www.rusticrootsimagesaz.com Open in urlscan Pro
18.235.135.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rusticrootsimagesaz.com/
Effective URL:
https://www.rusticrootsimagesaz.com/
Submission Tags: phishingrod
Submission: On November 28 via api (November 28th 2023, 6:34:27 pm UTC) from DE — Scanned from DE

Summary HTTP 41 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 5 domains to perform 41 HTTP transactions. The main IP is 18.235.135.157, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.rusticrootsimagesaz.com.
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.

This is the only time www.rusticrootsimagesaz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	18.235.135.157 18.235.135.157	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26da:e800:6:e86d:4680:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26d... 2600:9000:26da:6a00:c:258c:3f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:7e00:1:e307:5840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:5c00:15:ca3d:dcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26da:8c00:6:87ae:7200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:0:1d:471b:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:26d... 2600:9000:26db:d800:1c:8223:4200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:200:11:796e:ad00:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
41	13

7 18.235.135.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-135-157.compute-1.amazonaws.com

rusticrootsimagesaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.rusticrootsimagesaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:e800:6:e86d:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)

image10.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:6a00:c:258c:3f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

image8.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:7e00:1:e307:5840:93a1 (United States)

ASN16509 (AMAZON-02, US)

image9.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:5c00:15:ca3d:dcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

image11.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:8c00:6:87ae:7200:93a1 (United States)

ASN16509 (AMAZON-02, US)

image13.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:0:1d:471b:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

image14.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26db:d800:1c:8223:4200:93a1 (United States)

ASN16509 (AMAZON-02, US)

image4.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:200:11:796e:ad00:93a1 (United States)

ASN16509 (AMAZON-02, US)

image6.photobiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gstatic.com fonts.gstatic.com www.gstatic.com	725 KB
11	photobiz.com image10.photobiz.com — Cisco Umbrella Rank: 450832 image8.photobiz.com — Cisco Umbrella Rank: 439314 image9.photobiz.com — Cisco Umbrella Rank: 450834 image11.photobiz.com — Cisco Umbrella Rank: 466874 image13.photobiz.com — Cisco Umbrella Rank: 487778 image14.photobiz.com — Cisco Umbrella Rank: 487779 image4.photobiz.com — Cisco Umbrella Rank: 452002 image6.photobiz.com — Cisco Umbrella Rank: 483363	6 MB
7	rusticrootsimagesaz.com 1 redirects rusticrootsimagesaz.com www.rusticrootsimagesaz.com	157 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	96 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
41	5

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	www.rusticrootsimagesaz.com www.gstatic.com www.google.com
6	www.rusticrootsimagesaz.com	www.rusticrootsimagesaz.com
3	image4.photobiz.com	www.rusticrootsimagesaz.com
2	image8.photobiz.com	www.rusticrootsimagesaz.com
2	fonts.googleapis.com	www.rusticrootsimagesaz.com
1	image6.photobiz.com	www.rusticrootsimagesaz.com
1	image14.photobiz.com	www.rusticrootsimagesaz.com
1	image13.photobiz.com	www.rusticrootsimagesaz.com
1	image11.photobiz.com	www.rusticrootsimagesaz.com
1	image9.photobiz.com	www.rusticrootsimagesaz.com
1	image10.photobiz.com	www.rusticrootsimagesaz.com
1	rusticrootsimagesaz.com	1 redirects
41	14

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.facebook.com
www.instagram.com
policies.google.com
facebook.com
instagram.com
www.photobiz.com

Subject Issuer	Validity	Valid
www.rusticrootsimagesaz.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.photobiz.com Amazon RSA 2048 M01	`2023-07-02` - `2024-07-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.rusticrootsimagesaz.com/
Frame ID: 73E99093A244F248C4D58120593AF249
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX&co=aHR0cHM6Ly93d3cucnVzdGljcm9vdHNpbWFnZXNhei5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=odqo0a5teej
Frame ID: B612FE765070BCDB7C24C870A7BCB8E9
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX
Frame ID: FB9FC2A0CB848AE6D7AE7C2540114050
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rustic Roots Images

