urlscan.io logo urlscan.io
SecurityTrails logo

randynoel.exithome.com Open in urlscan Pro
52.20.13.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://randynoel.exithome.com/
Effective URL: https://randynoel.exithome.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 21 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 35 HTTP transactions. The main IP is 52.20.13.248, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is randynoel.exithome.com.
TLS certificate: Issued by R3 on July 22nd 2023. Valid for: 3 months.
This is the only time randynoel.exithome.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    52.20.13.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-13-248.compute-1.amazonaws.com
randynoel.exithome.com
8    18.238.243.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-90.ams58.r.cloudfront.net
static.myrealestateplatform.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.21.232.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-232-179.compute-1.amazonaws.com
events-va.placester.com
5    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
7    2a04:4e42::614 (United States)

ASN54113 (FASTLY, US)
media.placester.com
3    18.173.233.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-107.dus51.r.cloudfront.net
uploads-cf.cdn.placester.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:1f14:5db:eb22:4f3b:c925:5be4:3a1d (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
Apex Domain
Subdomains		 Transfer
8 placester.com
events-va.placester.com
media.placester.com
850 KB
8 myrealestateplatform.com
static.myrealestateplatform.com
2 MB
6 userway.org
cdn.userway.org — Cisco Umbrella Rank: 8072
api.userway.org — Cisco Umbrella Rank: 7907
46 KB
6 exithome.com
randynoel.exithome.com
27 KB
3 placester.net
uploads-cf.cdn.placester.net
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
135 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
259 B
1 gstatic.com
fonts.gstatic.com
50 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
962 B
35 9
Domain Requested by
8 static.myrealestateplatform.com randynoel.exithome.com
static.myrealestateplatform.com
7 media.placester.com randynoel.exithome.com
static.myrealestateplatform.com
6 randynoel.exithome.com 1 redirects randynoel.exithome.com
static.myrealestateplatform.com
5 cdn.userway.org static.myrealestateplatform.com
cdn.userway.org
3 uploads-cf.cdn.placester.net randynoel.exithome.com
2 www.googletagmanager.com randynoel.exithome.com
www.googletagmanager.com
1 api.userway.org cdn.userway.org
1 region1.google-analytics.com www.googletagmanager.com
1 events-va.placester.com static.myrealestateplatform.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com randynoel.exithome.com
35 11

This site contains links to these domains. Also see Links.

Domain
placester.com
www.facebook.com
twitter.com
www.linkedin.com
pinterest.com
Subject Issuer Validity Valid
randynoel.exithome.com
R3		 2023-07-22 -
2023-10-20		 3 months crt.sh
*.myrealestateplatform.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.placester.com
Amazon RSA 2048 M01		 2023-02-16 -
2024-03-16		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2023-08-01 -
2023-10-30		 3 months crt.sh
s4-san.cloudinary.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-13 -
2024-09-13		 a year crt.sh
*.cdn.placester.net
Amazon RSA 2048 M01		 2023-03-28 -
2024-04-25		 a year crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://randynoel.exithome.com/
Frame ID: CB2A9F4299B71551464FBBE45FC71B37
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Randy Noel - Paving Your Way Home

Page URL History Show full URLs

  1. http://randynoel.exithome.com/ HTTP 301
    https://randynoel.exithome.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

35
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

2713 kB
Transfer

5711 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://randynoel.exithome.com/ HTTP 301
    https://randynoel.exithome.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
randynoel.exithome.com/
Redirect Chain
  • http://randynoel.exithome.com/
  • https://randynoel.exithome.com/
183 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randynoel.exithome.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.20.13.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-13-248.compute-1.amazonaws.com
Software
openresty / PHP/8.0.30
Resource Hash
dc0aa11884c4e0ddd57d811a3d6f5fc210a0166a47846dadbcd87fba58c2e28c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=3, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 11:45:55 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
X-Powered-By
PHP/8.0.30
X-Served-By
app2
X-WP-Super-Cache
Served supercache file from PHP

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 11:45:55 GMT
Link
<http://randynoel.exithome.com/wp-json/>; rel="https://api.w.org/" <http://randynoel.exithome.com/wp-json/wp/v2/pages/27>; rel="alternate"; type="application/json" < >; rel=shortlink
Location
https://randynoel.exithome.com/
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
X-Powered-By
PHP/8.0.30
X-Redirect-By
WordPress
X-Served-By
app4
classic-themes.min.css
randynoel.exithome.com/wp-includes/css/ 		217 B
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://randynoel.exithome.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.20.13.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-13-248.compute-1.amazonaws.com
Software
openresty /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

