Submitted URL: https://rtrassets.com/
Effective URL: https://www.rtrassets.com/
Submission: On May 13 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 50 HTTP transactions. The main IP is 50.112.96.169, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.rtrassets.com.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time www.rtrassets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 rtrassets.com
rtrassets.com
www.rtrassets.com
820 KB
12 apts247.info
static2.apts247.info — Cisco Umbrella Rank: 165803
media.apts247.info — Cisco Umbrella Rank: 193795
3 MB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3095
1 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
272 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7810
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
397 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
165 KB
50 9
Domain Requested by
18 www.rtrassets.com www.rtrassets.com
static2.apts247.info
6 media.apts247.info www.rtrassets.com
6 static2.apts247.info www.rtrassets.com
4 www.google.com www.rtrassets.com
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.rtrassets.com
2 www.google.de www.rtrassets.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.rtrassets.com
www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 rtrassets.com 1 redirects
50 13
Subject Issuer Validity Valid
rtrassets.com
R3
2024-04-15 -
2024-07-14
3 months crt.sh
apts247.info
Amazon RSA 2048 M01
2023-09-10 -
2024-10-08
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google.de
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.rtrassets.com/
Frame ID: 9C45807ECC8510DEB279780FD865074E
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbdHcnAAAAADfqoN0GVma2LIxWPiml3k9J7Pch&co=aHR0cHM6Ly93d3cucnRyYXNzZXRzLmNvbTo0NDM.&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=oll9lgaf4jdj
Frame ID: 48205679A73BF6FDC0EC1F88DC8EC1CE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcbdHcnAAAAADfqoN0GVma2LIxWPiml3k9J7Pch
Frame ID: 9AEC8B6E9352B6EAFA9872FC32F63B39
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

RTR Assets - Home

Page URL History Show full URLs

  1. https://rtrassets.com/ HTTP 301
    https://www.rtrassets.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Overall confidence: 100%
Detected patterns
  • backbone.*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

50
Requests

100 %
HTTPS

69 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

4265 kB
Transfer

5439 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rtrassets.com/ HTTP 301
    https://www.rtrassets.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.rtrassets.com/
Redirect Chain
  • https://rtrassets.com/
  • https://www.rtrassets.com/
17 KB
5 KB
Document
General
Full URL
https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
987ebee9186971609dcd4f75e767fa2c8ae62e860cbe8723a27f0b11b35c4def

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Mon, 13 May 2024 11:24:01 GMT
etag
W/"61da9bbbf9d38b9e090ad35d49eea640"
server
nginx
x-ua-compatible
IE=edge

Redirect headers

content-length
0
date
Mon, 13 May 2024 11:24:00 GMT
location
https://www.rtrassets.com/
server
nginx
main.css
www.rtrassets.com/gridmedia/css/
153 KB
26 KB
Stylesheet
General
Full URL
https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
641382fa029ee613d498a3b7da66c7d8c37f3ead913a7f74d9e08500a0ab6aa8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/css
date
Mon, 13 May 2024 11:24:01 GMT
cache-control
max-age=31536000
content-encoding
gzip
server
nginx
etag
W/"07481552b9d591f91848da61e6af2fd7"
x-ua-compatible
IE=edge
modernizr.js
static2.apts247.info/cache/js/
28 KB
11 KB
Script
General
Full URL
https://static2.apts247.info/cache/js/modernizr.js?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a200:1e:2e5f:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aa26dad28c879d08575f1ddae410c776703f878bd0833712496f08015bfacb7d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
etag
W/"25492d6ccac510656863e573fa53871c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
LjSPeWXZI1f1QbaW3emdCYY9IRiSuTAzHLXuXv4oRMd49CIyU6WfEA==
jquery-2.0.3.min.js
static2.apts247.info/cms/js/
82 KB
29 KB
Script
General
Full URL
https://static2.apts247.info/cms/js/jquery-2.0.3.min.js?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a200:1e:2e5f:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
etag
W/"0a6e846b954e345951e710cd6ce3440e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
syLRgmsXf96Sx8yTQ5KmJAWzmKDmD9qW1ohTI1-rAvB9gHEqFaZY1g==
underscore-min.js
static2.apts247.info/cache/js/
12 KB
4 KB
Script
General
Full URL
https://static2.apts247.info/cache/js/underscore-min.js?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a200:1e:2e5f:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42d8fad13bc28fc726775196ec9ab953febf9bde175c5845128361c953fa17f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
etag
W/"b538b8a3ed2c5519b19409eace25c38b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
Zm409ckMELKaOwFh1g4ksJe7kCu-ibbAa8CfOIZouUd-KGQZHj_1ug==
json2.js
static2.apts247.info/cache/js/
3 KB
2 KB
Script
General
Full URL
https://static2.apts247.info/cache/js/json2.js?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a200:1e:2e5f:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f7de3f7d5ffbe3ffb30fae353d72af419ccb1bd59df1f6ccbf3da3da993d4263