Page URL History Show full URLs

https://rusticrootsimagesaz.com/ HTTP 301
https://www.rusticrootsimagesaz.com/ Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

41
Requests

100 %
HTTPS

92 %
IPv6

5
Domains

14
Subdomains

13
IPs

2
Countries

6953 kB
Transfer

8464 kB
Size

5
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/place/
Title: MEET US

Search URL Search Domain Scan URL

URL: http://www.facebook.com/rusticrootsimages

Search URL Search Domain Scan URL

URL: http://www.instagram.com/rusticrootsimages

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/721+E+Beale+St.+Kingman%2C+AZ+86401
Title: 721 E Beale St Kingman, AZ 86401

Search URL Search Domain Scan URL

URL: http://facebook.com/rusticrootsimages
Title: FACEBOOK

Search URL Search Domain Scan URL

URL: http://instagram.com/rusticrootsimages
Title: INSTAGRAM

Search URL Search Domain Scan URL

URL: https://www.photobiz.com/
Title: Crafted by PhotoBiz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rusticrootsimagesaz.com/ HTTP 301
https://www.rusticrootsimagesaz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rusticrootsimagesaz.com/
Redirect Chain

https://rusticrootsimagesaz.com/
https://www.rusticrootsimagesaz.com/

87 KB
15 KB

658ms
229ms

Document
text/html

18.235.135.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-135-157.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9aaba254858d6a5522abbb5da869e20ce6d01235ab37a1eece9f5016e034d2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 28 Nov 2023 18:34:20 GMT
server: Apache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 28 Nov 2023 18:34:19 GMT
location: https://www.rusticrootsimagesaz.com
server: Apache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main-e6f823db.css
www.rusticrootsimagesaz.com/system/apps/sites/dist/css/ 267 KB
31 KB 126ms
125ms Stylesheet
text/css 18.235.135.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rusticrootsimagesaz.com/system/apps/sites/dist/css/main-e6f823db.css

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-135-157.compute-1.amazonaws.com

Software

Apache /

Resource Hash

bf51d22996771bea8bf1367bba6dec04567cd1c8d96c5dfc69593a5cbc7c41dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 13:53:07 GMT
server: Apache
etag: W/"273249-1701179587703-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30920
x-xss-protection: 1; mode=block
expires: Wed, 27 Nov 2024 18:34:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
893 B 79ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Quicksand

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a7427bea5c0131cb43aedf9a5d1ed685fcca4e4f6a0cb7376e15db7bb6b5ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 18:34:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 80ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Raleway

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:25:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 18:34:20 GMT

GET
H2 200 main-acfeaace.js Show response
www.rusticrootsimagesaz.com/system/apps/sites/dist/js/ 367 KB
100 KB 238ms
238ms Script
application/javascript 18.235.135.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rusticrootsimagesaz.com/system/apps/sites/dist/js/main-acfeaace.js

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-135-157.compute-1.amazonaws.com

Software

Apache /

Resource Hash

902a3ad2067d23eb27fd0dcc2b2f1ced65582b5a30e2fcd47669649582a82b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Jul 2022 13:47:30 GMT
server: Apache
etag: W/"375691-1657547250726-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Wed, 27 Nov 2024 18:34:20 GMT

GET
H2 200 7_20200102105609_11053797_large.jpg
image10.photobiz.com/4939/ 40 KB
40 KB 565ms
465ms Image
image/jpeg 2600:9000:26da:e800:6:e86d:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image10.photobiz.com/4939/7_20200102105609_11053797_large.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:e800:6:e86d:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f5206aebd6f9ebcc0fa59849ea862d6b387856edd05fb1118f8a10ad311e505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:21 GMT
x-amz-version-id: cAyuNwvigVlGOHpKadVK9JkNn.kpnEPf
via: 1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jan 2020 16:56:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: "57cedf332ceab1e665f529a1d6c02c63"
x-cache: Miss from cloudfront
cache-control: max-age=31536000, immutable
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 40861
x-amz-cf-id: mcognTu7yBI5WCt099qWnODGP2fElclFO3nmiYbs9HQbhgok9_nL9A==