Referer
https://randynoel.exithome.com/
dpr
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
viewport-width
1600

Response headers

Pragma
public
Date
Thu, 21 Sep 2023 11:45:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 07:13:59 GMT
Server
openresty
ETag
W/"65094a37-d9"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=172800, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Sat, 23 Sep 2023 11:45:56 GMT
valhalla-tailwind-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 		48 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-tailwind-styles.css?v=abcfcf34abb3c80c0a42
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c85fea31071a3a5016271b707a18b5b2fc642dc96eb3c1a6011d5f4131076ef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 11:46:07 GMT
content-encoding
gzip
via
1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
86390
etag
W/"28b52703616271f5497cf339b68a5bba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
-qm-5GA8_K7T-2RWLuRsEpwHKDkAjtNSrZLpaoR3ig0e57xaB9ovfw==
valhalla-vendor-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 		196 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fd282248afd8fda2855039b1a77227f618df6fa8cade503f3845a4d4b4203c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 11:46:07 GMT
content-encoding
gzip
via
1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
86390
etag
W/"706068d60ba627104de30179f549d75d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
E9Nc3CTTiYAtW8Z9R-mjJHfalfsd9erm_tXqd4-EjKSDerzztPzZpw==
valhalla-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 		2 MB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-styles.css?v=11e5613e5e62348981cd
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06baf60c697e5aad439b0487daab6d3fec5519228910ebe5fbc2fd7567200ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 11:47:22 GMT
content-encoding
gzip
via
1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
86315
etag
W/"a27a0d7226912a7a1dd822459ef191eb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
-ZZWsSME_K1VlsDHEZe2cjrM2lqxs0SSX5zH4Ix_8xMYAS0M1CS9bQ==
css
fonts.googleapis.com/ 		6 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C400%2C500%2C600%2C700&display=swap&ver=6.1.1
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b2bcad1b638234e845761aa204554993de41753e07d281b6e837a2945017fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Sep 2023 11:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 11:45:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Sep 2023 11:45:56 GMT
valhalla-scripts.js
static.myrealestateplatform.com/Valhalla/assets/dist/ 		855 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=75c7cf91a9
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40845a7f4f5fb2f19f4773d6f8cfa2a012c4d94a5c47225ab9749edbce498f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 11:46:07 GMT
content-encoding
gzip
via
1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
86390
etag
W/"b5bf7eefc7f7f211a2fc914d36655fc9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
PDYEUZgba7D77CxrQQ5Ndiinc6cZ02IJ69mmNQdKy9A1okjIBLj7pg==
gtm.js
www.googletagmanager.com/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52GHC3V
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
245efda27cb0145472be43e4cff5758ae17cbd288dbac11f301549212b66fd99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45135
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Sep 2023 11:45:56 GMT
fa-light-300.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		422 KB
423 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-light-300.woff2?v=c3f03091decdd1eea392
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aee810efea02f02fdd98d66218bba36deca0b84c5f939ede2bbe30cb2a9e0375

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Origin
https://randynoel.exithome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:55 GMT
via
1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
432524
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
etag
"09325ffd7f267fb4e6b1065aab5f5938"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
x4dr5RQTIm3lq7UMcDir5qop0iqf-CMOjD8XckbyPM7N604SVdH_Zw==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C400%2C500%2C600%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://randynoel.exithome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:33:21 GMT
x-content-type-options
nosniff
age
580355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:33:21 GMT
fa-solid-900.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		313 KB
314 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-solid-900.woff2?v=942a7be38dca65bca69b
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f490e773e97b9e3b8e7d1beba668ef979c1dcca6740c59a1bd6c5a5f34e047b

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Origin
https://randynoel.exithome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:55 GMT
via
1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
320532
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
etag
"410f1168061467ccae679cd5b55c01db"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Gv3mWQ1lpLRxnS1f_I5UpSrqjTMuSJniBMPsyR9po6EsXqNSBpckNg==
fa-regular-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		383 KB
384 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-regular-400.woff2?v=c51931730dc0184cb47a
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d238dee5be82f05cf25348156ed5a6d53f67b5c9a0f6a0bb5467f26cf8be28f2

