMAL_FILE
x-px
ms PSdgflkfFRA1je97FRA,ms PS-FRA-018SR149FRA(origin)
content-length
12710
x-xss-protection
1
x-hexa-initwait
probably_cached, first_req 163653s ago, no_wait
last-modified
Thu, 1 Jan 2000 00:00:00 GMT
server
PWS/8.3.1.0.8
x-cloudimg-traceid
CiI_018_20231013161321_94c4f_GSP3#350y
etag
"dec4962c24ba439c79091631ca5410c9"
x-resource-status
cached_resized
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=2628000, public
x-hexa-flowtrace
AnRRR
x-ws-request-id
65296ca1_PSdgflkfFRA1vg90_19354-2763
timing-allow-origin
*
636-dan_redwine-33ddgwgbq9awmcpq20x8x0cvr1i.jpg
img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/ Frame F245
16 KB
17 KB
Image
General
Full URL
https://img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/636-dan_redwine-33ddgwgbq9awmcpq20x8x0cvr1i.jpg?xyz=20230818T1303350700&w=220&h=280&func=crop
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
9b7abfa48b3267ce82586ab066498f056edf52ea7ef6e8240302c60422e7d7ca
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via
1.1 PS-FRA-01E6z147:1 (W), 1.1 PSdgflkfFRA1vg90:4 (W)
x-hexa-masterrefresh
x-hexa-originusedcode
200
x-origin-visibility
OV_NORMAL_FILE
x-px
ms PSdgflkfFRA1vg90FRA,ms PS-FRA-01E6z147FRA(origin)
content-length
16418
x-xss-protection
1
x-hexa-initwait
probably_cached, first_req 4717049s ago, no_wait
last-modified
Thu, 1 Jan 2000 00:00:00 GMT
server
PWS/8.3.1.0.8
x-cloudimg-traceid
CiI_018_20231013161321_e78d9_9ISf#320y
etag
"7a73db6859b97298101742e29f721981"
x-resource-status
cached_resized
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=2628000, public
x-hexa-flowtrace
AnRRR
x-ws-request-id
65296ca1_PSdgflkfFRA1vg90_19354-2764
timing-allow-origin
*
sotheby-logo.png
2167739.rsir.homes/images/ Frame F245
0
0
Image
General
Full URL
https://2167739.rsir.homes/images/sotheby-logo.png
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:20 GMT
last-modified
Wed, 26 Feb 2020 19:11:24 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"491e-17082e92bb5"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
content-length
18718
_buildManifest.js
2167739.rsir.homes/_next/static/MEn9-vL_GfIqqCiLb_XB-/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/MEn9-vL_GfIqqCiLb_XB-/_buildManifest.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:20 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"c7d-18a82fb1c09"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_ssgManifest.js
2167739.rsir.homes/_next/static/MEn9-vL_GfIqqCiLb_XB-/ Frame F245
0
0
Script
General
Full URL
https://2167739.rsir.homes/_next/static/MEn9-vL_GfIqqCiLb_XB-/_ssgManifest.js
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:20 GMT
last-modified
Mon, 11 Sep 2023 06:43:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"4c-18a82fb1c09"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
76
p.css
p.typekit.net/ Frame F245
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=snc3xkh&ht=tk&f=18490.18492.18493.18494.18495.18496.18498.18500.30804.30806.30808.30810.30811.30813.30814.30816.30817.30818&a=2432172&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/snc3xkh.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:29f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:20 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ Frame F245
119 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53JR6C
Requested by
Host: code.listtrac.com
URL: https://code.listtrac.com/monitor.ashx?acct=x_101197&nonjq=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3dcd02a214ba3f8e812ed10da05b1a4e75b23f10f82e5f737e3e90413eda5ec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46356
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 16:13:21 GMT
/
code.listtrac.com/ Frame F245
2 B
455 B
XHR
General
Full URL
https://code.listtrac.com/?sJason={%22listno%22:%2259LCSJ%22,%22type%22:1,%22zipCode%22:%2298922%22,%22acct%22:%22x_101197%22,%22guid%22:%221ffb5506-eb2b-4f06-8e81-74504285d892%22,%22leadKey%22:null,%22reportType%22:null,%22reportName%22:null,%22orgName%22:null,%22listPrice%22:null,%22status%22:null}&ver=1697213600393
Requested by
