urlscan.io logo urlscan.io
SecurityTrails logo

www.sheridunavan.com Open in urlscan Pro
52.55.233.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sheridunavan.com/
Effective URL: https://www.sheridunavan.com/
Submission Tags: @phish_report
Submission: On July 21 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 30 HTTP transactions. The main IP is 52.55.233.97, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.sheridunavan.com.
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.
This is the only time www.sheridunavan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.169.141.142 16509 (AMAZON-02)
4 52.55.233.97 14618 (AMAZON-AES)
8 3.161.82.21 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.144.179.7 14618 (AMAZON-AES)
10 2a04:4e42::614 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
30 10
1    184.169.141.142 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-141-142.us-west-1.compute.amazonaws.com
sheridunavan.com
4    52.55.233.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-233-97.compute-1.amazonaws.com
www.sheridunavan.com
8    3.161.82.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-21.fra56.r.cloudfront.net
static.myrealestateplatform.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.144.179.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-179-7.compute-1.amazonaws.com
events-va.placester.com
10    2a04:4e42::614 (United States)

ASN54113 (FASTLY, US)
media.placester.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 placester.com
events-va.placester.com
media.placester.com
922 KB
8 myrealestateplatform.com
static.myrealestateplatform.com
2 MB
5 sheridunavan.com
sheridunavan.com
www.sheridunavan.com
26 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
198 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1021 B
30 7
Domain Requested by
10 media.placester.com www.sheridunavan.com
8 static.myrealestateplatform.com www.sheridunavan.com
static.myrealestateplatform.com
4 www.sheridunavan.com www.sheridunavan.com
static.myrealestateplatform.com
2 www.googletagmanager.com static.myrealestateplatform.com
www.google-analytics.com
2 www.google-analytics.com static.myrealestateplatform.com
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 events-va.placester.com static.myrealestateplatform.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.sheridunavan.com
1 sheridunavan.com 1 redirects
30 10

This site contains links to these domains. Also see Links.

Domain
placester.com
www.facebook.com
twitter.com
www.linkedin.com
pinterest.com
Subject Issuer Validity Valid
www.sheridunavan.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.myrealestateplatform.com
Amazon RSA 2048 M03		 2024-06-05 -
2025-07-04		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.placester.com
Amazon RSA 2048 M02		 2024-01-17 -
2025-02-14		 a year crt.sh
s4-san.cloudinary.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-13 -
2024-09-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.sheridunavan.com/
Frame ID: 2D5CE6E259FBB222C709970DF1EB0093
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sheri Dunavan - Your Trust Is The Heart Of My Business

Page URL History Show full URLs

  1. http://sheridunavan.com/ HTTP 307
    https://sheridunavan.com/ HTTP 301
    https://www.sheridunavan.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

3116 kB
Transfer

7001 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sheridunavan.com/ HTTP 307
    https://sheridunavan.com/ HTTP 301
    https://www.sheridunavan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sheridunavan.com/
Redirect Chain
  • http://sheridunavan.com/
  • https://sheridunavan.com/
  • https://www.sheridunavan.com/
186 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sheridunavan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.233.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-233-97.compute-1.amazonaws.com
Software
openresty / PHP/8.0.30
Resource Hash
591d7ce9de86430bab12d0223685452eaf8ecddb63432b70a59df5d15ec41fe2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=3, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jul 2024 01:59:06 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
X-Powered-By
PHP/8.0.30
X-Served-By
app2
X-WP-Super-Cache
Served supercache file from PHP

Redirect headers

Connection
keep-alive
Content-Length
166
Content-Type
text/html
Date
Sun, 21 Jul 2024 01:59:05 GMT
Location
https://www.sheridunavan.com/
Server
openresty
X-Served-By
web4
classic-themes.min.css
www.sheridunavan.com/wp-includes/css/ 		217 B
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sheridunavan.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.233.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-233-97.compute-1.amazonaws.com
Software
openresty /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

Referer
https://www.sheridunavan.com/
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600