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Origin
https://randynoel.exithome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:55 GMT
via
1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
392560
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
etag
"6d42afe2d141f7a1dda4240f3036020b"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
lOvtoRbmSagK3Q2n2PXW6VstdWXjDg_RoxF3JW09Hfbw69Iic0f9Kw==
fa-brands-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		107 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-brands-400.woff2?v=f57d1e15e6e582904624
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-90.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da321419ed7ffe67c84b36cc7656a31e34d2ee13b5032e2b962ec249602e7139

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=0ea1886fdc6fb93c7542
Origin
https://randynoel.exithome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:55 GMT
via
1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
109100
last-modified
Wed, 20 Sep 2023 11:35:27 GMT
server
AmazonS3
etag
"f2abb72884025bd8a2516ce23695e4d4"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
znvgMdS7zrE7CYqmDiDPNtxOcFXxaA7w4aXqMVw2eJa7jtWxr4J97g==
event
events-va.placester.com/ 		35 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events-va.placester.com/event
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=75c7cf91a9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.232.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-232-179.compute-1.amazonaws.com
Software
Jetty(9.0.3.v20130506) /
Resource Hash
a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce

Request headers

Referer
https://randynoel.exithome.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Server
Jetty(9.0.3.v20130506)
Connection
keep-alive
Content-Length
35
Content-Type
application/json
placester-ajax.php
randynoel.exithome.com/wp-content/plugins/toolbox/src// 		40 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://randynoel.exithome.com/wp-content/plugins/toolbox/src//placester-ajax.php
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=75c7cf91a9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.20.13.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-13-248.compute-1.amazonaws.com
Software
openresty / PHP/8.0.30
Resource Hash
b67bfd6e6e4f939620c697b9ce751ee07df8583ff3fa4b29ed3ee3ea8f213372
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://randynoel.exithome.com/
X-Requested-With
XMLHttpRequest
dpr
1

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Sep 2023 11:45:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
X-Served-By
app2
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=75c7cf91a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1ef18a090e101fd3f672d936e2b2c054e6e553815d194ab684673bf41a01d09c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 21 Sep 2023 11:45:56 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
122
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
2933
x-accel-date
1695293823
x-77-nzt
AcO1rydKNzP/dQsAAA
x-accel-expires
@1695297423
x-77-age
2933
last-modified
Fri, 15 Sep 2023 19:51:26 GMT
server
CDN77-Turbo
etag
W/"11f7265ac07dc554631305b93c85fced"
x-77-nzt-ray
25b021317693b49ff42c0c6535e78c35
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
Wv73wHGAb-XmmjiG4rl76C04XSDN0yPf_oJk9HxwCFMXFQStNsX0cg==
placester-ajax.php
randynoel.exithome.com/wp-content/plugins/toolbox/src// 		507 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://randynoel.exithome.com/wp-content/plugins/toolbox/src//placester-ajax.php
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=75c7cf91a9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.20.13.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-13-248.compute-1.amazonaws.com
Software
openresty / PHP/8.0.30
Resource Hash
a9dcbaf24199aab21c764b6566dfa82628d035268a18738bb43232f39829fa44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://randynoel.exithome.com/
X-Requested-With
XMLHttpRequest
dpr
1