Host: code.listtrac.com
URL: https://code.listtrac.com/monitor.ashx?acct=x_101197&nonjq=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.122.169.58 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Referer
https://2167739.rsir.homes/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Oct 2023 16:13:23 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,DELETE,HEAD,PUT,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Olaround-Debug-Mode, X-Olaround-Request-Start-Timestamp, X-Olaround-Request-End-Timestamp, X-Olaround-Request-Time, X-Olaround-Request-Method, X-Olaround-Request-Result, X-Olaround-Request-Endpoint
cache-control
private
access-control-allow-headers
Origin, X-Olaround-Debug-Mode, Authorization, Accept
content-length
2
/
api.ipify.org/ Frame F245
22 B
222 B
Fetch
General
Full URL
https://api.ipify.org/?format=json&callback=
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/js/amp-event.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS
api.ipify.org
Software
nginx/1.25.1 /
Resource Hash
19942f3a28799f1a305fe8a9d62eb0ee8fc0738349c160963f8884c5c6402b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 13 Oct 2023 16:13:20 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
22
Vary
Origin
Content-Type
application/json
69-brian_hopper-d44yjz38zch84vycvs98wfk887i.jpg
img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/ Frame F245
12 KB
13 KB
Image
General
Full URL
https://img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/69-brian_hopper-d44yjz38zch84vycvs98wfk887i.jpg?xyz=20231011T1128400700&w=220&h=280&func=crop
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
400f41ff1ce0dd2bd133747937dbb8c79fba6207dee2594d1cc993c309280d6a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via
1.1 PS-FRA-018SR149:4 (W), 1.1 PSdgflkfFRA1je97:17 (W)
x-hexa-masterrefresh
x-hexa-originusedcode
200
x-origin-visibility
OV_NORMAL_FILE
x-px
ms PSdgflkfFRA1je97FRA,ms PS-FRA-018SR149FRA(origin)
content-length
12710
x-xss-protection
1
x-hexa-initwait
probably_cached, first_req 163653s ago, no_wait
last-modified
Thu, 1 Jan 2000 00:00:00 GMT
server
PWS/8.3.1.0.8
x-cloudimg-traceid
CiI_018_20231013161321_94c4f_6xf5#350y
etag
"dec4962c24ba439c79091631ca5410c9"
x-resource-status
cached_resized
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=2628000, public
x-hexa-flowtrace
AnRRR
x-ws-request-id
65296ca1_PSdgflkfFRA1vg90_19354-2765
timing-allow-origin
*
636-dan_redwine-33ddgwgbq9awmcpq20x8x0cvr1i.jpg
img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/ Frame F245
16 KB
17 KB
Image
General
Full URL
https://img.slw.amplistings.com/v7/agents.rsir.com/uploads/photos/636-dan_redwine-33ddgwgbq9awmcpq20x8x0cvr1i.jpg?xyz=20230818T1303350700&w=220&h=280&func=crop
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
9b7abfa48b3267ce82586ab066498f056edf52ea7ef6e8240302c60422e7d7ca
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via
1.1 PS-FRA-01E6z147:1 (W), 1.1 PSdgflkfFRA1vg90:4 (W)
x-hexa-masterrefresh
x-hexa-originusedcode
200
x-origin-visibility
OV_NORMAL_FILE
x-px
ms PSdgflkfFRA1vg90FRA,ms PS-FRA-01E6z147FRA(origin)
content-length
16418
x-xss-protection
1
x-hexa-initwait
probably_cached, first_req 4717049s ago, no_wait
last-modified
Thu, 1 Jan 2000 00:00:00 GMT
server
PWS/8.3.1.0.8
x-cloudimg-traceid
CiI_018_20231013161321_e78d9_mi6F#320y
etag
"7a73db6859b97298101742e29f721981"
x-resource-status
cached_resized
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=2628000, public
x-hexa-flowtrace
AnRRR
x-ws-request-id
65296ca1_PSdgflkfFRA1vg90_19354-2766
timing-allow-origin
*
visit
app.amplistings.com/api/ Frame F245
16 B
254 B
Fetch
General
Full URL
https://app.amplistings.com/api/visit
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/js/amp-event.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://2167739.rsir.homes/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Oct 2023 16:13:22 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-headers
*
bk-coretag.js
tags.bkrtx.com/js/ Frame F245
51 KB
16 KB
Script
General
