urlscan.io logo urlscan.io
SecurityTrails logo

therobertsgroup.ruuster.com Open in urlscan Pro
3.213.167.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://therobertsgroup.ruuster.com/
Effective URL: https://therobertsgroup.ruuster.com/signup
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 15 domains to perform 48 HTTP transactions. The main IP is 3.213.167.243, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is therobertsgroup.ruuster.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 26th 2023. Valid for: a year.
This is the only time therobertsgroup.ruuster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    3.213.167.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-167-243.compute-1.amazonaws.com
therobertsgroup.ruuster.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)
fast.appcues.com
1    2600:9000:225e:8800:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)
r.wdfl.co
1    2600:9000:21f3:f200:6:92d4:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
eia.followupboss.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
2    3.5.28.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
ruuster-public.s3.amazonaws.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:4400::ac40:992a (United States)

ASN13335 (CLOUDFLARENET, US)
trackcmp.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    108.138.26.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-79.fra56.r.cloudfront.net
cdn.branch.io
1    2600:9000:2057:c000:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
2    2600:9000:2491:5800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
Apex Domain
Subdomains		 Transfer
22 ruuster.com
therobertsgroup.ruuster.com
880 KB
3 branch.io
cdn.branch.io — Cisco Umbrella Rank: 1111
api2.branch.io — Cisco Umbrella Rank: 1281
24 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
333 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
3 KB
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 7224
138 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
73 KB
2 gstatic.com
fonts.gstatic.com
24 KB
2 amazonaws.com
ruuster-public.s3.amazonaws.com
13 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 11026
prism.app-us1.com — Cisco Umbrella Rank: 11133
8 KB
1 app.link
app.link — Cisco Umbrella Rank: 2509
639 B
1 trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 11229
315 B
1 followupboss.com
eia.followupboss.com — Cisco Umbrella Rank: 976795
3 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 29639
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
98 KB
48 15
Domain Requested by
22 therobertsgroup.ruuster.com 1 redirects therobertsgroup.ruuster.com
3 region1.google-analytics.com www.googletagmanager.com
3 fonts.googleapis.com therobertsgroup.ruuster.com
3 fast.appcues.com therobertsgroup.ruuster.com
fast.appcues.com
2 api2.branch.io cdn.branch.io
2 www.facebook.com therobertsgroup.ruuster.com
2 connect.facebook.net therobertsgroup.ruuster.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 ruuster-public.s3.amazonaws.com therobertsgroup.ruuster.com
1 app.link cdn.branch.io
1 cdn.branch.io therobertsgroup.ruuster.com
1 trackcmp.net diffuser-cdn.app-us1.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 diffuser-cdn.app-us1.com therobertsgroup.ruuster.com
1 eia.followupboss.com therobertsgroup.ruuster.com
1 r.wdfl.co therobertsgroup.ruuster.com
1 www.googletagmanager.com therobertsgroup.ruuster.com
48 17

This site contains no links.

Subject Issuer Validity Valid
*.ruuster.com
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-25		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-07 -
2025-07-09		 a year crt.sh
r.wdfl.co
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
*.followupboss.com
Amazon RSA 2048 M01		 2023-10-05 -
2024-11-03		 a year crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
diffuser-cdn.app-us1.com
E1		 2024-05-28 -
2024-08-26		 3 months crt.sh
prism.app-us1.com
E1		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-20 -
2024-06-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-26 -
2024-08-25		 a year crt.sh
*.branch.io
Amazon RSA 2048 M01		 2023-09-11 -
2024-10-09		 a year crt.sh
appipv4.link
Amazon RSA 2048 M03		 2024-03-25 -
2025-04-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://therobertsgroup.ruuster.com/signup
Frame ID: DD44091F8B49DBB4351F867CFC130FA5
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Roberts. group

Page URL History Show full URLs

  1. https://therobertsgroup.ruuster.com/ HTTP 301
    https://therobertsgroup.ruuster.com/signup Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

48
Requests

100 %
HTTPS

81 %
IPv6

15
Domains

17
Subdomains

16
IPs

2
Countries

1274 kB
Transfer

4577 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://therobertsgroup.ruuster.com/ HTTP 301
    https://therobertsgroup.ruuster.com/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signup
therobertsgroup.ruuster.com/
Redirect Chain
  • https://therobertsgroup.ruuster.com/
  • https://therobertsgroup.ruuster.com/signup
38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx / Next.js
Resource Hash
b4adb546b88b8d1cb37b540d65d45784b961fa883884c7b144090f1d69324b4f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Jun 2024 09:19:30 GMT
etag
"998d-Du62TG7hTmm2czofdnSyqO7tCn4"
server
nginx
vary
Accept-Encoding
x-powered-by
Next.js