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
etag
W/"b38005cac289caf3ccb29675f79749a6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
UwBmUqsbC8ABC7_0NZk5P14G1qz-Jy3XKcRX2jZlirbFlbOrOWUFXA==
backbone-min.js
static2.apts247.info/cache/js/
15 KB
6 KB
Script
General
Full URL
https://static2.apts247.info/cache/js/backbone-min.js?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a200:1e:2e5f:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c6cf62dea4ac82c9f9d9a7841d143ad5226cf3f54bf88d5a50a6e59cd667352c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
etag
W/"beeb0726f296ebf8435bdeff40151ec9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
48b0SsVvvoJ95paDEPWKzWdIGuu_sdHyH6oarmwS4egEMc6jgaQ1Gg==
backbone-tastypie.js
static2.apts247.info/cache/js/
1 KB
928 B
Script
General
Full URL
https://static2.apts247.info/cache/js/backbone-tastypie.js?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a200:1e:2e5f:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
92377ad270dd2694e2835b5299594e9cbea62fe121ac0461229aeb4f5d41982e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC50-P2
etag
W/"d882b7ffaf5b4370b26f75f92e548a48"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
80UcaNijocjDCvYh7gPIu9c3fDCjbpz0XYkpDtu6ngR2xWt3GC0k6w==
djenga.js
www.rtrassets.com/gridmedia/js/
3 KB
1 KB
Script
General
Full URL
https://www.rtrassets.com/gridmedia/js/djenga.js?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
dc77b9339abcca2db777a4a83c41459fbc3364f9c3254ae2b838bd6149bf2f62

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=31536000
content-encoding
gzip
server
nginx
etag
W/"49cbdb85a1a72da5ed7ed322f497ebb2"
x-ua-compatible
IE=edge
quickerSearch.js
www.rtrassets.com/gridmedia/js/
3 KB
1 KB
Script
General
Full URL
https://www.rtrassets.com/gridmedia/js/quickerSearch.js
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
01396ca87c8c4d0d13a85d9a86765bd2a9cfb2ca60d20ef30c841dad54ebe8d7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=3600
content-encoding
gzip
server
nginx
etag
W/"70d3470dbf8b4a2b5b4edbc76e6d7091"
x-ua-compatible
IE=edge
featured.js
www.rtrassets.com/gridmedia/js/
5 KB
2 KB
Script
General
Full URL
https://www.rtrassets.com/gridmedia/js/featured.js
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
820d6a8389f6180a65a4aee16f8ad99e148326bab649181486511c4fb5dbc6aa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=3600
content-encoding
gzip
server
nginx
etag
W/"df6da9430a14c176781e114eb4ad6587"
x-ua-compatible
IE=edge
js
www.googletagmanager.com/gtag/
203 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-172200437-6
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c70005c1abdb4fe5a72a3b6b843bb9cf3285efba0790fcb2abbaf6476fe00c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74893
x-xss-protection
0
last-modified
Mon, 13 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 11:24:02 GMT
logo.svg
www.rtrassets.com/gridmedia/img/logos/
9 KB
9 KB
Image
General
Full URL
https://www.rtrassets.com/gridmedia/img/logos/logo.svg
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a2fdfb32ee54028fc2abe46c21ff8200024346b1b3f743399e69697ab3dd2286