GET
H2 200 placeholder_1px.png
www.rusticrootsimagesaz.com/global/images/ 175 B
432 B 117ms
116ms Image
image/png 18.235.135.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rusticrootsimagesaz.com/global/images/placeholder_1px.png

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-135-157.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ed5bb9ea302414a1ad9f250d5cd5b5da08f55fe43b18020db13f74966e4bc0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Jun 2019 16:49:12 GMT
server: Apache
etag: W/"175-1560358152000"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 175
x-xss-protection: 1; mode=block
expires: Wed, 27 Nov 2024 18:34:20 GMT

GET
H2 200 cffp.js Show response
www.rusticrootsimagesaz.com/cfformprotect/js/ 3 KB
2 KB 118ms
117ms Script
application/javascript 18.235.135.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rusticrootsimagesaz.com/cfformprotect/js/cffp.js

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-135-157.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b413c7e0c3364aef8eb5f7c7fdd1d791afb1a4be74ccea2e46a31d6cadcc170f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Mar 2014 14:55:13 GMT
server: Apache
etag: W/"3312-1394031313000-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1446
x-xss-protection: 1; mode=block
expires: Wed, 27 Nov 2024 18:34:20 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 22 KB
22 KB 78ms
28ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Raleway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rusticrootsimagesaz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:20:22 GMT
x-content-type-options: nosniff
age: 508438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22420
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:56:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 21:20:22 GMT

GET
H2 200 sites-icon-font-classic.woff2
www.rusticrootsimagesaz.com/system/apps/sites/src/css/fonts/sites-icon-font-classic/fonts/ 9 KB
10 KB 118ms
118ms Font
font/woff2 18.235.135.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rusticrootsimagesaz.com/system/apps/sites/src/css/fonts/sites-icon-font-classic/fonts/sites-icon-font-classic.woff2?15zu11

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.235.135.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-135-157.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9fd1aff4b167256e9231e4cc7ccfc86367c587da35ea0d756ae437479c60b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rusticrootsimagesaz.com/
Origin: https://www.rusticrootsimagesaz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 13:39:33 GMT
server: Apache
etag: W/"9664-1588685973000-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9687
x-xss-protection: 1; mode=block
expires: Wed, 27 Nov 2024 18:34:20 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/ 15 KB
16 KB 72ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Quicksand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73b8057c918765ed1a41c6ca23e2c0530b51d396e12ce63071297c5a04178504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rusticrootsimagesaz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 19:04:28 GMT
x-content-type-options: nosniff
age: 430192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15788
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 19:04:28 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=pbizRecaptchaReady&render=explicit&hl=en

Requested by

Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/system/apps/sites/dist/js/main-acfeaace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7fb1f124ea4fa0c7ce94ccba23266a088d31a6ae46d39a689447fae882ae3b55

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 28 Nov 2023 18:34:20 GMT

GET
H2 200 7_20210929124852_11819864_xlarge.jpg
image8.photobiz.com/8585/ 402 KB
403 KB 651ms
547ms Image
image/jpeg 2600:9000:26da:6a00:c:258c:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.photobiz.com/8585/7_20210929124852_11819864_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:6a00:c:258c:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 060d14495bebf51f32ba8e3020c0fb77a43e035775d76ab1303f7ed3b570926b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: xbE0LA1QuAe0XM5XLKdlpePGeUN53Moi
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 17:48:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: "0457a9a703d24399757cff2ed68b1b5a"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 411989
x-amz-cf-id: 7PdBLmlJBGIh3KdM9pt-TcQYLrYgFvYKGQmw5VxT7nmFamXiy2iNYw==