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53JR6C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.201.241.251 -, , ASN (),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 13 Oct 2023 16:13:22 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Fri, 20 Oct 2023 16:13:22 GMT
index.js
js.adara.com/ Frame F245
4 KB
2 KB
Script
General
Full URL
https://js.adara.com/index.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53JR6C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5cb557a93cee9ab58da4f7e0ded20309261f563d53dc5573ccf6a4a1a9ed6a30
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
date
Fri, 13 Oct 2023 16:13:21 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1617
x-served-by
cache-fra-eddf8230109-FRA
last-modified
Mon, 23 May 2022 17:57:27 GMT
x-timer
S1697213601.289107,VS0,VE0
etag
"7a8337caae20a0c135adffbe3cb67fe41d814816469cb25a936431d29e14d413-br"
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
58275
segment
di.rlcdn.com/api/ Frame F245
0
0
Image
General
Full URL
https://di.rlcdn.com/api/segment?pid=460189&pdata=RE_01%3D1
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

vng.gif
deviceid.trueleadid.com/ Frame F245
0
111 B
Image
General
Full URL
https://deviceid.trueleadid.com/vng.gif
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.39.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-39-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
content-type
image/gif
visit
app.amplistings.com/api/ Frame
0
0
Preflight
General
Full URL
https://app.amplistings.com/api/visit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.17.226 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://2167739.rsir.homes
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
0
cache-control
no-cache, private
date
Fri, 13 Oct 2023 16:13:21 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Access-Control-Request-Headers, Access-Control-Request-Method
fzrj6cs8fe9v4kp2s6q6hs4as4i
img.slw.amplistings.com/v7/sir.azureedge.net/1194i0/ Frame F245
788 KB
790 KB
Image
General
Full URL
https://img.slw.amplistings.com/v7/sir.azureedge.net/1194i0/fzrj6cs8fe9v4kp2s6q6hs4as4i?xyz=20231011T1218250700&w=1920&h=1080&func=crop
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b71cd1000310ef61d571c9fe63580679142468685b9029c120f0341bd32a324d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via
1.1 PS-FRA-01E6z147:0 (W), 1.1 PSdgflkfFRA1gi91:9 (W)
x-hexa-masterrefresh
x-hexa-originusedcode
200
x-origin-visibility
OV_NORMAL_FILE
x-px
ms PSdgflkfFRA1gi91FRA,ms PS-FRA-01E6z147FRA(origin)
content-length
807368
x-xss-protection
1
x-hexa-initwait
probably_cached, first_req 158702s ago, no_wait
last-modified
Thu, 1 Jan 2000 00:00:00 GMT
server
PWS/8.3.1.0.8
x-cloudimg-traceid
CiI_013_20231013161321_333b7_11Ez#330y
etag
"31cf169d48da504b6806d86e3a8026c0"
x-resource-status
cached_resized
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=2628000, public
x-hexa-flowtrace
AnRRR
x-ws-request-id
65296ca1_PSdgflkfFRA1vg90_19354-2761
timing-allow-origin
*
video_icon.svg
2167739.rsir.homes/images/ Frame F245
0
0

5y022k7bq7t2mttc4y3z920ht0i
img.slw.amplistings.com/v7/sir.azureedge.net/1194i0/ Frame F245
808 KB
810 KB
Image
General
Full URL
https://img.slw.amplistings.com/v7/sir.azureedge.net/1194i0/5y022k7bq7t2mttc4y3z920ht0i?xyz=20231011T1218250700&w=1920&h=1080&func=crop
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
cc3895ade1a19bb8dd0fc43d4af054c66a17177b5f33edf70de74ce509750f75
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:13:21 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via
1.1 kf148:4 (W), 1.1 PSdgflkfFRA1gi91:14 (W)
x-hexa-masterrefresh
x-hexa-originusedcode
200
x-origin-visibility
OV_NORMAL_FILE
x-px
ms PSdgflkfFRA1gi91FRA,ms kf148FRA(origin)
content-length
827104
x-xss-protection
1
x-hexa-initwait
probably_cached, first_req 158702s ago, no_wait
last-modified
Thu, 1 Jan 2000 00:00:00 GMT
server
PWS/8.3.1.0.8
x-cloudimg-traceid
CiI_018_20231013161321_d3d2a_VtFZ#350y
etag
"76aa890bb89a55311c2b5099d1af9ad2"
x-resource-status
cached_resized
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=2628000, public