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/svg+xml
date
Mon, 13 May 2024 11:24:01 GMT
cache-control
max-age=3600
server
nginx
etag
"2b432f7b03de6839f0d2c9cbf7592b40"
content-length
8724
x-ua-compatible
IE=edge
home-slide-1224.webp
www.rtrassets.com/gridmedia/img/
209 KB
209 KB
Image
General
Full URL
https://www.rtrassets.com/gridmedia/img/home-slide-1224.webp?cv=20240501100
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a301a764982ec3aa2c65052e7d5eaf0146cd95933a6eb41881fc7b76c4074355

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
binary/octet-stream
date
Mon, 13 May 2024 11:24:01 GMT
cache-control
max-age=31536000
server
nginx
etag
"1d5800027a860350c544871d6e9066fa"
content-length
213998
x-ua-compatible
IE=edge
award.webp
www.rtrassets.com/gridmedia/img/
531 KB
531 KB
Image
General
Full URL
https://www.rtrassets.com/gridmedia/img/award.webp
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8133dc397ee13f9b23281daebc24ef600a27ec739ae2031271023cabac3f080d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
binary/octet-stream
date
Mon, 13 May 2024 11:24:01 GMT
cache-control
max-age=3600
server
nginx
etag
"fe510ec3dd47aad6f63a095ec09212e5"
content-length
543266
x-ua-compatible
IE=edge
rtr_assets_white.png
media.apts247.info/cb/cb36af33390c442b8bee05ef87b748f4/logo/corporate/
8 KB
8 KB
Image
General
Full URL
https://media.apts247.info/cb/cb36af33390c442b8bee05ef87b748f4/logo/corporate/rtr_assets_white.png
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:98e:1c01:2e44:6879:2678:28d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e1ee75146f40f57a8b3e0b7e3fadcfd9f974103e5f2fbf0e6d6a3d798c38b451

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=3600
server
nginx
etag
"d684da817455c37859c43ea6b05174d7"
content-length
8023
content-type
image/png
basescripts.js
www.rtrassets.com/gridmedia/js/
4 KB
1 KB
Script
General
Full URL
https://www.rtrassets.com/gridmedia/js/basescripts.js
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0f58d37144b8791d15f286d4576fb94064ba11ecc83161c5180cd551f800b8bf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=3600
content-encoding
gzip
server
nginx
etag
W/"37c3c3b623b41c4aea4ad391c7e5af98"
x-ua-compatible
IE=edge
api.js
www.google.com/recaptcha/
1 KB
878 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
6033258be0f6198edcb268dae8e72ad4f74944f1892af77754cc35d9f228330c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 13 May 2024 11:24:02 GMT
numbers.min.js
www.rtrassets.com/gridmedia/js/
1 KB
651 B
Script
General
Full URL
https://www.rtrassets.com/gridmedia/js/numbers.min.js
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a65ce8aa1ffbfbe62539efd1a395d385d3d93ce9582fce174c68b22ec4cb8436