GET
H2 200 7_20220814191814_12369497_xlarge.jpg
image9.photobiz.com/8584/ 313 KB
314 KB 673ms
574ms Image
image/jpeg 2600:9000:2491:7e00:1:e307:5840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image9.photobiz.com/8584/7_20220814191814_12369497_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:7e00:1:e307:5840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c633f8dec5bd3b97563c5b55731adfff79ff8766757e9c7be26413f296c130ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: wVEzWXK1JoOf3v4NJ_roYbVsMrSc8QBv
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 00:18:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "709ecbb7f619c3a911c0f3b0cb240fee"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 321015
x-amz-cf-id: mDMNATY3Qsl9Mv5SBrwpBZ5qQ9PM0wy6CGpEIEfDJTm_bPkD58qDYA==

GET
H2 200 7_20210929124402_11819857_xlarge.jpg
image11.photobiz.com/8586/ 506 KB
507 KB 693ms
612ms Image
image/jpeg 2600:9000:225e:5c00:15:ca3d:dcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image11.photobiz.com/8586/7_20210929124402_11819857_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5c00:15:ca3d:dcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69ebe3ae291b17c28f590d7f98fee4ef2a48943d213bd97da9459293ceeb5fc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: vQopaX8Ljfb.gOQ8XsThZU9GRhZIdSdE
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 17:44:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "2f4c40f24fd706b6b2ddbd2809ee4a58"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 517937
x-amz-cf-id: b7CnUay-dNIUphT7FB_uorkZBSKUDBvfCIbLFLZymkMHsvG6Y3Ulww==

GET
H2 200 7_20220814191913_12369499_xlarge.jpg
image13.photobiz.com/10309/ 604 KB
605 KB 706ms
593ms Image
image/jpeg 2600:9000:26da:8c00:6:87ae:7200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image13.photobiz.com/10309/7_20220814191913_12369499_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:8c00:6:87ae:7200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 121e9efead19e51aeffd4fa3ca652ab6debc0defd8002fba3aaba418efb105e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: 8JsZZQbPSyTAXHuZ7XJ7RwU4dNM8PyCA
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 00:19:14 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: "ac35008f0b24dae6f2a7b65f8294e0fd"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 618169
x-amz-cf-id: VigwH6ZHJhHz0YXpgHv-J6R4kENUhjZIOa6H6squpDmU-tEOkA-qPw==

GET
H2 200 7_20220814191842_12369498_xlarge.jpg
image8.photobiz.com/8585/ 991 KB
992 KB 650ms
547ms Image
image/jpeg 2600:9000:26da:6a00:c:258c:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.photobiz.com/8585/7_20220814191842_12369498_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:6a00:c:258c:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c061586af5334fc01bdd75dfafdb95b97705296ef132c87296ac69aa0c907f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: VGeGSujO..xQycNPHclLL3Kf_qmByeoP
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 00:18:44 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: "6a6c6d0c906a2c3bb4d77e513cb22687"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 1014557
x-amz-cf-id: q4kQ9lEuVAFFBtVs2n17ftEnQ4hvSIVgW5XS6vN8-Mds7XGlQ4jk_g==

GET
H2 200 7_20210929124449_11819859_xlarge.jpg
image14.photobiz.com/10152/ 317 KB
318 KB 617ms
524ms Image
image/jpeg 2600:9000:223f:0:1d:471b:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image14.photobiz.com/10152/7_20210929124449_11819859_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:0:1d:471b:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31a0eba85c9f32d5515b962f8177f83a6b1e7e25e8abacad18031b34e17e4bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: 9IVWS8axWolMOPhlFHYFMDEVpOCuo2fg
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 17:44:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "52da860b3514d61505975ba1635433a7"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 324914
x-amz-cf-id: lBP8ASG-fh5Khm_Poo3CfrtQtSIodRE__3KNoCnxgeYmD4GC-3JrBw==