Response headers

Pragma
public
Date
Sun, 21 Jul 2024 01:59:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2024 05:05:48 GMT
Server
openresty
ETag
W/"660ce3ac-d9"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=172800, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Tue, 23 Jul 2024 01:59:06 GMT
valhalla-tailwind-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-tailwind-styles.css?v=800fb738d592e90a6b8d
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30de3b5203bf3feaf955bf8fa9257a32f622733b8a4a3a64960536d9f29d7542

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 11:57:29 GMT
content-encoding
gzip
via
1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
last-modified
Tue, 16 Jul 2024 09:53:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
50498
x-amz-server-side-encryption
AES256
etag
W/"808f94bac11966c85fb1e72e035b6a4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
gOy7YDXWrJxnYBlwKfIfVil_r-vNvUPIFVTU_WCAby_YZbXqiT59pA==
valhalla-vendor-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 		265 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
969e606c443151d6f241c55704995bfce170616fa381121d5a0ebf497fe03527

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 11:58:12 GMT
content-encoding
gzip
via
1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
last-modified
Tue, 16 Jul 2024 09:53:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
50470
x-amz-server-side-encryption
AES256
etag
W/"c92e8122960e03cf6f3c153d595b3455"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
Z__U0MjkAJfKiw8iSfExLqrB6A6ipuC5MSpksWLYso_vZ6OxjW9OZw==
valhalla-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 		2 MB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-styles.css?v=1952be3c0126db6c94f9
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d733cc1cefc7561eef487ae205f69a1287884854a7c9d8a0e3bff2061ca46315

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 11:58:12 GMT
content-encoding
gzip
via
1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
last-modified
Tue, 16 Jul 2024 09:53:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
50469
x-amz-server-side-encryption
AES256
etag
W/"401c9d25768f06e092c412f2fef027b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
CqGgWPPrK1BsfcjktF8VWZIdX6ug-GS8mMP-XyKKJ1NdC5gVFUGISw==
css
fonts.googleapis.com/ 		6 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather+Sans%3A400%2C500%2C600%2C700&display=swap&ver=6.1.1
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ce31fdb5f8be601a4d346a3650562d7aea30c429554cbbcce9a6f3ad7e82205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 01:59:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 01:59:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jul 2024 01:59:06 GMT
valhalla-scripts.js
static.myrealestateplatform.com/Valhalla/assets/dist/ 		2 MB
411 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=dd30aa0de9
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676bfca4569f153b7bcbcf35c0f872c83daacb6a163c2d544a70fe379a992c24

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 11:58:12 GMT
content-encoding
gzip
via
1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
last-modified
Tue, 16 Jul 2024 09:53:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
50469
x-amz-server-side-encryption
AES256
etag
W/"332be3b08dba5e6b86e3095855b372df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
GUWeaec0E62LANvMcV_0kSw-M93SU3hHkIT5LEMT998xbHIPCFjJqg==
fa-light-300.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		447 KB
448 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-light-300.woff2?v=6a94ba202cce157f94b7
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b89a6a3ca2d570b54f0bd623d61633ba4a1d54eb409fc15254afb2477579336

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Origin
https://www.sheridunavan.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:08 GMT
via
1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
458056
last-modified
Tue, 16 Jul 2024 09:53:37 GMT
server
AmazonS3
etag
"0548a3b01ab474a4e43df1b90c713ec8"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
z9EbqKxmNaSigjvb75GlFFaN41TVJSzX7i99WSc9oIumNcZrYgQWUg==
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans%3A400%2C500%2C600%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sheridunavan.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 15:28:01 GMT
x-content-type-options
nosniff
age
383466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38268
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 15:28:01 GMT
fa-solid-900.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		340 KB
341 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-solid-900.woff2?v=9f1626ec58494c3a070a
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Origin
https://www.sheridunavan.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:08 GMT
via
1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
348036
last-modified
Tue, 16 Jul 2024 09:53:37 GMT
server
AmazonS3
etag
"6746ef312ee85bb5431466760df933fa"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
MAhTvxZNCXto__ArtiRx6-TG4ve0E1_yjxJsEGg8cFZm4mPnplngPw==
fa-regular-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		409 KB
410 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-regular-400.woff2?v=244128d7a5557df268b2
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac06ddbf9e71000fb8f9af22735a9d38de31bb12b15410f060c95c05ffee249