x-hexa-flowtrace
AnRRR
x-ws-request-id
65296ca1_PSdgflkfFRA1vg90_19354-2762
timing-allow-origin
*
DdT878IGsGw1aF1JU10PUbTvNNaDMfq41-I.woff2
fonts.gstatic.com/s/librecaslontext/v5/ Frame F245
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librecaslontext/v5/DdT878IGsGw1aF1JU10PUbTvNNaDMfq41-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Caslon+Text:400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29310efc1007f608549e29ff78fa5ce8dffe0c1aa82c21b082d1de9dfc7334f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2167739.rsir.homes
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 02:42:36 GMT
x-content-type-options
nosniff
age
567045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24972
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:40:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 02:42:36 GMT
23198
stags.bluekai.com/site/ Frame 74A3
62 B
218 B
Document
General
Full URL
https://stags.bluekai.com/site/23198?ret=html&phint=RE%3D1&phint=RE_01%3D1&phint=RE_02%3D1&phint=RE_03%3D1&phint=RE_04%3D1&phint=RE_06%3D1&phint=RE_09%3D1&phint=CT%3D1&phint=CT_01%3D1&phint=CT_02%3D1&phint=CT_03%3D1&phint=CT_04%3D1&phint=F_01%3D1&phint=F_03%3D1&phint=F_04%3D1&phint=F_06%3D1&phint=F_07%3D1&phint=HG%3D1&phint=HG_01%3D1&phint=HG_02%3D1&phint=HG_03%3D1&phint=HG_04%3D1&phint=HG_05%3D1&phint=HG_06%3D1&phint=HG_07%3D1&phint=HG_08%3D1&phint=HG_09%3D1&phint=HG_10%3D1&phint=HG_11%3D1&phint=HG_12%3D1&phint=HG_13%3D1&phint=HG_14%3D1&phint=HI%3D1&phint=HI_01%3D1&phint=HI_02%3D1&phint=HI_03%3D1&phint=HI_04%3D1&phint=HI_05%3D1&phint=HI_06%3D1&phint=HI_07%3D1&phint=HI_08%3D1&phint=HI_09%3D1&phint=HI_10%3D1&phint=HI_11%3D1&phint=HI_12%3D1&phint=HI_13%3D1&phint=HI_14%3D1&phint=HI_15%3D1&phint=HI_16%3D1&phint=HI_17%3D1&phint=HI_18%3D1&phint=HI_19%3D1&phint=TH%3D1&phint=TH_01%3D1&phint=id%3D1ffb5506-eb2b-4f06-8e81-74504285d892&phint=__bk_t%3D1130%20Ruby%20King%20Loop%20-%20Cle%20Elum%2C%20WA%2098922%20-%20MLS%20%232167739%20%7C%20Brian%20Hopper&phint=__bk_k%3D&phint=__bk_pr%3Dhttp%3A%2F%2Frubykingcrownjewel.com%2F&phint=__bk_l%3Dhttps%3A%2F%2F2167739.rsir.homes%2F&phint=__bk_v%3D3.1.10&limit=10&r=21255946
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://2167739.rsir.homes/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Fri, 13 Oct 2023 16:13:22 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
api
sdk.adara.com/ Frame F245
16 B
98 B
Fetch
General
Full URL
https://sdk.adara.com/api
Requested by
Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.191.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer
https://2167739.rsir.homes/
accept-language
de-DE,de;q=0.9
X-Adara-Key
NGUzOWM4ODktNGRjYy00ZTE1LWI4MmQtOTAwMWRlOWY5OWRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 16:13:22 GMT
via
1.1 google
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
X-Adara-Key
content-length
16
api
sdk.adara.com/ Frame
0
0
Preflight
General
Full URL
https://sdk.adara.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.191.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-adara-key
Access-Control-Request-Method
POST
Origin
https://2167739.rsir.homes
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
X-Adara-Key
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 13 Oct 2023 16:13:22 GMT
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame F245
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2407&_yoid=6d36196f-5bb9-495d-8e44-d678369ef23a&_yosid=ec4868b2-4fe5-4e9d-881e-03772d4b0335
  • https://tag.yieldoptimizer.com/ps/ps?tc=8642021&t=i&p=2407&_yoid=6d36196f-5bb9-495d-8e44-d678369ef23a&_yosid=ec4868b2-4fe5-4e9d-881e-03772d4b0335
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzcxMTIwMzQwMg&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzcxMTIwMzQwMg&google_sc=&google_tc=
170 B
243 B
Fetch
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzcxMTIwMzQwMg&google_sc=&google_tc=
Requested by
Host: 2167739.rsir.homes
URL: https://2167739.rsir.homes/
Protocol
H2
Server