GET
H2 200 7_20210929124717_11819862_xlarge.jpg
image4.photobiz.com/8911/ 437 KB
438 KB 636ms
537ms Image
image/jpeg 2600:9000:26db:d800:1c:8223:4200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.photobiz.com/8911/7_20210929124717_11819862_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:d800:1c:8223:4200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0bce98532ae3f3d746224a157ee1c879e8d50fae1d66613b4055a8c634665c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: tIeVgkeU0zqRqWEAzodOc5aKcYOEkCAl
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 17:47:18 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "4233bff014bf696aecd91600b45d871a"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 447589
x-amz-cf-id: slZDjkbfTR3KmpccyNvum8I8wLjgYVxEa1mANk4eMoKnmlJUwkkAUg==

GET
H2 200 7_20210929124804_11819863_xlarge.jpg
image6.photobiz.com/8933/ 921 KB
923 KB 650ms
561ms Image
image/jpeg 2600:9000:26db:200:11:796e:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.photobiz.com/8933/7_20210929124804_11819863_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:200:11:796e:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ac452e105ebaf837ab5f57fece98779d96fb9da65c3f37afc75846e0afd8d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: iB55tUF7QOY6mrOeV1v7P4gUfl7bLlFc
via: 1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 17:48:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "3f8ff47d0da0889a54b1b1895c3fd01e"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 943448
x-amz-cf-id: BeHljoSL5IZ1PY-v1GswLGDPQ6Qk3JKnv_7-iqjan_AbJ-1IWn63ow==

GET
H2 200 7_20200917153058_11278300_xlarge.jpg
image4.photobiz.com/8827/ 1 MB
1 MB 631ms
532ms Image
image/jpeg 2600:9000:26db:d800:1c:8223:4200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.photobiz.com/8827/7_20200917153058_11278300_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:d800:1c:8223:4200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d0fcb605087b634f526fe117434b51a779c9e33f28b2c2e9d1fffcf45d4eaac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: JG2.2C1jWMz.Tsb53FcnL.lTBt.mmClD
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Sep 2020 20:31:00 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "de15285837064c1447a22d91bebee256"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 1089989
x-amz-cf-id: RlxbpB-CCsGOUx54IMq95CYFD-2vIpWUv8-6cJOdLfIxjF6MZ8i42w==

GET
H2 200 7_20200917152804_11278292_xlarge.jpg
image4.photobiz.com/8823/ 366 KB
366 KB 533ms
511ms Image
image/jpeg 2600:9000:26db:d800:1c:8223:4200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.photobiz.com/8823/7_20200917152804_11278292_xlarge.jpg
Requested by: Host: www.rusticrootsimagesaz.com
URL: https://www.rusticrootsimagesaz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:d800:1c:8223:4200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2006d159b77b56132dab1727375535574443669065e53e334a287cf907bf130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rusticrootsimagesaz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
x-amz-version-id: xR0HmOOyfsDZLjGmuJn4m4i8bXpQp2_y
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Sep 2020 20:28:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "882c77c73bef91cc01f29bb677989f5e"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 374278
x-amz-cf-id: tTzA1u3Oabw9ReBcsZpQlvPXGe9kIbLVjzM1kpu7kb6tUkUeyMOvcA==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 465 KB
187 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=pbizRecaptchaReady&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rusticrootsimagesaz.com/
Origin: https://www.rusticrootsimagesaz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190682
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 17:15:57 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B612 61 KB
35 KB 47ms
45ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX&co=aHR0cHM6Ly93d3cucnVzdGljcm9vdHNpbWFnZXNhei5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=odqo0a5teej

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0fd16d201faa71ef318e2513cdacee90d765a1c7e1fe9ba91dc88792fb2a68f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_RD46HHty-ZhuQc3GPR_9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rusticrootsimagesaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_RD46HHty-ZhuQc3GPR_9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:34:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame B612 55 KB
24 KB 67ms
24ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX&co=aHR0cHM6Ly93d3cucnVzdGljcm9vdHNpbWFnZXNhei5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=odqo0a5teej