Redirect headers

cache-control
no-cache, no-store, must-revalidate
date
Tue, 11 Jun 2024 09:19:30 GMT
expires
0
location
/signup
pragma
no-cache
server
nginx
js
www.googletagmanager.com/gtag/ 		287 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y9L1QW4LK2
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f227359edcc5c1745c67e3dfacfec7138f61dba0f7d97f8ead0fbbe77320130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99803
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 09:19:30 GMT
tracker.js
therobertsgroup.ruuster.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/tracker.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4fd012b9076235635bf4f9fa53cf0bcf4c869e3aaa05f5dc7b55a7c2b82d1758

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:17:14 GMT
server
nginx
etag
W/"832-190024bb390"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
gonative.js
therobertsgroup.ruuster.com/ 		244 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/gonative.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
eaafc3d4e67cf4830768a8baffedf04c5df8980b9437beceab5cc29c476207f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:17:14 GMT
server
nginx
etag
W/"f4-190024bb390"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
branchio.js
therobertsgroup.ruuster.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/branchio.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1da64a3270e8f15e687ccebd387650676c4ea4cb63375bff4e8cf61fbb0a48be

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:17:14 GMT
server
nginx
etag
W/"702-190024bb390"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
96897.js
fast.appcues.com/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/96897.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
a1e332628da63d511d81896d7c0d89be82d9ce3a04315ac171e4ffdf7c905ee1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
4793
x-request-id
F9foo0C56DhwEaVKZoXB
x-served-by
cache-fra-etou8220025-FRA
server
Cowboy
x-timer
S1718097571.634901,VS0,VE177
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
0
rw.js
r.wdfl.co/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8800:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffe734ff7b5b10875e5889881f0cf44945035f648f13766203ce4000ddd9ebc5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 08:29:34 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jun 2024 04:29:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
2997
x-amz-server-side-encryption
AES256
etag
W/"8b6c069cd10ea579c98354bcd58b7928"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
J3MTtOsRMI4NqIxNyCi9uX3tZHmPgiEa1lmOLBB6kyLPFoANKt1IbA==
embeddedApps-v1.0.1.js
eia.followupboss.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eia.followupboss.com/embeddedApps-v1.0.1.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f200:6:92d4:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f05274ade75a4aadbd96b63fb4fd88129d3ca0c8417f6a917bdad1eac71621f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hr4RgF0LR7MRQs4Zr9LVIBSOe5GEOvwU
date
Tue, 11 Jun 2024 05:49:53 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Tue, 27 Sep 2022 16:27:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
22356
x-amz-server-side-encryption
AES256
etag
"aac0f233e4424b86e700ca939aee7655"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2828
x-amz-cf-id
Ya2XtdNvs0iA42um2L4gtNWTHBHMh4Q5m5u7_fTjO6tyr3drYMJmkQ==
c2923a14d6214b86e2e1.css
therobertsgroup.ruuster.com/_next/static/css/ 		771 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/css/c2923a14d6214b86e2e1.css
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3b9a967c7ca6bd3007e4e9b12ec0960863d14742e7c81d8a19ea3de06721df4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"c0b05-1900251c1be"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
webpack-c99b618a040d703dcac0.js
therobertsgroup.ruuster.com/_next/static/chunks/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/webpack-c99b618a040d703dcac0.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1850af11bd501df58f4efca9e8eb506b46eb573c453ee695646265512c3d4fd9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"1cf6-1900251c1ca"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
framework-e12e56e0b8a76d261551.js
therobertsgroup.ruuster.com/_next/static/chunks/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/framework-e12e56e0b8a76d261551.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8f4a2847754e1079267244cfdabddc18738be4358e28d569de49bc2a3f56032d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"20268-1900251c1ce"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
main-e362df3b2220f01e9ebf.js
therobertsgroup.ruuster.com/_next/static/chunks/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c3cd3208ef6e6b09bc70592c189f3c5d7f5db75a6a848b2ade3e6a23022ab2a4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"d0a1-1900251c1be"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
_app-e7cc0ac3686437b439f1.js
therobertsgroup.ruuster.com/_next/static/chunks/pages/ 		2 MB
588 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/pages/_app-e7cc0ac3686437b439f1.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
55232aeb9e0b8192a3a89c082f386e8e7387d5e9a5bbd573a6227a16b6216305