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Sep 2023 11:45:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
X-Served-By
app2
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/gif
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MVBTMC2CXZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52GHC3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a852c71ad16901d504f37b2aca5e1f9a51c8695bb5225681449a5ad1b362c1eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92569
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Sep 2023 11:45:56 GMT
heromelrose2-2.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose2-2.png
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
63ba48c6307550316eaa9140138e0e2b7faa6f17b0f636eaa252a1c0bb301f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="heromelrose2-2.webp"
server-timing
cld-fastly;mitm=p;dur=3;cpu=2;start=2023-09-21T11:45:57.015Z;desc=hit,rtt;dur=6,content-info;desc="width=1660,height=1038,owidth=2880,oheight=1800,obytes=5937198"
content-length
115580
last-modified
Tue, 03 Jan 2023 21:11:45 GMT
server
Cloudinary
etag
"eceb3d151416b45ae972810840fde478"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
images%2F5137be26d37bb66fb4000001%2F560558181%2F560558181_1.jpg
uploads-cf.cdn.placester.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560558181%2F560558181_1.jpg?d=400x225
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-107.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
IMG_2084%20%281%29.jpg
media.placester.com/image/upload/c_fill,dpr_1.0,f_auto,fl_lossy,h_30,q_auto,w_30/v1/inception-app-prod/NGEyZDhiYTYtYjdhNi00ZDFkLWE1NTctMWEzNDdkZTkyYjli/content/2021/07/ 		302 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_fill,dpr_1.0,f_auto,fl_lossy,h_30,q_auto,w_30/v1/inception-app-prod/NGEyZDhiYTYtYjdhNi00ZDFkLWE1NTctMWEzNDdkZTkyYjli/content/2021/07/IMG_2084%20%281%29.jpg
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
92f26e260a568e1762535d4648bfbbbe99c37d6ca2b2e4ec1728db9c335687ff
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="IMG_2084 (1).webp"
server-timing
cld-fastly;mitm=p;dur=3;cpu=1;start=2023-09-21T11:45:57.015Z;desc=hit,rtt;dur=6,content-info;desc="width=30,height=30,owidth=3416,oheight=3502,obytes=849851"
content-length
302
last-modified
Fri, 06 Jan 2023 12:51:40 GMT
server
Cloudinary
etag
"18c50cb61c1fde764c390ddda2827920"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
images%2F5137be26d37bb66fb4000001%2F560289326%2F560289326_1.jpg
uploads-cf.cdn.placester.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560289326%2F560289326_1.jpg?d=400x225
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-107.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
heromelrose1-3.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose1-3.png
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
40bd81f59247b2ba974b7818fe3467c764c9f754893f97780185cd05c1fb494e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="heromelrose1-3.webp"
server-timing
cld-fastly;mitm=p;dur=2;cpu=1;start=2023-09-21T11:45:57.015Z;desc=hit,rtt;dur=6,content-info;desc="width=1660,height=1038,owidth=2880,oheight=1800,obytes=7358535"
content-length
205708
last-modified
Tue, 03 Jan 2023 21:11:45 GMT
server
Cloudinary
etag
"30e1cffcaf08ec66c4cae54392a30ae9"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
EXITLogoforMarketingWebsitesKnockouthighresBLACKTEXTcopy.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTZiM2JhMmYtMjUxMC00MDI2LWFmYzktOTZmNjkyOGFiZWE5/content/2021/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTZiM2JhMmYtMjUxMC00MDI2LWFmYzktOTZmNjkyOGFiZWE5/content/2021/07/EXITLogoforMarketingWebsitesKnockouthighresBLACKTEXTcopy.png
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
b5c88afea0d859c75409230f08857db8b5a767948e8fa5270cba917762ae4488
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="EXITLogoforMarketingWebsitesKnockouthighresBLACKTEXTcopy.webp"
server-timing
cld-fastly;mitm=p;dur=3;cpu=1;start=2023-09-21T11:45:57.015Z;desc=hit,rtt;dur=6,content-info;desc="width=1660,height=996,owidth=2400,oheight=1440,obytes=173702"
content-length
27166
last-modified
Sun, 15 Jan 2023 13:30:52 GMT
server
Cloudinary
etag
"8dd8550d5c44c2aad6afa883227c0e70"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
images%2F5137be26d37bb66fb4000001%2F560528805%2F560528805_1.jpg
uploads-cf.cdn.placester.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560528805%2F560528805_1.jpg?d=400x225
Requested by
Host: randynoel.exithome.com
URL: https://randynoel.exithome.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-107.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
widget_app_base_1694807332529.js
cdn.userway.org/widgetapp/2023-09-15-19-48-52/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-09-15-19-48-52/widget_app_base_1694807332529.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
10c25857f89d999cdeee0b756156cfe7f3bee879cb6acab453ee8a04bd78c7cc

Request headers

Referer
https://randynoel.exithome.com/
Origin
https://randynoel.exithome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 21 Sep 2023 11:45:56 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
76
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
489118
x-accel-date
1694807638
x-77-nzt
AcO1rycfru//nnYHAA
x-accel-expires
@1720727638
x-77-age
489118
last-modified
Fri, 15 Sep 2023 19:51:21 GMT
server
CDN77-Turbo
etag
W/"bc7a01055b6631612c24e95c8520f9f5"
x-77-nzt-ray
25b0213123986fa1f42c0c65c2a0a639
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
YiAOmXk2YepJOWm3gIurqxEVmRW6-81lVvQI94cQiemByaN2AZiCJg==
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MVBTMC2CXZ&gtm=45je39i0&_p=1575723458&cid=856455612.1695296757&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695296756&sct=1&seg=0&dl=https%3A%2F%2Frandynoel.exithome.com%2F&dt=Randy%20Noel%20-%20Paving%20Your%20Way%20Home&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MVBTMC2CXZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 11:45:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://randynoel.exithome.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prdCKqbzRS
api.userway.org/api/tunings/ 		443 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/prdCKqbzRS
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-15-19-48-52/widget_app_base_1694807332529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:4f3b:c925:5be4:3a1d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dea979e1aad58bfc02d1e2f8295a1d001e943db4193efa9aa26d031cbf4de8f1