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=3600
content-encoding
gzip
server
nginx
etag
W/"088ca19f1e2249c6fba0580ca8ca637b"
x-ua-compatible
IE=edge
css
fonts.googleapis.com/
3 KB
531 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 May 2024 09:52:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 May 2024 11:24:01 GMT
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700&display=swap
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb6b9d24b54fb097fb66a94256247dba599489e0e92aa7512346ab1ecd19483b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 May 2024 09:25:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 May 2024 11:24:01 GMT
css2
fonts.googleapis.com/
3 KB
531 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 11:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 May 2024 10:33:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 May 2024 11:24:01 GMT
search_drop_down.svg
www.rtrassets.com/gridmedia/img/svg/
328 B
385 B
Image
General
Full URL
https://www.rtrassets.com/gridmedia/img/svg/search_drop_down.svg
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6a62d28be652db14660edc53a5294c8af6f503fc0bb9e310989f4a2fabfa41c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/svg+xml
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=3600
server
nginx
etag
"741fc3a71fd898554267d2b2c3002f56"
content-length
328
x-ua-compatible
IE=edge
map_pin.svg
www.rtrassets.com/gridmedia/img/svg/
755 B
812 B
Image
General
Full URL
https://www.rtrassets.com/gridmedia/img/svg/map_pin.svg
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cfa5545a5d91c71700b5723f1c891e026ecf19bb35b7f39200dcc47030d8ddd6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/gridmedia/css/main.css?cv=20240501100
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/svg+xml
date
Mon, 13 May 2024 11:24:02 GMT
cache-control
max-age=3600
server
nginx
etag
"3c4ee2e3fb965ff13889d14659907917"
content-length
755
x-ua-compatible
IE=edge
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.rtrassets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:02:21 GMT
x-content-type-options
nosniff
age
530501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:02:21 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.rtrassets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:56:25 GMT
x-content-type-options
nosniff
age
530857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:56:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/
509 KB
203 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Origin
https://www.rtrassets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 17:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207268
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:03:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 May 2025 17:01:29 GMT
js
www.googletagmanager.com/gtag/
267 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WQ6Z1LVKZQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172200437-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b590b411912b38e51225b5cf9014c5463e66e5bb5cf1be42b41b9448df70cf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93663
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 11:24:02 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172200437-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 May 2024 09:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6179
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 13 May 2024 11:41:03 GMT
/
www.rtrassets.com/api/v5/corporation/communities/region/all/
22 KB
5 KB
XHR
General
Full URL
https://www.rtrassets.com/api/v5/corporation/communities/region/all/
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/js/quickerSearch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b81cb8d6951c51b939535042e3afd6a1067e5480d46c04991aa9c8d5bd14b167