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"21789d-1900251c1be"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
signup-ff556673fdbbd222357a.js
therobertsgroup.ruuster.com/_next/static/chunks/pages/ 		382 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/pages/signup-ff556673fdbbd222357a.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7d298bbad6713d9e3366538afc4179d2d6d0a3576d282633e9089e48dc5abc3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"17e-1900251c1ca"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
_buildManifest.js
therobertsgroup.ruuster.com/_next/static/b0a62fRyKrpaxhsFyB1Al/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/b0a62fRyKrpaxhsFyB1Al/_buildManifest.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9f7e2a157b97472561d857b62f10f04d3f1d480e3320e04ebb9c030e98ed281d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"3295-1900251c1be"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
_ssgManifest.js
therobertsgroup.ruuster.com/_next/static/b0a62fRyKrpaxhsFyB1Al/ 		77 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/b0a62fRyKrpaxhsFyB1Al/_ssgManifest.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"4d-1900251c1be"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Roboto:wght@400;500;600;700&family=Poppins:wght@400;500;600;700
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64584a0389e25b90cfafade538f2bd3d28298dcde85d0bd150ad1f9c563517fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 09:19:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jun 2024 09:19:30 GMT
collect
region1.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y9L1QW4LK2&gtm=45je4650v868379972za200&_p=1718097570741&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1877736576.1718097571&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718097570&sct=1&seg=0&dl=https%3A%2F%2Ftherobertsgroup.ruuster.com%2Fsignup&dt=The%20Roberts.%20group&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=662
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9L1QW4LK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 09:19:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://therobertsgroup.ruuster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bebf5c10ecacbfd4f556fd828f3768f5bff750e46c73b12352813f05a52516
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
via
1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P10
age
118
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 03 Jun 2024 21:28:58 GMT
server
cloudflare
etag
W/"7ed0644c4abce847d8cc4b5d6d10b0a5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
8920851a59510e34-AMS
x-amz-cf-id
J3TIAkI-S9SkzuzfgeU67LXCD4PUFfuOfBa88HSiY_N-FzkimHF6og==
appcues.main.13edf12fdb0027dd4404ee6650fc7fcc8d41c7f1.js
fast.appcues.com/generic/main/6.2.1/ 		463 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/6.2.1/appcues.main.13edf12fdb0027dd4404ee6650fc7fcc8d41c7f1.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/96897.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a57d746c66f9b72ad55c0f5e8dd924ed2327bcd401a62d5a9ff97be99a46d16

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Origin
https://therobertsgroup.ruuster.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
CR8N0XXZET9AVHTM
age
59074
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
133428
x-amz-id-2
oRFNXYc24eiSW4vVX3IH9lm3nGndkeguA6acuLo54y+F4AcqTkNRW6PThODuv0qTOg4NIT3i+d4=
x-served-by
cache-fra-etou8220122-FRA
last-modified
Mon, 10 Jun 2024 15:55:27 GMT
server
AmazonS3
x-timer
S1718097571.897697,VS0,VE0
etag
"41558c9ead3174639dad5f336eeb934f"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1337
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/css/c2923a14d6214b86e2e1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 08:47:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jun 2024 09:19:30 GMT
container.13edf12fdb0027dd4404ee6650fc7fcc8d41c7f1.css
fast.appcues.com/generic/main/6.2.1/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/6.2.1/container.13edf12fdb0027dd4404ee6650fc7fcc8d41c7f1.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/6.2.1/appcues.main.13edf12fdb0027dd4404ee6650fc7fcc8d41c7f1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Origin
https://therobertsgroup.ruuster.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
VV4NCGYADC91H78Q
age
59255
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1992
x-amz-id-2
PF3j0WrP1XIH3R8RDpDnqGk4rl4YOOE863ZfmLyFuxbgUNta6VKZEZHMtuqoueG9r00ZavBWwgWz6qcu50phpw==
x-served-by
cache-fra-etou8220122-FRA
last-modified
Mon, 10 Jun 2024 15:55:27 GMT
server
AmazonS3
x-timer
S1718097571.010943,VS0,VE0
etag
"5be05ce494e7cac41d062a0b12a1657c"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
3498
/
prism.app-us1.com/ 		248 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=610755636&u=https%3A%2F%2Ftherobertsgroup.ruuster.com%2Fsignup
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
59ccfaf35891f13de0e68717c5f714c0b97d5e1bb61024343918510097f96dc6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.27
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
70
cf-ray
8920851b8a85b71f-AMS
css2
fonts.googleapis.com/ 		10 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Roboto:wght@400;500;600;700&family=Poppins:wght@400;500;600;700
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64584a0389e25b90cfafade538f2bd3d28298dcde85d0bd150ad1f9c563517fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 09:19:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jun 2024 09:19:30 GMT
logo
ruuster-public.s3.amazonaws.com/agents/015398b5-44fa-45ae-88b9-7d278172b0b8WMQ546MNqpuB-9suMwYHn/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ruuster-public.s3.amazonaws.com/agents/015398b5-44fa-45ae-88b9-7d278172b0b8WMQ546MNqpuB-9suMwYHn/logo
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.28.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
db2f51858d921fa37befd08e6638749e2daf78eec493f9264673632235b13b79