Request headers

Referer
https://randynoel.exithome.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Sep 2023 11:46:00 GMT
etag
W/"1bb-USIWJeCZ1W4QBR6CueEBmNDPEd8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr70f42ff82630486
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
443
x-service-version
uw-pr
heromelrose3-2.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose3-2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="heromelrose3-2.webp"
server-timing
cld-fastly;mitm=p;dur=4;cpu=1;start=2023-09-21T11:45:59.707Z;desc=hit,rtt;dur=10,content-info;desc="width=1660,height=1038,owidth=2880,oheight=1800,obytes=6398313"
content-length
173106
last-modified
Tue, 03 Jan 2023 21:11:45 GMT
server
Cloudinary
etag
"608b765c8c03cb08a3dc90b5fdd771d3"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
heromelrose3-2.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose3-2.png
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=75c7cf91a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="heromelrose3-2.webp"
server-timing
cld-fastly;mitm=p;dur=1;start=2023-09-21T11:45:59.736Z;desc=hit,rtt;dur=6,content-info;desc="width=1660,height=1038,owidth=2880,oheight=1800,obytes=6398313"
content-length
173106
last-modified
Tue, 03 Jan 2023 21:11:45 GMT
server
Cloudinary
etag
"608b765c8c03cb08a3dc90b5fdd771d3"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
heromelrose3-2.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2019/12/heromelrose3-2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 11:45:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="heromelrose3-2.webp"
server-timing
cld-fastly;mitm=p;dur=1;start=2023-09-21T11:45:59.753Z;desc=hit,rtt;dur=8,content-info;desc="width=1660,height=1038,owidth=2880,oheight=1800,obytes=6398313"
content-length
173106
last-modified
Tue, 03 Jan 2023 21:11:45 GMT
server
Cloudinary
etag
"608b765c8c03cb08a3dc90b5fdd771d3"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
placester-ajax.php
randynoel.exithome.com/wp-content/plugins/toolbox/src// 		227 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://randynoel.exithome.com/wp-content/plugins/toolbox/src//placester-ajax.php
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=75c7cf91a9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.20.13.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-13-248.compute-1.amazonaws.com
Software
openresty / PHP/8.0.30
Resource Hash
e5700ebf4614282ec123c5746c5517a7caf55b5189e67fd6f5b76bfc2424546c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://randynoel.exithome.com/
X-Requested-With
XMLHttpRequest
dpr
1

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Sep 2023 11:46:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
X-Served-By
app2
en-US.json
cdn.userway.org/widgetapp/2023-09-15-19-48-52/locales/ 		500 B
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-09-15-19-48-52/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-15-19-48-52/widget_app_base_1694807332529.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 21 Sep 2023 11:46:00 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
117
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
489076
x-accel-date
1694807684
x-77-nzt
AcO1ryeU7Af/dHYHAA
x-accel-expires
@1720727684
x-77-age
489076
last-modified
Fri, 15 Sep 2023 19:51:20 GMT
server
CDN77-Turbo
etag
W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray
25b0213123986fa1f82c0c65b751c30c
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
Cwc1dlAwIhRE5emQOJMSuBOzeK-qZZRijp2NFB9W_YXhcX9sxH9vsg==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 21 Sep 2023 11:46:00 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
267
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
8477938
x-accel-date
1686818822
x-77-nzt
AcO1ryeAh1X/8lyBAA
x-accel-expires
@1712738822
x-77-age
8477938
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray
25b021317693b49ff82c0c65387e842d
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
OYrgg1mGpCclPfT9JdvTj881e2OmReFmnlYrhD7IDFA0s8OiCjuhag==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randynoel.exithome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 21 Sep 2023 11:46:00 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
267
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
8477938
x-accel-date
1686818822
x-77-nzt
AcO1rycQhjT/8lyBAA
x-accel-expires
@1712738822
x-77-age
8477938
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
25b021317693b49ff82c0c65309e8a2d
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
X-EqlF9-0PavF6HWAg7QdVhz-FWP8h_E6PtrPX_fuJKRBiQ7EytT_g==