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Origin
https://www.sheridunavan.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:08 GMT
via
1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
418952
last-modified
Tue, 16 Jul 2024 09:53:37 GMT
server
AmazonS3
etag
"470b611bf46c0f76db76ae0d76e7187a"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
wnDgO0IGySblaeKq2HNfPK5WJEDoYMJV_SV7HY7UsM-yMtqNNVt2Ew==
fa-brands-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 		115 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-brands-400.woff2?v=5e7b19421dd30c3feeea
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5127b133655d52e7f123265ea329f9fcb21db9d02bbfd2265cf0a8599e9ebcb2

Request headers

Referer
https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=6908ebf1aa2cb7d5299b
Origin
https://www.sheridunavan.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:08 GMT
via
1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
118148
last-modified
Tue, 16 Jul 2024 09:53:37 GMT
server
AmazonS3
etag
"486320787055097851e516e747797909"
access-control-max-age
3000
access-control-allow-methods
POST, PUT, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control
max-age=86400
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
iwgBqlxxNVY7xXo-BQt0ffPVeyeFFO5MKP0eORZRhgsqTX7ZnUjKbQ==
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=dd30aa0de9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 00:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5400
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 21 Jul 2024 02:29:07 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MVBTMC2CXZ
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=dd30aa0de9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
adca76e8fdfbc7f04377da01a4230278975ed9ffb627aa270a43befad112f73b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103637
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 01:59:07 GMT
event
events-va.placester.com/ 		35 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events-va.placester.com/event
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=dd30aa0de9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.179.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-179-7.compute-1.amazonaws.com
Software
Jetty(9.0.3.v20130506) /
Resource Hash
a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Server
Jetty(9.0.3.v20130506)
Connection
keep-alive
Content-Length
35
Content-Type
application/json
placester-ajax.php
www.sheridunavan.com/wp-content/plugins/toolbox/src// 		980 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sheridunavan.com/wp-content/plugins/toolbox/src//placester-ajax.php
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=dd30aa0de9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.233.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-233-97.compute-1.amazonaws.com
Software
openresty / PHP/8.0.30
Resource Hash
f19d56397b653c20ec792b241462a34453f9d36fe3eeef71450bba182315dd74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.sheridunavan.com/
X-Requested-With
XMLHttpRequest
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Pragma
no-cache
Date
Sun, 21 Jul 2024 01:59:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
X-Served-By
app2
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
7e87933ab3313582fad694ff5feb37b67fcf846f.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_768/c_scale,w_768/v1/inception-app-prod/NmYwYTg1NjMtMjBlZC00NTAyLWI5MTQtMjk5YjJiNmE4NTFi/favicon/2021/10/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_768/c_scale,w_768/v1/inception-app-prod/NmYwYTg1NjMtMjBlZC00NTAyLWI5MTQtMjk5YjJiNmE4NTFi/favicon/2021/10/7e87933ab3313582fad694ff5feb37b67fcf846f.png
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
656b5b7c9aab407b59c83070d031cafd964456ffb29186a34a9ca155e54e35bd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="7e87933ab3313582fad694ff5feb37b67fcf846f.webp"
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2024-07-21T01:59:07.766Z;desc=hit,rtt;dur=43,content-info;desc="width=768,height=511,owidth=2400,oheight=1598,obytes=3423658"
content-length
35818
last-modified
Tue, 03 Jan 2023 15:43:14 GMT
server
Cloudinary
etag
"266bd8d2e292fb56dec9ac0102fa14b8"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
2.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/2.png
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
899b712fe0888d307623d34c0d516dc0e8de2535112e9c1020b6e59ba4de22ac
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="2.webp"
server-timing