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 09:19:32 GMT
Content-Encoding
base64
x-amz-version-id
3GQjTl78QQVBudU6vtTTIJGEO_Mwf7Rw
Last-Modified
Thu, 11 Apr 2024 20:06:41 GMT
Server
AmazonS3
x-amz-request-id
J8548E77HYKHWMT8
ETag
"6d67c148a5d643c86e93cff77f90d2c3"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10872
x-amz-id-2
iMvDl733aWgAKkhF4oyaD3iVwCugoKS6YLJNh9wep8RcGEBbeNp8RYOTRp1R7CAatFvCj0xsxJZrgIDO8hi0HK5v0eME2KH6lAyGxoYIt6E=
app-store-badge.png
therobertsgroup.ruuster.com/images/agents-landing/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therobertsgroup.ruuster.com/images/agents-landing/app-store-badge.png
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e072c2fb81e158490ce5c781b0103148ac5b6d7c1804445e77040eada9e01036

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
last-modified
Mon, 10 Jun 2024 13:17:14 GMT
server
nginx
etag
W/"3b9a-190024bb390"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
15258
google-play-badge.png
therobertsgroup.ruuster.com/images/agents-landing/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therobertsgroup.ruuster.com/images/agents-landing/google-play-badge.png
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a94903ae42b9893791bae23485a18dfc6bb55d080d927b8372206738db8297f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
last-modified
Mon, 10 Jun 2024 13:17:14 GMT
server
nginx
etag
W/"4047-190024bb390"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
16455
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto:wght@400;500;600;700&family=Poppins:wght@400;500;600;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://therobertsgroup.ruuster.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 17:07:38 GMT
x-content-type-options
nosniff
age
317513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 17:07:38 GMT
signup-background.jpg
therobertsgroup.ruuster.com/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therobertsgroup.ruuster.com/images/signup-background.jpg
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/css/c2923a14d6214b86e2e1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b073cbb9270a37b61efa97bb0859ffc243fd55d26ab52f8fc389882d1152eb28