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer object| ValhallaConfig object| _pdata object| valhallaUserway function| trim function| MarkerClusterer function| Cluster function| ClusterIcon function| $ function| jQuery function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| Outlayer function| Isotope function| Masonry function| Packery function| moment function| Pikaday function| Cookies object| valhalla object| _userway_config object| google_tag_manager object| google_tag_data object| UserWayWidgetApp function| onYouTubeIframeAPIReady object| gaGlobal function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway

6 Cookies

Domain/Path Name / Value
randynoel.exithome.com/ Name: placester_events_uuid
Value: e7758e8c-bb9b-4583-8cad-6226fb66d0ba
randynoel.exithome.com/ Name: placester_events_expiry
Value: 1695325555
randynoel.exithome.com/ Name: placester_events_session
Value: b9a3c7cd-42c7-4a11-8543-514571821dd6
.exithome.com/ Name: _ga_MVBTMC2CXZ
Value: GS1.1.1695296756.1.0.1695296756.0.0.0
.exithome.com/ Name: _ga
Value: GA1.1.856455612.1695296757
randynoel.exithome.com/ Name: placester_events_session_timestamp
Value: 1695296760164

3 Console Messages

Source Level URL
Text
network error URL: https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560289326%2F560289326_1.jpg?d=400x225
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560558181%2F560558181_1.jpg?d=400x225
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://uploads-cf.cdn.placester.net/images%2F5137be26d37bb66fb4000001%2F560528805%2F560528805_1.jpg?d=400x225
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
events-va.placester.com
fonts.googleapis.com
fonts.gstatic.com
media.placester.com
randynoel.exithome.com
region1.google-analytics.com
static.myrealestateplatform.com
uploads-cf.cdn.placester.net
www.googletagmanager.com
18.173.233.107
18.238.243.90
2001:4860:4802:32::36
2600:1f14:5db:eb22:4f3b:c925:5be4:3a1d
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a02:6ea0:c700::11
2a04:4e42::614
52.20.13.248
52.21.232.179
06baf60c697e5aad439b0487daab6d3fec5519228910ebe5fbc2fd7567200ca4
10c25857f89d999cdeee0b756156cfe7f3bee879cb6acab453ee8a04bd78c7cc
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ef18a090e101fd3f672d936e2b2c054e6e553815d194ab684673bf41a01d09c
1f490e773e97b9e3b8e7d1beba668ef979c1dcca6740c59a1bd6c5a5f34e047b
1fd282248afd8fda2855039b1a77227f618df6fa8cade503f3845a4d4b4203c0
245efda27cb0145472be43e4cff5758ae17cbd288dbac11f301549212b66fd99
2b2bcad1b638234e845761aa204554993de41753e07d281b6e837a2945017fc9
40845a7f4f5fb2f19f4773d6f8cfa2a012c4d94a5c47225ab9749edbce498f90
40bd81f59247b2ba974b7818fe3467c764c9f754893f97780185cd05c1fb494e
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
58ebaf5e934a671f7a23b95c6ffb91a8f9b949555097503fe37f15043e149d42
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
63ba48c6307550316eaa9140138e0e2b7faa6f17b0f636eaa252a1c0bb301f2c
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
92f26e260a568e1762535d4648bfbbbe99c37d6ca2b2e4ec1728db9c335687ff
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce
a852c71ad16901d504f37b2aca5e1f9a51c8695bb5225681449a5ad1b362c1eb
a9dcbaf24199aab21c764b6566dfa82628d035268a18738bb43232f39829fa44
aee810efea02f02fdd98d66218bba36deca0b84c5f939ede2bbe30cb2a9e0375
b5c88afea0d859c75409230f08857db8b5a767948e8fa5270cba917762ae4488
b67bfd6e6e4f939620c697b9ce751ee07df8583ff3fa4b29ed3ee3ea8f213372
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c85fea31071a3a5016271b707a18b5b2fc642dc96eb3c1a6011d5f4131076ef3
d238dee5be82f05cf25348156ed5a6d53f67b5c9a0f6a0bb5467f26cf8be28f2
da321419ed7ffe67c84b36cc7656a31e34d2ee13b5032e2b962ec249602e7139
dc0aa11884c4e0ddd57d811a3d6f5fc210a0166a47846dadbcd87fba58c2e28c
dea979e1aad58bfc02d1e2f8295a1d001e943db4193efa9aa26d031cbf4de8f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5700ebf4614282ec123c5746c5517a7caf55b5189e67fd6f5b76bfc2424546c