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 08:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 08:31:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame B612 465 KB
186 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190682
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 17:15:57 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B612 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options: nosniff
age: 80994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B612 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 315379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B612 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:52:48 GMT
x-content-type-options: nosniff
age: 344494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:52:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B612 102 B
135 B 29ms
29ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX&co=aHR0cHM6Ly93d3cucnVzdGljcm9vdHNpbWFnZXNhei5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=odqo0a5teej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 28 Nov 2023 18:34:22 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame FB9F 7 KB
1 KB 31ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26e03516157f0f6c6902017bad43fb42ad78b031919815f42f7614cc1e844bcc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J5YovAR5WaOuiQnZRMsK5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rusticrootsimagesaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-J5YovAR5WaOuiQnZRMsK5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:34:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame FB9F 55 KB
24 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 08:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 08:31:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame FB9F 465 KB
186 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190682
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 17:15:57 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame FB9F 41 KB
25 KB 67ms
67ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5637d671b718eac53f21ab407d678f6c0e355fc96d5718e150b7566898c54da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 28 Nov 2023 18:34:22 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame FB9F 600 B
624 B 23ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:27:50 GMT
x-content-type-options: nosniff
age: 317192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 02 Dec 2023 02:27:50 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame FB9F 530 B
554 B 25ms
24ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:58:17 GMT
x-content-type-options: nosniff
age: 300965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 02 Dec 2023 06:58:17 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame FB9F 665 B
689 B 24ms
24ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:00:32 GMT
x-content-type-options: nosniff
age: 290030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 02 Dec 2023 10:00:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB9F 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 315379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:58:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB9F 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 00:11:32 GMT
x-content-type-options: nosniff
age: 325370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 00:11:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB9F 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:52:48 GMT
x-content-type-options: nosniff
age: 344494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:52:48 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame FB9F 34 KB
34 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6M48dFIDaAtpb_KBMy7P36LDEx6mmfZqSHdIVVnatBs5sNm9Ir-qz7yB6WgRCvMrruZTs07_yshEBZ7JDIJgf2Gj1HptlkZWv3lzcrsgDisWnk-NOf07FPrxpyC-i_bu5vVmjQoK_11684_6MpJBba-brxilQU0Mo3_g9db40ilbT85JU8EZnLN9ie7-RHGwyXOZIiGrYqCxdRNarIa6-PD5iO8puQl0wayH70IyNTeitGkKk&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1414a176dd7269dbac972416937248a52615c432974fe7a891b4e57da0b0c4e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGbOEaAAAAAL4R-pY61DQO_4imuGQQRsWALaTX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:34:22 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 28 Nov 2023 18:34:22 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:52:28	Name: _GRECAPTCHA Value: 09AGYuNuSu7GXSCfM1KdI8po8brH88R9zEixqo4PBcdS4aMSxW-trjKOODfc1hVTm5SZq9U_GHRlcYIGJ9DIe5HC8
www.rusticrootsimagesaz.com/	1970-01-21 02:09:16	Name: SESSIONSTORAGE Value: sessionStorageA1
www.rusticrootsimagesaz.com/	1970-01-21 02:09:16	Name: SESSIONSTORAGEEXPIRATION Value: %7Bts%20%272023-11-29%2012%3A34%3A20%27%7D
www.rusticrootsimagesaz.com/	1970-01-20 17:02:10	Name: cfid Value: 720ab2d4-db21-4ce0-bb8d-ee050d8a9467
www.rusticrootsimagesaz.com/	1970-01-20 17:02:10	Name: cftoken Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
image10.photobiz.com
image11.photobiz.com
image13.photobiz.com
image14.photobiz.com
image4.photobiz.com
image6.photobiz.com
image8.photobiz.com
image9.photobiz.com
rusticrootsimagesaz.com
www.google.com
www.gstatic.com
www.rusticrootsimagesaz.com
18.235.135.157
2600:9000:223f:0:1d:471b:a6c0:93a1
2600:9000:225e:5c00:15:ca3d:dcc0:93a1
2600:9000:2491:7e00:1:e307:5840:93a1
2600:9000:26da:6a00:c:258c:3f80:93a1
2600:9000:26da:8c00:6:87ae:7200:93a1
2600:9000:26da:e800:6:e86d:4680:93a1
2600:9000:26db:200:11:796e:ad00:93a1
2600:9000:26db:d800:1c:8223:4200:93a1
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
060d14495bebf51f32ba8e3020c0fb77a43e035775d76ab1303f7ed3b570926b
121e9efead19e51aeffd4fa3ca652ab6debc0defd8002fba3aaba418efb105e4
1414a176dd7269dbac972416937248a52615c432974fe7a891b4e57da0b0c4e5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
26e03516157f0f6c6902017bad43fb42ad78b031919815f42f7614cc1e844bcc
28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055
31a0eba85c9f32d5515b962f8177f83a6b1e7e25e8abacad18031b34e17e4bef
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
69ebe3ae291b17c28f590d7f98fee4ef2a48943d213bd97da9459293ceeb5fc9
6a7427bea5c0131cb43aedf9a5d1ed685fcca4e4f6a0cb7376e15db7bb6b5ce2
6d0fcb605087b634f526fe117434b51a779c9e33f28b2c2e9d1fffcf45d4eaac
6f5206aebd6f9ebcc0fa59849ea862d6b387856edd05fb1118f8a10ad311e505
73b8057c918765ed1a41c6ca23e2c0530b51d396e12ce63071297c5a04178504
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7fb1f124ea4fa0c7ce94ccba23266a088d31a6ae46d39a689447fae882ae3b55
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8ac452e105ebaf837ab5f57fece98779d96fb9da65c3f37afc75846e0afd8d5e
902a3ad2067d23eb27fd0dcc2b2f1ced65582b5a30e2fcd47669649582a82b77
9aaba254858d6a5522abbb5da869e20ce6d01235ab37a1eece9f5016e034d2d8
a5637d671b718eac53f21ab407d678f6c0e355fc96d5718e150b7566898c54da
b413c7e0c3364aef8eb5f7c7fdd1d791afb1a4be74ccea2e46a31d6cadcc170f
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
b9fd1aff4b167256e9231e4cc7ccfc86367c587da35ea0d756ae437479c60b7b
bf51d22996771bea8bf1367bba6dec04567cd1c8d96c5dfc69593a5cbc7c41dd
c061586af5334fc01bdd75dfafdb95b97705296ef132c87296ac69aa0c907f93
c2006d159b77b56132dab1727375535574443669065e53e334a287cf907bf130
c633f8dec5bd3b97563c5b55731adfff79ff8766757e9c7be26413f296c130ee
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
e0bce98532ae3f3d746224a157ee1c879e8d50fae1d66613b4055a8c634665c7
ed5bb9ea302414a1ad9f250d5cd5b5da08f55fe43b18020db13f74966e4bc0f5
f0fd16d201faa71ef318e2513cdacee90d765a1c7e1fe9ba91dc88792fb2a68f

www.rusticrootsimagesaz.com Open in urlscan Pro 18.235.135.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

92 %IPv6

5 Domains

14 Subdomains

13 IPs

2 Countries

6953 kBTransfer

8464 kBSize

5 Cookies

9 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rusticrootsimagesaz.com Open in urlscan Pro
18.235.135.157 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

92 %
IPv6

5
Domains

14
Subdomains

13
IPs

2
Countries

6953 kB
Transfer

8464 kB
Size

5
Cookies

41 HTTP transactions
0 data transactions