cld-fastly;mitm=p;dur=2;cpu=1;start=2024-07-21T01:59:07.766Z;desc=hit,rtt;dur=43,content-info;desc="width=1660,height=1108,bytes=120114,owidth=1920,oheight=1281,obytes=893475"
content-length
120114
last-modified
Thu, 19 Oct 2023 16:53:06 GMT
server
Cloudinary
etag
"63d50744f21d9f6134dd78e760163a97"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
pgblackprintramblertransparent-4.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2020/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2020/07/pgblackprintramblertransparent-4.png
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
77207025cbeb0333998281271806e64ab63fc695223a654db56278921fc94cbf
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="pgblackprintramblertransparent-4.webp"
server-timing
cld-fastly;mitm=p;dur=2;cpu=1;start=2024-07-21T01:59:07.765Z;desc=hit,rtt;dur=43,content-info;desc="width=1660,height=389,owidth=3121,oheight=732,obytes=222326"
content-length
24420
last-modified
Wed, 04 Jan 2023 14:09:06 GMT
server
Cloudinary
etag
"5dc33c27f7f6ee371ff85386ec4fa106"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
174795c1e869f8efe2bc331cfe0051fe7ff303ea.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2021/11/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2021/11/174795c1e869f8efe2bc331cfe0051fe7ff303ea.png
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
cf2d539e7d665d36d94f297c9a48d8345e46e0cf3bb76d0c5b3439eadb583107
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="174795c1e869f8efe2bc331cfe0051fe7ff303ea.webp"
server-timing
cld-fastly;mitm=p;dur=1;cpu=0;start=2024-07-21T01:59:07.766Z;desc=hit,rtt;dur=43,content-info;desc="width=1660,height=2149,owidth=1545,oheight=2000,obytes=1935842"
content-length
99176
last-modified
Wed, 04 Jan 2023 14:09:07 GMT
server
Cloudinary
etag
"f35a6cc0fdbce93a9a1a388d5927393e"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
1.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/1.png
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
27a2e12899c870d283b48719fcee5742806b7a8d2bf8cfd9824ea7ff3192038c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="1.webp"
server-timing
cld-fastly;mitm=p;dur=1;cpu=0;start=2024-07-21T01:59:07.767Z;desc=hit,rtt;dur=43,content-info;desc="width=1660,height=1108,bytes=140698,owidth=1920,oheight=1282,obytes=1026399"
content-length
140698
last-modified
Thu, 19 Oct 2023 16:53:06 GMT
server
Cloudinary
etag
"3ec6eab70fda11f2a41a76698634cea8"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
f585c75e72033aad8efca4912d7717726da71296.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2021/11/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2021/11/f585c75e72033aad8efca4912d7717726da71296.png
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f6d514d804f2a4a845062e1113c70d3d54868a74160d022ce718cd080c4ce452
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="f585c75e72033aad8efca4912d7717726da71296.webp"
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2024-07-21T01:59:07.766Z;desc=hit,rtt;dur=43,content-info;desc="width=1660,height=2149,owidth=1545,oheight=2000,obytes=3605151"
content-length
174070
last-modified
Wed, 04 Jan 2023 14:09:08 GMT
server
Cloudinary
etag
"ca9f3ddc4cd9c52a1215a1478ca6456d"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
sdhs.png
media.placester.com/image/upload/c_fill,dpr_1.0,f_auto,fl_lossy,h_30,q_auto,w_30/v1/inception-app-prod/NmYwYTg1NjMtMjBlZC00NTAyLWI5MTQtMjk5YjJiNmE4NTFi/content/2021/04/ 		296 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_fill,dpr_1.0,f_auto,fl_lossy,h_30,q_auto,w_30/v1/inception-app-prod/NmYwYTg1NjMtMjBlZC00NTAyLWI5MTQtMjk5YjJiNmE4NTFi/content/2021/04/sdhs.png
Requested by
Host: www.sheridunavan.com
URL: https://www.sheridunavan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d8ef02530fad79e566671e249f5058187a9138c36e565195bbfec8724c06351d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="sdhs.webp"
server-timing
cld-fastly;mitm=p;dur=1;cpu=0;start=2024-07-21T01:59:07.767Z;desc=hit,rtt;dur=43,content-info;desc="width=30,height=30,owidth=402,oheight=465,obytes=350855"
content-length
296
last-modified
Thu, 05 Jan 2023 20:53:11 GMT
server
Cloudinary
etag
"ccb896935646d526775de1cfd5b6de55"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=435708387&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sheridunavan.com%2F&ul=fi-fi&de=UTF-8&dt=Sheri%20Dunavan%20-%20Your%20Trust%20Is%20The%20Heart%20Of%20My%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=469723595&gjid=2064806385&cid=123866593.1721527148&tid=UA-180340161-1&_gid=1874880452.1721527148&_r=1&_slc=1&z=1462112458