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/_next/static/css/c2923a14d6214b86e2e1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
last-modified
Mon, 10 Jun 2024 13:17:14 GMT
server
nginx
etag
W/"10054-190024bb390"
content-type
image/jpeg
cache-control
public, max-age=0
accept-ranges
bytes
content-length
65620
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto:wght@400;500;600;700&family=Poppins:wght@400;500;600;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://therobertsgroup.ruuster.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 03:42:39 GMT
x-content-type-options
nosniff
age
20212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:42:39 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y9L1QW4LK2&gtm=45je4650v868379972za200&_p=1718097570741&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1877736576.1718097571&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718097570&sct=1&seg=0&dl=https%3A%2F%2Ftherobertsgroup.ruuster.com%2Fsignup&dt=The%20Roberts.%20group&en=scroll&epn.percent_scrolled=90&_et=4&tfd=1362
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9L1QW4LK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 09:19:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://therobertsgroup.ruuster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/pages/_app-e7cc0ac3686437b439f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jun 2024 09:19:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=12, mss=1328, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
ds8k/JpbCZxqrKnhoZQEp6O6M/idtxdTI2xJI712+VuP1oa0CUwZHnbrj2As3nR52CaVDGmDnaxvQN3EDfj6KQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
t_prism_sitemessages.php
trackcmp.net/ 		0
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=610755636&prismid=1d50dded-e471-4006-8d48-4220d48af3c0&url=https%3A%2F%2Ftherobertsgroup.ruuster.com%2Fsignup
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.28
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, private
x-envoy-upstream-service-time
17
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray
8920851e4874b95a-AMS
content-length
0
5680-79b55b108fcc4a62346d.js
therobertsgroup.ruuster.com/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/5680-79b55b108fcc4a62346d.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"370d-1900251c1d2"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
terms-of-service-6fd3a5dc2cb6ae5e686f.js
therobertsgroup.ruuster.com/_next/static/chunks/pages/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/pages/terms-of-service-6fd3a5dc2cb6ae5e686f.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"c4f-1900251c1ca"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
privacy-policy-88299df3dfc5a17b9d4f.js
therobertsgroup.ruuster.com/_next/static/chunks/pages/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/pages/privacy-policy-88299df3dfc5a17b9d4f.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"8630-1900251c1c6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
476844499697389
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/476844499697389?v=2.9.157&r=stable&domain=therobertsgroup.ruuster.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9168a7646d2ee38b77f681b53b49a366e23bb1f30f2e28570f8b2f01e26df05f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jun 2024 09:19:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=62, mss=1328, tbw=63493, tp=-1, tpl=-1, uplat=175, ullat=0
pragma
public
x-fb-debug
FzQK7ZkRFLIo5PglLSJBaG05UHTepsv3CotfAXNSso25ngJU0kL1mad5UP+m/dO27TV2vXqXiAk2tDqfIyALuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
5680-79b55b108fcc4a62346d.js
therobertsgroup.ruuster.com/_next/static/chunks/ 		14 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/5680-79b55b108fcc4a62346d.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bd7d165bba7011fcf3e8c2577de7659d9e12cdae1875ad96fd5d1ea88512fc0f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"370d-1900251c1d2"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
terms-of-service-6fd3a5dc2cb6ae5e686f.js
therobertsgroup.ruuster.com/_next/static/chunks/pages/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/pages/terms-of-service-6fd3a5dc2cb6ae5e686f.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
363d6c2b0c5012895a76b4dd80df524b398e641ba07db5b236eab914e47c4b85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"c4f-1900251c1ca"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
privacy-policy-88299df3dfc5a17b9d4f.js
therobertsgroup.ruuster.com/_next/static/chunks/pages/ 		34 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://therobertsgroup.ruuster.com/_next/static/chunks/pages/privacy-policy-88299df3dfc5a17b9d4f.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/_next/static/chunks/main-e362df3b2220f01e9ebf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.167.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-167-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
54911b55a89f3d1a30fc8a9db7f10bb8c6959d1a2893d88a8e321f6218977f58

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:31 GMT
content-encoding
gzip
last-modified
Mon, 10 Jun 2024 13:23:50 GMT
server
nginx
etag
W/"8630-1900251c1c6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=476844499697389&ev=PageView&dl=https%3A%2F%2Ftherobertsgroup.ruuster.com%2Fsignup&rl=&if=false&ts=1718097571766&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718097571759.235465226702670129&cs_est=true&ler=empty&cdl=API_unavailable&it=1718097571552&coo=false&rqm=GET
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1328, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jun 2024 09:19:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=476844499697389&ev=PageView&dl=https%3A%2F%2Ftherobertsgroup.ruuster.com%2Fsignup&rl=&if=false&ts=1718097571766&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718097571759.235465226702670129&cs_est=true&ler=empty&cdl=API_unavailable&it=1718097571552&coo=false&rqm=FGET
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x88de39fafe9b9932","source_keys":["1","2"]},{"key_piece":"0xc40a5abe930e6b77","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 11 Jun 2024 09:19:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1328, tbw=3088, tp=-1, tpl=-1, uplat=315, ullat=0
pragma
no-cache
x-fb-debug
veIwbPU3mKvtbBG4HPyysHFtozmDU/xkC331KglyEHmsgkEsisuGvRqqYknW6v03ksL7wr5Ede64FI/1HbV+BQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
branch-latest.min.js
cdn.branch.io/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: therobertsgroup.ruuster.com
URL: https://therobertsgroup.ruuster.com/branchio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-79.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
content-encoding
gzip
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
date
Tue, 11 Jun 2024 09:15:56 GMT
last-modified
Wed, 10 Apr 2024 21:44:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
216
etag
"f4ec9657a3dc111d088e2eca7b9796a4"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
23431
x-amz-cf-id
Nm-lFXjRHkkvqlaHQqxGodnic6O2-I7GqcEdxrQzQpb60R8LirmQJw==
favicon.ico
ruuster-public.s3.amazonaws.com/white-labeling/therobertsgroup/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ruuster-public.s3.amazonaws.com/white-labeling/therobertsgroup/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.28.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8e02ccf16371fb0dca77d34f281e7da2b82dabe1d20b2ee1679c970ab2909d61

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 09:19:33 GMT
x-amz-version-id
xFNJMtQJLauFDyihoF3RzZnIAPX2xvWk
Last-Modified
Thu, 11 Apr 2024 18:44:45 GMT
Server
AmazonS3
x-amz-request-id
TE5XTGZ8JA06GC74
ETag
"d155bc83133912b6d2d8b328a993e29c"
x-amz-server-side-encryption
AES256
Content-Type
image/vnd.microsoft.icon
Accept-Ranges
bytes
Content-Length
1150
x-amz-id-2
BWYQbR+nKLWTBKDfEfmJZ8dV/OZJ4E4lZBy5dXrT+VkpbPul6jG3149UytZguJ4Ddz/bnzZh+Tj0ks8H5+Am1RD0XSioR4MlMcsqmW7cMmo=
_r
app.link/ 		91 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ej6c4YnP6Z4607WlqLUFIomozEbPlFj1&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
3e435565905c06ac6405f026763bb7cdf30d2b9c6c7846015611d2bcbba769fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:19:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
openresty
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop
FRA6-C1
etag
W/"5b-jRNQTM9gbUbcwvcJfY575HE+HnI"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
aQqJmAmrFoukRkZZcsUrq0ZO9zDxkrMA51i8gDQXRKHSlwV6sFu8GQ==
open
api2.branch.io/v1/ 		273 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
4885240d02530628ff3495266aa8cd23f25f9f3b3590e3554b1f96daed6542d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jun 2024 09:19:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Branch
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
67ec792a-0cfa-470e-a9f5-1c62c4003192-2024061109
content-length
273
x-amz-cf-id
dlQRB3g-f4iMo8kioiD0MZjMKIZSdV2AekAj5r40SLqu5-acan9hvQ==
pageview
api2.branch.io/v1/ 		29 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jun 2024 09:19:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Branch
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
29
x-amz-cf-id
WdCgjH_rEPYWTPb_hips6fPoIC5Osdv1DjvNbpBlviGZeeQhySt4nA==
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y9L1QW4LK2&gtm=45je4650v868379972za200&_p=1718097570741&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1877736576.1718097571&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=3&uid=&sid=1718097570&sct=1&seg=1&dl=https%3A%2F%2Ftherobertsgroup.ruuster.com%2Fsignup&dt=The%20Roberts.%20group&en=page_view&_ee=1&_et=693&tfd=6363
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9L1QW4LK2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://therobertsgroup.ruuster.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 09:19:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://therobertsgroup.ruuster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| ioscallback function| gonative_onesignal_info function| googleSignInCallback function| googleSignUpCallback string| visitorGlobalObjectAlias function| vgo function| gonative_iap_purchases object| AppcuesBundleSettings object| Appcues string| _rwq function| rewardful boolean| _rewardful_loaded function| Rewardful object| regeneratorRuntime string| prismGlobalObjectAlias object| visitorGlobalObject object| webpackChunk_N_E object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| __NEXT_PRELOADREADY function| IMask function| globalDispatch object| __BUILD_MANIFEST object| __SSG_MANIFEST function| fbq function| _fbq boolean| ANALYTICS_INITIALIZED object| branch

6 Cookies

Domain/Path Name / Value
.ruuster.com/ Name: _ga
Value: GA1.1.1877736576.1718097571
prism.app-us1.com/ Name: prism_610755636
Value: 1d50dded-e471-4006-8d48-4220d48af3c0
.ruuster.com/ Name: _ga_Y9L1QW4LK2
Value: GS1.1.1718097570.1.1.1718097571.0.0.0
.ruuster.com/ Name: prism_610755636
Value: 1d50dded-e471-4006-8d48-4220d48af3c0
.ruuster.com/ Name: _fbp
Value: fb.1.1718097571759.235465226702670129
.app.link/ Name: _s
Value: CJ93H2gmf%2FB6NKc6%2F59Qo6TBCfAx7KKrSYBECcmbi8r%2BSK3HVbmDlQAI%2Fj27OS9q

3 Console Messages

Source Level URL
Text
other warning URL: https://therobertsgroup.ruuster.com/signup
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://therobertsgroup.ruuster.com/signup
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://therobertsgroup.ruuster.com/signup
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn.branch.io
connect.facebook.net
diffuser-cdn.app-us1.com
eia.followupboss.com
fast.appcues.com
fonts.googleapis.com
fonts.gstatic.com
prism.app-us1.com
r.wdfl.co
region1.google-analytics.com
ruuster-public.s3.amazonaws.com
therobertsgroup.ruuster.com
trackcmp.net
www.facebook.com
www.googletagmanager.com
108.138.26.79
2001:4860:4802:32::36
2600:9000:2057:c000:19:9934:6a80:93a1
2600:9000:21f3:f200:6:92d4:a4c0:93a1
2600:9000:225e:8800:1b:348c:b140:93a1
2600:9000:2491:5800:11:f728:3040:93a1
2606:4700:4400::ac40:992a
2606:4700::6812:80d8
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:827::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::622
3.213.167.243
3.5.28.101
05bebf5c10ecacbfd4f556fd828f3768f5bff750e46c73b12352813f05a52516
1850af11bd501df58f4efca9e8eb506b46eb573c453ee695646265512c3d4fd9
1da64a3270e8f15e687ccebd387650676c4ea4cb63375bff4e8cf61fbb0a48be
2f227359edcc5c1745c67e3dfacfec7138f61dba0f7d97f8ead0fbbe77320130
363d6c2b0c5012895a76b4dd80df524b398e641ba07db5b236eab914e47c4b85
3b9a967c7ca6bd3007e4e9b12ec0960863d14742e7c81d8a19ea3de06721df4e
3e435565905c06ac6405f026763bb7cdf30d2b9c6c7846015611d2bcbba769fc
4885240d02530628ff3495266aa8cd23f25f9f3b3590e3554b1f96daed6542d0
4a57d746c66f9b72ad55c0f5e8dd924ed2327bcd401a62d5a9ff97be99a46d16
4fd012b9076235635bf4f9fa53cf0bcf4c869e3aaa05f5dc7b55a7c2b82d1758
54911b55a89f3d1a30fc8a9db7f10bb8c6959d1a2893d88a8e321f6218977f58
55232aeb9e0b8192a3a89c082f386e8e7387d5e9a5bbd573a6227a16b6216305
59ccfaf35891f13de0e68717c5f714c0b97d5e1bb61024343918510097f96dc6
64584a0389e25b90cfafade538f2bd3d28298dcde85d0bd150ad1f9c563517fc
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
8e02ccf16371fb0dca77d34f281e7da2b82dabe1d20b2ee1679c970ab2909d61
8f4a2847754e1079267244cfdabddc18738be4358e28d569de49bc2a3f56032d
9168a7646d2ee38b77f681b53b49a366e23bb1f30f2e28570f8b2f01e26df05f
9f7e2a157b97472561d857b62f10f04d3f1d480e3320e04ebb9c030e98ed281d
a1e332628da63d511d81896d7c0d89be82d9ce3a04315ac171e4ffdf7c905ee1
a94903ae42b9893791bae23485a18dfc6bb55d080d927b8372206738db8297f7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b073cbb9270a37b61efa97bb0859ffc243fd55d26ab52f8fc389882d1152eb28
b4adb546b88b8d1cb37b540d65d45784b961fa883884c7b144090f1d69324b4f
bd7d165bba7011fcf3e8c2577de7659d9e12cdae1875ad96fd5d1ea88512fc0f
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
c3cd3208ef6e6b09bc70592c189f3c5d7f5db75a6a848b2ade3e6a23022ab2a4
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
db2f51858d921fa37befd08e6638749e2daf78eec493f9264673632235b13b79
e072c2fb81e158490ce5c781b0103148ac5b6d7c1804445e77040eada9e01036
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaafc3d4e67cf4830768a8baffedf04c5df8980b9437beceab5cc29c476207f0
f05274ade75a4aadbd96b63fb4fd88129d3ca0c8417f6a917bdad1eac71621f7
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7d298bbad6713d9e3366538afc4179d2d6d0a3576d282633e9089e48dc5abc3
ffe734ff7b5b10875e5889881f0cf44945035f648f13766203ce4000ddd9ebc5