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:03 GMT
content-encoding
gzip
content-type
application/json
server
nginx
x-ua-compatible
IE=edge
/
www.rtrassets.com/api/v1/corporation_info/
7 KB
2 KB
Fetch
General
Full URL
https://www.rtrassets.com/api/v1/corporation_info/
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/js/featured.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
89a9b2fa60b09c75735e6aa3ca92c05e1e20053c59b2c07392542528e98e443b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:02 GMT
content-encoding
gzip
content-type
application/json
server
nginx
x-ua-compatible
IE=edge
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.rtrassets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:07:30 GMT
x-content-type-options
nosniff
age
144992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 19:07:30 GMT
/
www.rtrassets.com/api/v1/corporation_info/
7 KB
2 KB
XHR
General
Full URL
https://www.rtrassets.com/api/v1/corporation_info/?format=JSON
Requested by
Host: static2.apts247.info
URL: https://static2.apts247.info/cms/js/jquery-2.0.3.min.js?cv=20240501100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
89a9b2fa60b09c75735e6aa3ca92c05e1e20053c59b2c07392542528e98e443b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.rtrassets.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:02 GMT
content-encoding
gzip
content-type
application/json
server
nginx
x-ua-compatible
IE=edge
collect
region1.analytics.google.com/g/
0
246 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WQ6Z1LVKZQ&gtm=45je4580v9136466412za200&_p=1715599442330&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=864773992.1715599443&ecid=1581177419&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAI&_s=1&sid=1715599442&sct=1&seg=0&dl=https%3A%2F%2Fwww.rtrassets.com%2F&dt=RTR%20Assets%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3281
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQ6Z1LVKZQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 11:24:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rtrassets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WQ6Z1LVKZQ&cid=864773992.1715599443&gtm=45je4580v9136466412za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQ6Z1LVKZQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 11:24:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rtrassets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WQ6Z1LVKZQ&cid=864773992.1715599443&gtm=45je4580v9136466412za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1281467971
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 11:24:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 4820
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbdHcnAAAAADfqoN0GVma2LIxWPiml3k9J7Pch&co=aHR0cHM6Ly93d3cucnRyYXNzZXRzLmNvbTo0NDM.&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=oll9lgaf4jdj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jNeRD3elVRxtwQ01wZ9BYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.rtrassets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jNeRD3elVRxtwQ01wZ9BYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 11:24:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/
2 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=966269939&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rtrassets.com%2F&ul=de-de&de=UTF-8&dt=RTR%20Assets%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=60614698&gjid=1757828517&cid=864773992.1715599443&tid=UA-172200437-6&_gid=736077152.1715599443&_r=1&gtm=457e4580za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=492212800
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 11:24:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rtrassets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
350 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-172200437-6&cid=864773992.1715599443&jid=60614698&gjid=1757828517&_gid=736077152.1715599443&npa=1&_u=YADAAUAAAAAAACAAI~&z=636040349
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 13 May 2024 11:24:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rtrassets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.rtrassets.com/api/v3/corporations/everything/
67 KB
10 KB
Fetch
General
Full URL
https://www.rtrassets.com/api/v3/corporations/everything/?api_key=88ee0f5f4bd6e1a592e9f9d4e83fdd5e4fbd9a01
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/gridmedia/js/featured.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3ad4ab5b07611d8933bdc7251e64024142c39936808e0d503bdf675be701ab39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 11:24:03 GMT
content-encoding
gzip
server
nginx
allow
GET, HEAD, OPTIONS
vary
Cookie
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1
expires
Mon, 13 May 2024 11:24:04 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-172200437-6&cid=864773992.1715599443&jid=60614698&npa=1&_u=YADAAUAAAAAAACAAI~&z=2108575584
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 11:24:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-172200437-6&cid=864773992.1715599443&jid=60614698&npa=1&_u=YADAAUAAAAAAACAAI~&z=2108575584
Requested by
Host: www.rtrassets.com
URL: https://www.rtrassets.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 11:24:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
home-slide-1224.webp
www.rtrassets.com/gridmedia/img/
209 KB
0
Image
General
Full URL
https://www.rtrassets.com/gridmedia/img/home-slide-1224.webp?cv=20240501100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a301a764982ec3aa2c65052e7d5eaf0146cd95933a6eb41881fc7b76c4074355

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
binary/octet-stream
date
Mon, 13 May 2024 11:24:01 GMT
cache-control
max-age=31536000
server
nginx
etag
"1d5800027a860350c544871d6e9066fa"
content-length
213998
x-ua-compatible
IE=edge
bframe
www.google.com/recaptcha/api2/ Frame 9AEC
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcbdHcnAAAAADfqoN0GVma2LIxWPiml3k9J7Pch
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MOsb8Eroa5JrrdK3w08Rfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.rtrassets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MOsb8Eroa5JrrdK3w08Rfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 11:24:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
www.rtrassets.com/gridmedia/
15 KB
15 KB
Other
General
Full URL
https://www.rtrassets.com/gridmedia/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.96.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-96-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
50338daea203f91419d03c0b111711cb8ea04574080cb2500013ac2f0b47d35a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/vnd.microsoft.icon
date
Mon, 13 May 2024 11:24:03 GMT
cache-control
max-age=3600
server
nginx
etag
"29c03cdbae8211dc4dbdbbbf4fe152d9"
content-length
15406
x-ua-compatible
IE=edge
pool.jpeg
media.apts247.info/18/189b0996fc2240e6a8087072b670c191/hero_shot/community/
861 KB
862 KB
Image
General
Full URL
https://media.apts247.info/18/189b0996fc2240e6a8087072b670c191/hero_shot/community/pool.jpeg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:98e:1c01:2e44:6879:2678:28d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
be986cc94faa4114beadd4c270901400e2c2903197fa8754e6eca27cf318087c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:04 GMT
cache-control
max-age=3600
server
nginx
etag
"aca35518f1850c04d16c8e86023a9821"
content-length
881959
content-type
image/jpeg
ACTS2302.jpg
media.apts247.info/67/67ac7b616e884f018c10f6d5e32fc905/hero_shot/community/
584 KB
585 KB
Image
General
Full URL
https://media.apts247.info/67/67ac7b616e884f018c10f6d5e32fc905/hero_shot/community/ACTS2302.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:98e:1c01:2e44:6879:2678:28d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
07f9a27ce13a6a526de18e797086fd2e15c46e39cffe996d881ade1aa992fe9d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:04 GMT
cache-control
max-age=3600
server
nginx
etag
"f50a79d703afd8e7981ff5ccc6c4994d"
content-length
598313
content-type
image/jpeg
20210615-1618.jpg
media.apts247.info/35/356cfa9b39bf46bea54e0414cb150c36/hero_shot/community/
445 KB
446 KB
Image
General
Full URL
https://media.apts247.info/35/356cfa9b39bf46bea54e0414cb150c36/hero_shot/community/20210615-1618.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:98e:1c01:2e44:6879:2678:28d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
adc420ef2c949d5cfda0e4f3d816282c0a00286b33385d141a22c9927ed8fc41

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:04 GMT
cache-control
max-age=3600
server
nginx
etag
"1408d4b3852afdd490eb6a158494a42f"
content-length
456138
content-type
image/jpeg
3F7A3530.jpg
media.apts247.info/3c/3ceb20fb73704fc6b360a2c8d7d7c0e6/hero_shot/community/
496 KB
497 KB
Image
General
Full URL
https://media.apts247.info/3c/3ceb20fb73704fc6b360a2c8d7d7c0e6/hero_shot/community/3F7A3530.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:98e:1c01:2e44:6879:2678:28d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5865204525ae4d70b372e818efdd0941b10583a05e6c25a80f34f9457f4d81fb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:04 GMT
cache-control
max-age=3600
server
nginx
etag
"c677d5bf01b97d4a44c59a223eb77594"
content-length
508355
content-type
image/jpeg
3F7A3438.jpg
media.apts247.info/6e/6e256cb17d1c494bb80fdc62246d0642/hero_shot/community/
531 KB
532 KB
Image
General
Full URL
https://media.apts247.info/6e/6e256cb17d1c494bb80fdc62246d0642/hero_shot/community/3F7A3438.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:98e:1c01:2e44:6879:2678:28d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c2f97eed08dc9235ca06d118ff9fea75ece7e35c4c207497a8dbcbcc468c9562

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rtrassets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 11:24:04 GMT
cache-control
max-age=3600
server
nginx
etag
"05096a02c27b1f2d974b28947eb8d2b9"
content-length
543941
content-type
image/jpeg

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| Modernizr function| $ function| jQuery function| _ object| Backbone function| gtag object| dataLayer function| onloadCallback function| clickHandler object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| api_key function| handle_contact object| getCommunities object| citiesAndStates object| stateSelector object| citySelector object| cityStateForm string| stateOptionHTML string| cityOptionHTML function| serializeArray object| cData function| getData function| insertAfter function| createFeatured function| popLink function| reveal function| init function| animateValue function| isInViewport object| numbers object| gaGlobal object| recaptcha object| closure_lm_181809 object| gaplugins object| gaData

5 Cookies

Domain/Path Name / Value
.rtrassets.com/ Name: _ga_WQ6Z1LVKZQ
Value: GS1.1.1715599442.1.0.1715599442.60.0.1581177419
.rtrassets.com/ Name: _ga
Value: GA1.2.864773992.1715599443
.rtrassets.com/ Name: _gid
Value: GA1.2.736077152.1715599443
.rtrassets.com/ Name: _gat_gtag_UA_172200437_6
Value: 1
www.rtrassets.com/ Name: sessionid
Value: r67rhnrv42praqb7svwp26wz8y2c1wzq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
media.apts247.info
region1.analytics.google.com
rtrassets.com
static2.apts247.info
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.rtrassets.com
142.250.184.227
142.250.186.68
2001:4860:4802:34::36
2600:1f14:98e:1c01:2e44:6879:2678:28d
2600:9000:237d:a200:1e:2e5f:7f80:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:810::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
50.112.96.169
50.112.96.208
01396ca87c8c4d0d13a85d9a86765bd2a9cfb2ca60d20ef30c841dad54ebe8d7
07f9a27ce13a6a526de18e797086fd2e15c46e39cffe996d881ade1aa992fe9d
0b590b411912b38e51225b5cf9014c5463e66e5bb5cf1be42b41b9448df70cf4
0f58d37144b8791d15f286d4576fb94064ba11ecc83161c5180cd551f800b8bf
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
3ad4ab5b07611d8933bdc7251e64024142c39936808e0d503bdf675be701ab39
42d8fad13bc28fc726775196ec9ab953febf9bde175c5845128361c953fa17f4
50338daea203f91419d03c0b111711cb8ea04574080cb2500013ac2f0b47d35a
5865204525ae4d70b372e818efdd0941b10583a05e6c25a80f34f9457f4d81fb
6033258be0f6198edcb268dae8e72ad4f74944f1892af77754cc35d9f228330c
641382fa029ee613d498a3b7da66c7d8c37f3ead913a7f74d9e08500a0ab6aa8
6a62d28be652db14660edc53a5294c8af6f503fc0bb9e310989f4a2fabfa41c2
8133dc397ee13f9b23281daebc24ef600a27ec739ae2031271023cabac3f080d
820d6a8389f6180a65a4aee16f8ad99e148326bab649181486511c4fb5dbc6aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a9b2fa60b09c75735e6aa3ca92c05e1e20053c59b2c07392542528e98e443b
8c70005c1abdb4fe5a72a3b6b843bb9cf3285efba0790fcb2abbaf6476fe00c9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92377ad270dd2694e2835b5299594e9cbea62fe121ac0461229aeb4f5d41982e
987ebee9186971609dcd4f75e767fa2c8ae62e860cbe8723a27f0b11b35c4def
a2fdfb32ee54028fc2abe46c21ff8200024346b1b3f743399e69697ab3dd2286
a301a764982ec3aa2c65052e7d5eaf0146cd95933a6eb41881fc7b76c4074355
a65ce8aa1ffbfbe62539efd1a395d385d3d93ce9582fce174c68b22ec4cb8436
aa26dad28c879d08575f1ddae410c776703f878bd0833712496f08015bfacb7d
adc420ef2c949d5cfda0e4f3d816282c0a00286b33385d141a22c9927ed8fc41
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
b81cb8d6951c51b939535042e3afd6a1067e5480d46c04991aa9c8d5bd14b167
be986cc94faa4114beadd4c270901400e2c2903197fa8754e6eca27cf318087c
c2f97eed08dc9235ca06d118ff9fea75ece7e35c4c207497a8dbcbcc468c9562
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6cf62dea4ac82c9f9d9a7841d143ad5226cf3f54bf88d5a50a6e59cd667352c
cfa5545a5d91c71700b5723f1c891e026ecf19bb35b7f39200dcc47030d8ddd6
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
dc77b9339abcca2db777a4a83c41459fbc3364f9c3254ae2b838bd6149bf2f62
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1ee75146f40f57a8b3e0b7e3fadcfd9f974103e5f2fbf0e6d6a3d798c38b451
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7de3f7d5ffbe3ffb30fae353d72af419ccb1bd59df1f6ccbf3da3da993d4263
fb6b9d24b54fb097fb66a94256247dba599489e0e92aa7512346ab1ecd19483b