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0df602c426ef1d0f4a64e200a06ab06bb60bdb80df85b56b9d17eddf37bc7b18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:59:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sheridunavan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3MWBNTELPD&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b621046ad660bb31810ad192ed321a6fa8a74506af257c3c98ae97e8a935cf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98252
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 01:59:07 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3MWBNTELPD&gtm=45je47h0v9129570384za200&_p=1721527147510&gcd=13l3l3l2l2&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=fi-fi&sr=1600x1200&cid=123866593.1721527148&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.sheridunavan.com%2F&dt=Sheri%20Dunavan%20-%20Your%20Trust%20Is%20The%20Heart%20Of%20My%20Business&sid=1721527148&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2778&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MWBNTELPD&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:59:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sheridunavan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
placester-ajax.php
www.sheridunavan.com/wp-content/plugins/toolbox/src// 		289 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sheridunavan.com/wp-content/plugins/toolbox/src//placester-ajax.php
Requested by
Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=dd30aa0de9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.233.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-233-97.compute-1.amazonaws.com
Software
openresty / PHP/8.0.30
Resource Hash
ca04b88267cad2ab1fdd91529a35124c50ee6391fa46acab0e5e60dda8c6bad1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.sheridunavan.com/
X-Requested-With
XMLHttpRequest
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Expires
Wed, 11 Jan 1984 05:00:00 GMT
Pragma
no-cache
Date
Sun, 21 Jul 2024 01:59:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
X-Served-By
app2
favicon.ico
media.placester.com/image/upload/c_scale,q_100,w_32/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2020/07/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.placester.com/image/upload/c_scale,q_100,w_32/v1/inception-app-prod/OTAyNjhkNmQtYTFkMy00ZjM3LWJjOWUtZmJmOWE5NWIzMTBi/content/2020/07/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
b3bfd3c02d08a4ff47fde2c690af5011f53900c1da973cf47fd54db0e924af47
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
server-timing
cld-fastly;mitm=p;dur=1;cpu=0;start=2024-07-21T01:59:08.520Z;desc=hit,rtt;dur=43
content-length
1523
last-modified
Sun, 05 Jul 2020 22:01:22 GMT
server
Cloudinary
etag
W/"e235ac425911da0eace143bf0fd795a6"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
3.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bbef731fa4ca70589754181ac2bf64b347140034886594380956b11827b4690c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:08 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="3.webp"
server-timing
cld-fastly;mitm=p;dur=1;cpu=0;start=2024-07-21T01:59:08.811Z;desc=hit,rtt;dur=43,content-info;desc="width=1660,height=1108,bytes=217642,owidth=1920,oheight=1281,obytes=1047913"
content-length
217642
last-modified
Thu, 19 Oct 2023 16:53:08 GMT
server
Cloudinary
etag
"29b35afba2948eea0ca1044fa2b01ee8"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
4.png
media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.placester.com/image/upload/c_fit,dpr_1.0,f_auto,fl_lossy,q_auto,w_2560/c_scale,w_1660/v1/inception-app-assets/slideshows/Interiors/4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
9f285391e161e6adedda91618d02087cd960c10a1617266f34d5698a341cdeca
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sheridunavan.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="4.webp"
server-timing
cld-fastly;mitm=p;dur=1;cpu=0;start=2024-07-21T01:59:12.583Z;desc=hit,rtt;dur=45,content-info;desc="width=1660,height=1107,bytes=126726,owidth=1920,oheight=1280,obytes=982473"
content-length
126726
last-modified
Thu, 19 Oct 2023 16:53:07 GMT
server
Cloudinary
etag
"97e2d262857c7b663a80d8f8dec60d79"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ValhallaConfig object| _pdata object| valhallaUserway function| trim function| $ function| jQuery function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| Outlayer function| Isotope function| Masonry function| Packery function| moment function| Pikaday function| Cookies object| maplibregl object| valhalla function| MapBuilder string| GoogleAnalyticsObject function| ga object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady

8 Cookies

Domain/Path Name / Value
www.sheridunavan.com/ Name: cookie-banner-accepted
Value: no-banner
www.sheridunavan.com/ Name: placester_events_session
Value: 417c95fc-4201-4a5e-b318-b1f417fcdf07
www.sheridunavan.com/ Name: placester_events_uuid
Value: a9e33694-eb12-40e1-ac3a-23bb4dc47426
.sheridunavan.com/ Name: _ga
Value: GA1.2.123866593.1721527148
.sheridunavan.com/ Name: _gid
Value: GA1.2.1874880452.1721527148
.sheridunavan.com/ Name: _gat
Value: 1
.sheridunavan.com/ Name: _ga_3MWBNTELPD
Value: GS1.2.1721527148.1.0.1721527148.0.0.0
www.sheridunavan.com/ Name: placester_events_session_timestamp
Value: 1721527148

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.sheridunavan.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://www.sheridunavan.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://www.sheridunavan.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events-va.placester.com
fonts.googleapis.com
fonts.gstatic.com
media.placester.com
region1.google-analytics.com
sheridunavan.com
static.myrealestateplatform.com
www.google-analytics.com
www.googletagmanager.com
www.sheridunavan.com
184.169.141.142
2001:4860:4802:32::36
2a00:1450:4001:810::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a04:4e42::614
3.161.82.21
52.55.233.97
54.144.179.7
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0df602c426ef1d0f4a64e200a06ab06bb60bdb80df85b56b9d17eddf37bc7b18
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca
27a2e12899c870d283b48719fcee5742806b7a8d2bf8cfd9824ea7ff3192038c
30de3b5203bf3feaf955bf8fa9257a32f622733b8a4a3a64960536d9f29d7542
3b89a6a3ca2d570b54f0bd623d61633ba4a1d54eb409fc15254afb2477579336
5127b133655d52e7f123265ea329f9fcb21db9d02bbfd2265cf0a8599e9ebcb2
591d7ce9de86430bab12d0223685452eaf8ecddb63432b70a59df5d15ec41fe2
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5ce31fdb5f8be601a4d346a3650562d7aea30c429554cbbcce9a6f3ad7e82205
656b5b7c9aab407b59c83070d031cafd964456ffb29186a34a9ca155e54e35bd
676bfca4569f153b7bcbcf35c0f872c83daacb6a163c2d544a70fe379a992c24
77207025cbeb0333998281271806e64ab63fc695223a654db56278921fc94cbf
899b712fe0888d307623d34c0d516dc0e8de2535112e9c1020b6e59ba4de22ac
969e606c443151d6f241c55704995bfce170616fa381121d5a0ebf497fe03527
9ac06ddbf9e71000fb8f9af22735a9d38de31bb12b15410f060c95c05ffee249
9f285391e161e6adedda91618d02087cd960c10a1617266f34d5698a341cdeca
a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
adca76e8fdfbc7f04377da01a4230278975ed9ffb627aa270a43befad112f73b
b3bfd3c02d08a4ff47fde2c690af5011f53900c1da973cf47fd54db0e924af47
b621046ad660bb31810ad192ed321a6fa8a74506af257c3c98ae97e8a935cf3e
bbef731fa4ca70589754181ac2bf64b347140034886594380956b11827b4690c
ca04b88267cad2ab1fdd91529a35124c50ee6391fa46acab0e5e60dda8c6bad1
cf2d539e7d665d36d94f297c9a48d8345e46e0cf3bb76d0c5b3439eadb583107
d733cc1cefc7561eef487ae205f69a1287884854a7c9d8a0e3bff2061ca46315
d8ef02530fad79e566671e249f5058187a9138c36e565195bbfec8724c06351d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f19d56397b653c20ec792b241462a34453f9d36fe3eeef71450bba182315dd74
f6d514d804f2a4a845062e1113c70d3d54868a74160d022ce718cd080c4ce452