216.58.206.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2167739.rsir.homes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 16:13:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 16:13:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzcxMTIwMzQwMg&google_sc=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api
sdk.adara.com/ Frame F245
16 B
31 B
Fetch
General
Full URL
https://sdk.adara.com/api
Requested by
Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.191.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer
https://2167739.rsir.homes/
accept-language
de-DE,de;q=0.9
X-Adara-Key
NGUzOWM4ODktNGRjYy00ZTE1LWI4MmQtOTAwMWRlOWY5OWRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 16:13:24 GMT
via
1.1 google
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
X-Adara-Key
content-length
16
api
sdk.adara.com/ Frame
0
0
Preflight
General
Full URL
https://sdk.adara.com/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.191.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-adara-key
Access-Control-Request-Method
POST
Origin
https://2167739.rsir.homes
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
X-Adara-Key
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 13 Oct 2023 16:13:24 GMT
via
1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
2167739.rsir.homes
URL
https://2167739.rsir.homes/images/video_icon.svg

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://di.rlcdn.com/api/segment?pid=460189&pdata=RE_01%3D1
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2167739.rsir.homes
api.ipify.org
app.amplistings.com
cm.g.doubleclick.net
code.listtrac.com
deviceid.trueleadid.com
di.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
img.slw.amplistings.com
js.adara.com
p.typekit.net
rubykingcrownjewel.com
sdk.adara.com
stags.bluekai.com
tag.yieldoptimizer.com
tags.bkrtx.com
use.typekit.net
www.googletagmanager.com
2167739.rsir.homes
151.101.65.195
163.171.128.148
165.227.17.226
173.231.16.77
216.58.206.34
23.201.241.251
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a02:26f0:3100::1735:29f9
2a02:26f0:3100::1735:2a11
3.33.152.147
34.102.191.167
34.235.39.17
35.186.212.60
35.244.174.68
40.122.169.58
69.192.160.219
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f491b55b6974bbfd2f0eefdb1d8fbf9fa59efba31e8d2f2b7b2f5a07e527cd9
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
19942f3a28799f1a305fe8a9d62eb0ee8fc0738349c160963f8884c5c6402b8c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
21c2d93df9904038e20d04e27d883ebd3b60bc4bffa2907146ebfac4ce05c7c0
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
29310efc1007f608549e29ff78fa5ce8dffe0c1aa82c21b082d1de9dfc7334f0
2ce65e5fd87e0eb1a626b570dd69a587f7bb86bbfc2073c83ba0c318906a1e0f
3dcd02a214ba3f8e812ed10da05b1a4e75b23f10f82e5f737e3e90413eda5ec0
400f41ff1ce0dd2bd133747937dbb8c79fba6207dee2594d1cc993c309280d6a
572723f65e0d85557a3d884852b752e71925e79e0220d35627e6adb519f36c4b
5cb557a93cee9ab58da4f7e0ded20309261f563d53dc5573ccf6a4a1a9ed6a30
63b95224e25f4dbd15df3f886d0965f94913bf4bb9c50c276968ca1fce8c09f5
6aa9ed4a18cf442961060e28c3bd04e480382d42f7aaab14bdca0080d422420c
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
88f0d6283dc7017bbe34b88d4cd43ef53897f9dac422d0b3a14237ccfc8d96f9
93c7d6d8984e05413e7881c3da89e329b6c25bae33387c381a92d388446a4487
9b7abfa48b3267ce82586ab066498f056edf52ea7ef6e8240302c60422e7d7ca
9e959634e1a8bd5f5c5a4d01762e121e49f80563cd0309ed8d4e1d527dcadb1d
b71cd1000310ef61d571c9fe63580679142468685b9029c120f0341bd32a324d
c68d2b457b6f86c341b113ed585e2beb7eeb5b04f733c15dc7f92b0d739534b5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc3895ade1a19bb8dd0fc43d4af054c66a17177b5f33edf70de74ce509750f75
d03e44668900c1f54de45e257a78b0e8b0f5c9ef2ea08deafcae4344f0c6795c
d39c8f0c3731d25b74805d11f8a25f83af6d8e3728772afa15b739259ef487af
e23251245ee64489df92d4e367828e0bbd40ad952d5a02413c147cc2b4d6491f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4098ac07e40664418705f87df2d33ea666143b46f00ba79024a9add242a5541
e8bd222b15693d51c180246dba7c4aaf10a9147fb5afff83502cd20f7ead1910
f34acd3f4170b5d07d652828f48f05bcdc94296fe40ec437447984bd4bb5a742
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce