www.rustadpublishing.com Open in urlscan Pro
2607:f8b0:400d:c09::79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rustadpublishing.com/
Effective URL:
https://www.rustadpublishing.com/
Submission Tags: phishingrod
Submission: On October 12 via api (October 12th 2024, 12:03:41 am UTC) from DE — Scanned from US

Summary HTTP 48 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 7 domains to perform 48 HTTP transactions. The main IP is 2607:f8b0:400d:c09::79, located in Morganton, United States and belongs to GOOGLE, US. The main domain is www.rustadpublishing.com.
TLS certificate: Issued by WR3 on October 11th 2024. Valid for: 3 months.

This is the only time www.rustadpublishing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
3	2607:f8b0:400... 2607:f8b0:400d:c09::79	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400d:c0c::5f	15169 (GOOGLE) (GOOGLE)
10	172.217.197.94 172.217.197.94	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c09::71	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::61	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:400d:c00::84	15169 (GOOGLE) (GOOGLE)
6	173.194.175.94 173.194.175.94	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::64	15169 (GOOGLE) (GOOGLE)
1	173.194.207.138 173.194.207.138	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::65	15169 (GOOGLE) (GOOGLE)
1	74.125.192.132 74.125.192.132	15169 (GOOGLE) (GOOGLE)
48	13

1 198.49.23.144 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

rustadpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c09::79 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.rustadpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.197.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c09::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:400d:c00::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 173.194.175.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::64 (Washington, United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.207.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f138.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::65 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.192.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f132.1e100.net

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
15	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 182 lh6.googleusercontent.com — Cisco Umbrella Rank: 849 lh3.googleusercontent.com — Cisco Umbrella Rank: 47 lh4.googleusercontent.com — Cisco Umbrella Rank: 842	2 MB
6	google.com apis.google.com — Cisco Umbrella Rank: 123 play.google.com — Cisco Umbrella Rank: 17 drive.google.com — Cisco Umbrella Rank: 299	117 KB
4	rustadpublishing.com 1 redirects rustadpublishing.com www.rustadpublishing.com	19 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	109 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
48	7

	Domain	Requested by
10	www.gstatic.com	www.rustadpublishing.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com
5	lh6.googleusercontent.com	www.rustadpublishing.com
5	lh5.googleusercontent.com	www.rustadpublishing.com
4	lh3.googleusercontent.com	www.rustadpublishing.com
3	apis.google.com	www.rustadpublishing.com apis.google.com
3	fonts.googleapis.com	www.rustadpublishing.com
3	www.rustadpublishing.com	www.gstatic.com
2	play.google.com	www.gstatic.com
2	www.googletagmanager.com	www.rustadpublishing.com
1	www.google-analytics.com	www.googletagmanager.com
1	drive.google.com	www.gstatic.com
1	lh4.googleusercontent.com	www.rustadpublishing.com
1	rustadpublishing.com	1 redirects
48	14

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.musicnotes.com
www.amazon.com
booksprout.co
www.jwpepper.com

Subject Issuer	Validity	Valid
www.rustadpublishing.com WR3	`2024-10-11` - `2025-01-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.apis.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.rustadpublishing.com/
Frame ID: 87673F3076963652290B4226979A264A
Requests: 43 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: C601085CD68CCD8C387C6ECE5098366C
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__&r=523787904
Frame ID: 3849404383D442C293981C373B53E257
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__&r=710046186
Frame ID: 739265B9D30FD9120C59A2D5350250EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rustad Publishing

Page URL History Show full URLs

https://rustadpublishing.com/ HTTP 301
http://www.rustadpublishing.com/ HTTP 307
https://www.rustadpublishing.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

48
Requests

96 %
HTTPS

62 %
IPv6

7
Domains

14
Subdomains

13
IPs

1
Countries

3044 kB
Transfer

6300 kB
Size

6
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.musicnotes.com%2Fl%2FGctMX&sa=D&sntz=1&usg=AOvVaw2ByJEB8teyfdhppUQJRmOl

Search URL Search Domain Scan URL

URL: https://www.musicnotes.com/l/GctMX
Title: The Sheik of Araby

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.musicnotes.com%2Fmarketplace%2Fsheetmusic%2FMK0002541&sa=D&sntz=1&usg=AOvVaw0Nq7dVW6IIbluFcBq75oXk

Search URL Search Domain Scan URL

URL: https://www.musicnotes.com/marketplace/sheetmusic/MK0002541
Title: [How Little It Matters] How Little We Know

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.musicnotes.com%2Fmarketplace%2Fsheetmusic%2FMK0001853&sa=D&sntz=1&usg=AOvVaw2ElJ-7CJ9ygZbcQe0T0fWA

Search URL Search Domain Scan URL

URL: https://www.musicnotes.com/marketplace/sheetmusic/MK0001853
Title: It's a Small World

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.amazon.com%2FFive-Classical-Works-String-Quartet%2Fdp%2FB09TYL61S6&sa=D&sntz=1&usg=AOvVaw0vYtMNnPGeFlfW5nnl3mqJ

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Five-Classical-Works-String-Quartet/dp/B09TYL61S6
Title: Five Classical Works,

Search URL Search Domain Scan URL

URL: https://booksprout.co/reviewer/review-copy/view/75184/five-classical-works-for-string-quartet-a-book-of-string-quartet-arrangements-for-all-occasions-sc
Title: For String Quarte

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.jwpepper.com%2FPersonent-Hodie-%2528from-Piae-Cantiones%2529%2F11395427.item%23.YnPV19rMK3A&sa=D&sntz=1&usg=AOvVaw3rwindj3-wMFOcCEubGTSe

Search URL Search Domain Scan URL

URL: https://www.jwpepper.com/Personent-Hodie-%28from-Piae-Cantiones%29/11395427.item#.YnPV19rMK3A
Title: Personent Hodie

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.musicnotes.com%2Fsearch%2Fgo%3Fw%3Dcal%2Brustad%26from%3Dheader&sa=D&sntz=1&usg=AOvVaw3QVeCva72t-vbSo-c5MJfj

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.amazon.com%2FFive-Classical-Works-String-Quartet%2Fdp%2FB09TYL61S6%2Fref%3Dsr_1_1%3Fcrid%3DZV3ZFZPF7GR4%26keywords%3Drustad%2Bpublishing%2Bstring%2Bquartet%26qid%3D1651160734%26sprefix%3Drustad%2Bpublishing%2Bstring%2Bquartet%252Caps%252C113%26sr%3D8-1&sa=D&sntz=1&usg=AOvVaw1OKm2Fkuv4GyLakp7laBmP

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.sheetmusicdirect.com%2Fen-US%2FSearch.aspx%3Fquery%3DRustad%2520Publishing%2520%28Digital%29&sa=D&sntz=1&usg=AOvVaw2XpgndQVX_IlAiQ9OM4tup

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.jwpepper.com%2Fsheet-music%2Fsearch.jsp%3FdepartmentDescriptions%3D%26keywords%3Drustad%2Bpublishing%26pageview%3Dlist-view%26brandNames%3DRustad%2520Publishing&sa=D&sntz=1&usg=AOvVaw0ifsqlTb_8k1FBdkpB9iFK

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rustadpublishing.com/ HTTP 301
http://www.rustadpublishing.com/ HTTP 307
https://www.rustadpublishing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rustadpublishing.com/
Redirect Chain

https://rustadpublishing.com/
http://www.rustadpublishing.com/
https://www.rustadpublishing.com/

88 KB
18 KB

608ms
266ms

Document
text/html

2607:f8b0:400d:c09::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::79 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b7e7b1e9d290f9c9ae5681397f35875614edaefd5475e547250e3d34550c6f5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-X5UuWpWM7P49tw-Dv9UFiA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-X5UuWpWM7P49tw-Dv9UFiA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Sat, 12 Oct 2024 00:03:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
reporting-endpoints: default="/web-reports?jobset=prod&bl=editors.sites-viewer-frontend_20241001.02_p0&clss=1&context=eJwNyH9M1GUcB_Bnz30-Jx0JSc4mKg1WusSDg2qeCJzceYisXzubz3c4hHUcedAOO_AQ_gEiwmk413KSy-44UE_hBJnGubnZr62oseWaaatNyGwmNHfBxV21u95_vP55GY6k-dOUCKcr8dpqJV6HG08pYR5QogpWnVAiF5KDSmR8pAQFlVgNFZNKGK8qUQaNXyvhg7lpJaLgmlHiEHzzvRJ3QN1V4k34ckGJH-DjJSXGwJ9QYhzcSSU6YP9aTXjg33WaSF-viaUNmqAcTRx6RhN94LRrohXaoR_W1GtiI7i9muiAkvzbIgn6LbdFDjxZG5XrwHEgKmvA8utfchdsKozJQugzxeQAmLpj0gyPemJyGTqal2UPTJfG5U24XhaXX8HfrrhMwvmjcTkOb3ybkE0w6EjKAHhESvogvj4lxYaUXDqckv-BozMla2DfgNQ54VWdTqfAcV-nq4HDj0qoGwpj22kryMFSMsC1sVL6HLKeL6dseKehnI5CHltoM5RMW8gK0eoKSkDvnxV0DE4OWukMREat9BmUha1kh5MHbXQGnD4bNcNMt41uQVGvjSpATtjIABcmbXQZtn2Kh9AtG01A37yNBsAetdHL4MndST7Y3LSTimE5304pMDfZaQc8-7adjPDu73Z6H8x1ldRVX0n98OHxXTQCIYjA1N4qugEffFJFp-Fe1m6ah67O3dQPv6yopt9go6GaCqB9j5-7YP6AnxfhzpSfZ8HoCvCLsGk4wIVwczHAP8E_8QDLRIBPR4Y4CHJmiA2QTA6xPjXEs1lBfgCPlQd5FZhqg2yGFd5hzoTU4jBffGuEJ2E25yw_gD1XzvL2l86xDdY-HeJcKOkJsRWyr4Y4DxwPL3INXHhllC_DXMMo_wEjFOYx2JofZguUN4e5Eo50hPkEXDkf5uuQGwnzczB-LcxT4HVe4k6Ya7nERZaHvA16a-f5GGiWBa6HHdoCV8G-LxbYCY13l9kHGVq6fg1MZK7UR-Bn70r9Pdj_XYa-536mPuvxtB8T5yL6J2aPn3pPl0173a72vC2uBndbi7e1oNXd5mo1-nAur7HR2-Jpc3ka6opNxS8UmUxFBabiuoOm_wEb8pMd&build-label=editors.sites-viewer-frontend_20241001.02_p0&imp-sid=CPCs063Fh4kDFdxMqwIdI0I2TA&is-cached-offline=false"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

Location: https://www.rustadpublishing.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 384ms
130ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7COpen%20Sans%3A400%2C400italic%2C700%2C700italic&display=swap

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f17d4472d648b8bdded27a9316a32a03ac0ff4da24c15abcd9ebc52f3828f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 00:03:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 00:03:35 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 11 Oct 2024 23:51:54 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 388ms
135ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

510b4c83be4f15e9a66da3c33c162439cbf4ea0a5917e8964eb7284e5c4eefd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 00:03:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 00:03:35 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 11 Oct 2024 22:05:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 381ms
129ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair%20Display%3Ai%2Cbi%2C700%2C400&display=swap

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9a07ec4e8fb42e8b71fe8cb90d7f80f340b4350c80e58dd280eb6f41d5f2d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 00:03:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 00:03:35 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 11 Oct 2024 23:05:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 rs=AGEqA5lskP_m6iPHzP8vx2yk_Ccy01pv3g
www.gstatic.com/_/atari/_/ss/k=atari.vw.TuaDrJaWZZ8.L.W.O/am=wGAAAg/d=1/ 1 MB
163 KB 255ms
127ms Stylesheet
text/css 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.TuaDrJaWZZ8.L.W.O/am=wGAAAg/d=1/rs=AGEqA5lskP_m6iPHzP8vx2yk_Ccy01pv3g

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

0bd5116d2ffdb38b9f3b1b9f66b4bb3f8d5b2f3973b932aa9f87f3817bfc2339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 144030
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 08:03:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 08:03:05 GMT
last-modified: Mon, 30 Sep 2024 23:10:09 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 167345
x-xss-protection: 0
server: sffe

GET
H2 200 client.js Show response
apis.google.com/js/ 14 KB
6 KB 376ms
124ms Script
text/javascript 2607:f8b0:400d:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5c8edd8446263fe987bd729607ac983c70ec28115e8f3f7c3f00c8f9d6600a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
etag: "33da456837f2e04d"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 00:03:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 00:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="gapi-team"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5819
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
109 KB 395ms
143ms Script
application/javascript 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JC1KZ1M43H

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56e7f4140071e50d35f3efdc67054b09334d9067e73b65554befd659c1feb63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 12 Oct 2024 00:03:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 00:03:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110862
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 epDYwpw1ZdD_4RVspCDdKDL2iDHdMDpSfqk4QMJ8btRyCrwqlgpz9zcHCK3E3stPAExFkUUlzLUb8SnM2Q2xDOhx6IPFhtozVWafSXt6YiLvYmDFDbEvG7Eg9de7_qre=w1280
lh5.googleusercontent.com/ 210 KB
210 KB 964ms
712ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/epDYwpw1ZdD_4RVspCDdKDL2iDHdMDpSfqk4QMJ8btRyCrwqlgpz9zcHCK3E3stPAExFkUUlzLUb8SnM2Q2xDOhx6IPFhtozVWafSXt6YiLvYmDFDbEvG7Eg9de7_qre=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c81884d7068f7a9bd169ad2cd596b81e9483836b850279cfe51c253bd6a0c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215237
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="New Website Banner.png"

GET
H2 200 3dCRxO42fMnPs72iDFUtZW7WNzpD9snSxxhlbAGgUvF_LU7pkVBJIdMIBJLTHzJX0lv0OFxviacz01AQ3nuVvE4=w1280
lh5.googleusercontent.com/ 130 KB
131 KB 634ms
383ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/3dCRxO42fMnPs72iDFUtZW7WNzpD9snSxxhlbAGgUvF_LU7pkVBJIdMIBJLTHzJX0lv0OFxviacz01AQ3nuVvE4=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

52ffca7894a38596741b20bf624dc6d73f1f8ea0589bf8e8947ae35023dad8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133377
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="MAMMAMIA.jpg"

GET
H2 200 j4DhNRlktQnvNgkL5t6IxoAUPY2j7PQfldy_V6364gyuZPnOFUEvtgkI0DZ_O_x4ZjgILU6skY52lb7Cw9qVBtMHn0mwoLflWMdrzN-7ytlRJOnb--nYFysc3AWuuKDsdw=w1280
lh6.googleusercontent.com/ 39 KB
39 KB 799ms
793ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/j4DhNRlktQnvNgkL5t6IxoAUPY2j7PQfldy_V6364gyuZPnOFUEvtgkI0DZ_O_x4ZjgILU6skY52lb7Cw9qVBtMHn0mwoLflWMdrzN-7ytlRJOnb--nYFysc3AWuuKDsdw=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1b56ae58b5934a55eafcf0ab656f1d0a39049df13368077c6b4f51aa29470bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40215
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="Pages from Bound V2.png"

GET
H2 200 Z0V0YJ36pSJrDwX2y4P-gBJYFf2-l5GQRIzPf_bQsmOnXPjwtD2J47TH7FBH2Ja3O4aPHiqeMmC-Li6q-sCvZwpBSlAXiOvt-bbBlGoDf6KM2ZS8OE25rqaNV6z_NZBvfw=w1280
lh3.googleusercontent.com/ 146 KB
146 KB 791ms
785ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Z0V0YJ36pSJrDwX2y4P-gBJYFf2-l5GQRIzPf_bQsmOnXPjwtD2J47TH7FBH2Ja3O4aPHiqeMmC-Li6q-sCvZwpBSlAXiOvt-bbBlGoDf6KM2ZS8OE25rqaNV6z_NZBvfw=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

527a8e956c43f43d6a5ebf6ab9fe333cf70ebba5e1e71461178ccab69aa9f19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149257
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="writing-music-guitar-pattern-line-piano-musical-instrument-sheet-music-close-up-font-classical-sketch-drawing-design-text-handwriting-shape-score-classical-music-piano-score-984342.jpg"

GET
H2 200 shD6Gq8sV8eDNTg1M8_pzO9cof2vi4KO-XIqV3xhhYWHn2I1KkW0x-LkhKxaocoR8A2mGKVfTE4v5Ij3CZ0BOQCrO5hxQ6vVyGSRZUUt_7DScsiGN6vLYLem0KbaW2bdsQ=w1280
lh6.googleusercontent.com/ 198 KB
198 KB 710ms
705ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/shD6Gq8sV8eDNTg1M8_pzO9cof2vi4KO-XIqV3xhhYWHn2I1KkW0x-LkhKxaocoR8A2mGKVfTE4v5Ij3CZ0BOQCrO5hxQ6vVyGSRZUUt_7DScsiGN6vLYLem0KbaW2bdsQ=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e58d20724a222f1ebc5c7346247786566bbead4eedc4372197380d9c59b00ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202415
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="The Sheik of Araby 3-3-2022_Page_01.jpg"

GET
H2 200 LQBFheVK-A9q1Hj1wpj6JJ64wlH7IrWirRsv7y_TafGNqGHb0Swa50ohk1-0iqD-eFsUsN-NVtFIy_1LHelA4r71eXXRFbZOczkuMHfbS0ezb7Oox1QF_IF1gNUYwDmzjQ=w1280
lh5.googleusercontent.com/ 206 KB
207 KB 668ms
664ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/LQBFheVK-A9q1Hj1wpj6JJ64wlH7IrWirRsv7y_TafGNqGHb0Swa50ohk1-0iqD-eFsUsN-NVtFIy_1LHelA4r71eXXRFbZOczkuMHfbS0ezb7Oox1QF_IF1gNUYwDmzjQ=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

342c5303df18c79b3352e432c2f3b1dfaf02d1c6dce9664a98dd5a72e9a45d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211309
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="How Little We Know - JB_Page_01.jpg"

GET
H2 200 mQ-sGyDivygFoDJ8w5xdxAmM1jixWxY0o8n5eWbtNGyrfMrIM7WBkunOAhWisjapdQeADK-KSdT8rRGJhEdNUNKRgvcF_XQfK2QDQJ7VDOLBFlR9DXSP9705PaTJWeIQTQ=w1280
lh5.googleusercontent.com/ 81 KB
81 KB 803ms
800ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/mQ-sGyDivygFoDJ8w5xdxAmM1jixWxY0o8n5eWbtNGyrfMrIM7WBkunOAhWisjapdQeADK-KSdT8rRGJhEdNUNKRgvcF_XQfK2QDQJ7VDOLBFlR9DXSP9705PaTJWeIQTQ=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51c84fafb7ec0a3769a0cc6a5def2122425c714a2beebc53567baef87f3d72a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82472
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="It's a Small World_Page_01.jpg"

GET
H2 200 rBO3jsjbu-zfAEAcIBBHC9rBKeOpXrY77IVIMniWzc3ERUVhqPJqL5XLYv7QbN8eiPWx9XbOYQPWO3pZQjwrXiqOysIdRLORj14KEffKNrmqI1e6E3ZfG4EpEJj5YfHWFQ=w1280
lh3.googleusercontent.com/ 501 KB
501 KB 697ms
693ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rBO3jsjbu-zfAEAcIBBHC9rBKeOpXrY77IVIMniWzc3ERUVhqPJqL5XLYv7QbN8eiPWx9XbOYQPWO3pZQjwrXiqOysIdRLORj14KEffKNrmqI1e6E3ZfG4EpEJj5YfHWFQ=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d104f005f405000f55bf2556b580db23acf6d751cb62db0877f8c57e8facd32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 512689
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="Front Cover.jpg"

GET
H2 200 LzythikXyOc55MMmlL9QsdGC0UdlRNeo4CPRzTdsJxMQKIpsNwp3yehxQi8jeNfQlxtuTrfM3Z_yPyb7_pQjUEG5DGM0nJ_a3tcTcxAwKFMBjPDhA0pJ1_qDQb6ZjIv7EQ=w1280
lh6.googleusercontent.com/ 29 KB
29 KB 649ms
645ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/LzythikXyOc55MMmlL9QsdGC0UdlRNeo4CPRzTdsJxMQKIpsNwp3yehxQi8jeNfQlxtuTrfM3Z_yPyb7_pQjUEG5DGM0nJ_a3tcTcxAwKFMBjPDhA0pJ1_qDQb6ZjIv7EQ=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f0861e8a3f39121028470f10d8f8cbfb17c2ce9027f4229fcd46ff33cd18162a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29361
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="personent.jpg"

GET
H2 200 wf3OKcJgCwpXqPY0Kn0g_fSEyLl7aIKoU25V2trdx4p8dE_FzbfSKp0fzMG8Z217ekz5IGZFXJqDFf4miXrT4n_nzGM7FrhbwwBBzIAPjm4pfju-4rporNxp2Rr_cYnHYw=w1280
lh3.googleusercontent.com/ 17 KB
17 KB 884ms
881ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/wf3OKcJgCwpXqPY0Kn0g_fSEyLl7aIKoU25V2trdx4p8dE_FzbfSKp0fzMG8Z217ekz5IGZFXJqDFf4miXrT4n_nzGM7FrhbwwBBzIAPjm4pfju-4rporNxp2Rr_cYnHYw=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a0b23b3e8de62d2c29b287aba5f5f94b58af5f8b1e47f0fe5bbd7a08e869ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17746
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="LOGO B2 .png"

GET
H2 200 3dOwiJ_gKCimlTb549iTIlpDBbCxpRYGvujGGRIBBFKzRVgcAhhr29rJEBWs4lpPc4S_8a2lRaQhYS4XLbtlXjSfiiw-BVdcS9k-oXUjiyg8zHwz7_eL6aW2GFwBCpcF1A=w1280
lh6.googleusercontent.com/ 16 KB
16 KB 886ms
883ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/3dOwiJ_gKCimlTb549iTIlpDBbCxpRYGvujGGRIBBFKzRVgcAhhr29rJEBWs4lpPc4S_8a2lRaQhYS4XLbtlXjSfiiw-BVdcS9k-oXUjiyg8zHwz7_eL6aW2GFwBCpcF1A=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b7ea458e8ab15c8dd9626d301c4df3913e7f8bf7716c22c130319d0637fdd338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16030
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="image.png"

GET
H2 200 Xf3UcDJoQO0dgm_1vini_bFrUaFswsCjL4v8mjG7Xk_NuWkRbyEMFkeLYr5HoQKUcOX20lDB4xNW3Toeifl0QWk=w1280
lh4.googleusercontent.com/ 10 KB
10 KB 596ms
595ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/Xf3UcDJoQO0dgm_1vini_bFrUaFswsCjL4v8mjG7Xk_NuWkRbyEMFkeLYr5HoQKUcOX20lDB4xNW3Toeifl0QWk=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c98a1ea603d68e2d866fde9219569da34b8aac48faf2ae7663eb005bd6376c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9892
date: Sat, 12 Oct 2024 00:03:35 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="image.png"

GET
H2 200 CQQXRiAgeR1DgrK786qMJrxssx-7reP4XdgsfE0xmCv_WqFJ3kihpyYhY9WJOe1qCPsrCmQd6RYNaol4nCyrihe9oD5cXDR4n3seONvBNmWZWgQzcxAJSvW7RygB48wv6A=w1280
lh3.googleusercontent.com/ 12 KB
12 KB 647ms
644ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/CQQXRiAgeR1DgrK786qMJrxssx-7reP4XdgsfE0xmCv_WqFJ3kihpyYhY9WJOe1qCPsrCmQd6RYNaol4nCyrihe9oD5cXDR4n3seONvBNmWZWgQzcxAJSvW7RygB48wv6A=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cfed40c09e886b2667ef25c38615e37aca8fd732152ffcb27e750a11bf4602c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:36 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12073
date: Sat, 12 Oct 2024 00:03:36 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="image.png"

GET
H2 200 Y73sLcp26tj_Zc6v0MTtcJ5wGIX7-ssd3_s0fil7Ba9iDETcl8vLk3LJK0N43I_huIv_acuqm3BIDOK4bKgBBjc=w1280
lh6.googleusercontent.com/ 12 KB
13 KB 648ms
646ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/Y73sLcp26tj_Zc6v0MTtcJ5wGIX7-ssd3_s0fil7Ba9iDETcl8vLk3LJK0N43I_huIv_acuqm3BIDOK4bKgBBjc=w1280

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dac13088be5d6efcf9a848b26ed1eb7cbacea1d9e607cf48b2a30118939d61f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:36 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12768
date: Sat, 12 Oct 2024 00:03:36 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="image.png"

GET
H3 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/ 659 KB
221 KB 128ms
124ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Requested by

Host: www.rustadpublishing.com
URL: https://www.rustadpublishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

fe25ce82dea56319d078140b1c3b41e024f9a7025dcbe7763d953cb2ee5b9552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 144030
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 08:03:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 08:03:05 GMT
last-modified: Tue, 01 Oct 2024 11:12:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 226600
x-xss-protection: 0
server: sffe

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/ 322 KB
110 KB 123ms
121ms Script
text/javascript 2607:f8b0:400d:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2988a5ff3b3292953842f0d5edc881a0bf234183c8d922459837956eb068c6dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 79678
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 01:55:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 01:55:37 GMT
last-modified: Mon, 07 Oct 2024 18:50:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112537
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 253ms
124ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.rustadpublishing.com
Referer: https://fonts.googleapis.com/

Response headers

age: 280798
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 18:03:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 18:03:37 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ 33 KB
33 KB 342ms
214ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.rustadpublishing.com
Referer: https://fonts.googleapis.com/

Response headers

age: 276305
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 19:18:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 19:18:30 GMT
last-modified: Mon, 12 Aug 2024 17:14:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34184
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 472ms
343ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7COpen%20Sans%3A400%2C400italic%2C700%2C700italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.rustadpublishing.com
Referer: https://fonts.googleapis.com/

Response headers

age: 330244
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 04:19:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 04:19:31 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 433ms
304ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7COpen%20Sans%3A400%2C400italic%2C700%2C700italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.rustadpublishing.com
Referer: https://fonts.googleapis.com/

Response headers

age: 327366
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 05:07:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 05:07:29 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 260ms
169ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3Ai%2Cbi%2C700%2C400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.rustadpublishing.com
Referer: https://fonts.googleapis.com/

Response headers

age: 259612
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 23:56:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 23:56:43 GMT
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38372
x-xss-protection: 0
server: sffe

GET
H3 200 nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 38 KB
38 KB 349ms
258ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3Ai%2Cbi%2C700%2C400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

89f75febfd1be53d2b7186e4a5fe27716e4c2d7814400bb108de6fa5c01e5610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.rustadpublishing.com
Referer: https://fonts.googleapis.com/

Response headers

age: 240839
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 05:09:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 05:09:36 GMT
last-modified: Wed, 31 Jan 2024 23:13:04 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38748
x-xss-protection: 0
server: sffe

GET
H3 200 m=sy1i,sy1k,sy1l,sy1j,FoQBg Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/ 37 KB
12 KB 124ms
124ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=sy1i,sy1k,sy1l,sy1j,FoQBg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

968164fbb1e505b1dd62fa770a0ff4b127f0c188e0e0253f108b0665c7ff2e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 144030
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 08:03:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 08:03:05 GMT
last-modified: Tue, 01 Oct 2024 11:12:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 12703
x-xss-protection: 0
server: sffe

GET
H3 200 m=sy36,TRvtze Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/ 844 B
519 B 123ms
123ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=sy36,TRvtze

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

0ba3cd81055684d4f20b4cc2e9f32ece0201c7ce0829ded5506a326dba214a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 144030
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 08:03:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 08:03:05 GMT
last-modified: Tue, 01 Oct 2024 11:12:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 493
x-xss-protection: 0
server: sffe

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy15,X85Uvc,sy37,abQiW,W26a5e,hJUyqe,sy17,sy19,sy1c,sy1e,sy18,sy1a,sy1b,sy1d,fuVYe,sy11,PVlQOd,NPKaK,sy7,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy16,qkPXAf,qEW... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/ 1 MB
443 KB 125ms
124ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy15,X85Uvc,sy37,abQiW,W26a5e,hJUyqe,sy17,sy19,sy1c,sy1e,sy18,sy1a,sy1b,sy1d,fuVYe,sy11,PVlQOd,NPKaK,sy7,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy16,qkPXAf,qEW1W,oNFsLb,sy43,yxTchf,sy44,sy45,xQtZb,yf2Bs,sy3,sya,yyxWAc,qddgKe,sy39,SM1lmd,sy9,sy8,sy12,RRzQxe,zZvHmd,sy2,syl,sym,syc,sy2h,sy4,syb,fNFZH,sy38,syn,RrXLpc,cgRV2c,sy14,sy22,o1L5Wb,X4BaPc,syg,Md9ENb,sy1o,sy1p,sy1q,syr,sy1n,Ko0sOe,sy10,sy1t,sy1w,syp,sy13,sy1f,sy1g,NlqxW,sy1r,sy1v,sy1x,sy1z,sy20,sy1u,sy21,sy25,sys,sy1s,sy23,sy28,sy2a,sy2d,sy2e,sy2f,sy2g,sy26,sy29,sy24,sy2k,sy2r,sy1y,sy2b,syq,sy27,sy2i,sy2j,sy2o,sy2p,sy2q,sy2s,syy,sy2t,sy1m,G5ZZUb,sy2c,zmwrxd,sy2l,sy2m,sy2n,oy3iwb,dBhIIb,sy2u,sy2v,Fodr0b,Yr1Pcb,LUQjOd,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,heobjb,R4KMEc,KlrXId,t1DRgd,sy2w,sy2x,sy2y,sy2z,UYjpC,vVEdxc,sy5,VYKRW,sy1h,CG0Qwb,RZ9OZ,N0NZx,szRU7e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

f5dc4da48beccd5853ed48289f6706688515f69dc4abb8e0d31b3f7451acdd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 138223
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 09:39:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 09:39:52 GMT
last-modified: Tue, 01 Oct 2024 11:12:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 453224
x-xss-protection: 0
server: sffe

GET
H3 200 m=sy32,IZT63,vfuNJf,sy3r,sy3v,sy3x,sy48,sy46,sy47,siKnQd,sy3p,sy3w,sy3y,sy33,YNjGDd,sy3z,PrPYRd,iFQyKf,hc6Ubd,sy49,SpsfSb,sy3s,sy3u,wR5FRb,pXdRYb,dIoSBb,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/ 30 KB
11 KB 131ms
131ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=sy32,IZT63,vfuNJf,sy3r,sy3v,sy3x,sy48,sy46,sy47,siKnQd,sy3p,sy3w,sy3y,sy33,YNjGDd,sy3z,PrPYRd,iFQyKf,hc6Ubd,sy49,SpsfSb,sy3s,sy3u,wR5FRb,pXdRYb,dIoSBb,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

59b067e22bf25da04a4db48d732caa60ff506db97c1dbe30fc6be4119ae61dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 51489
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 09:45:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 09:45:26 GMT
last-modified: Tue, 01 Oct 2024 11:12:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 10927
x-xss-protection: 0
server: sffe

GET
H3 200 m=NTMZac,m9oV,rCcCxc,RAnnUd,syz,sy31,gJzDyc,sy3a,uu7UOe,sy3b,soHxf,sy3c,uY3Nvd,syw,syv,HYv29e Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/ 82 KB
27 KB 130ms
130ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=NTMZac,m9oV,rCcCxc,RAnnUd,syz,sy31,gJzDyc,sy3a,uu7UOe,sy3b,soHxf,sy3c,uY3Nvd,syw,syv,HYv29e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

efa650cdb50e6e0d036d4438b05460435cf89d16f389acb638a68e151815d90c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 53651
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 09:09:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 09:09:24 GMT
last-modified: Tue, 01 Oct 2024 11:12:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
content-length: 27268
x-xss-protection: 0
server: sffe

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 379ms
132ms Preflight
text/plain 2607:f8b0:4004:c1f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.rustadpublishing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 12 Oct 2024 00:03:36 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.rustadpublishing.com/_/view/ 16 B
221 B 150ms
146ms XHR
application/json 2607:f8b0:400d:c09::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rustadpublishing.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::79 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://www.rustadpublishing.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: same-site
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Oct 2024 00:03:36 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 120 KB
39 KB 123ms
122ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=0/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy15,X85Uvc,sy37,abQiW,W26a5e,hJUyqe,sy17,sy19,sy1c,sy1e,sy18,sy1a,sy1b,sy1d,fuVYe,sy11,PVlQOd,NPKaK,sy7,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy16,qkPXAf,qEW1W,oNFsLb,sy43,yxTchf,sy44,sy45,xQtZb,yf2Bs,sy3,sya,yyxWAc,qddgKe,sy39,SM1lmd,sy9,sy8,sy12,RRzQxe,zZvHmd,sy2,syl,sym,syc,sy2h,sy4,syb,fNFZH,sy38,syn,RrXLpc,cgRV2c,sy14,sy22,o1L5Wb,X4BaPc,syg,Md9ENb,sy1o,sy1p,sy1q,syr,sy1n,Ko0sOe,sy10,sy1t,sy1w,syp,sy13,sy1f,sy1g,NlqxW,sy1r,sy1v,sy1x,sy1z,sy20,sy1u,sy21,sy25,sys,sy1s,sy23,sy28,sy2a,sy2d,sy2e,sy2f,sy2g,sy26,sy29,sy24,sy2k,sy2r,sy1y,sy2b,syq,sy27,sy2i,sy2j,sy2o,sy2p,sy2q,sy2s,syy,sy2t,sy1m,G5ZZUb,sy2c,zmwrxd,sy2l,sy2m,sy2n,oy3iwb,dBhIIb,sy2u,sy2v,Fodr0b,Yr1Pcb,LUQjOd,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,heobjb,R4KMEc,KlrXId,t1DRgd,sy2w,sy2x,sy2y,sy2z,UYjpC,vVEdxc,sy5,VYKRW,sy1h,CG0Qwb,RZ9OZ,N0NZx,szRU7e

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

94bf15959c201be7ce4ee345ae3cce61de0f85426cfab1ff596148c834d1c747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 236
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 00:49:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 23:59:40 GMT
last-modified: Thu, 10 Oct 2024 15:11:31 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=3000
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
accept-ranges: bytes
content-length: 39703
x-xss-protection: 0
server: sffe

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/ 261 B
207 B 122ms
121ms Script
text/javascript 173.194.207.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f138.1e100.net

Software

sffe /

Resource Hash

1d47a66ccdfc86a81a213a021dfebb52b8b1e45da9c8a8e006b0dc903713b7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

content-encoding: gzip
age: 79836
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 01:53:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 01:53:00 GMT
last-modified: Mon, 07 Oct 2024 18:50:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 180
x-xss-protection: 0
server: sffe

GET
H2 200 auth_warmup
drive.google.com/ Frame C601 0
0 383ms
134ms Document
text/html 2607:f8b0:400d:c0b::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/auth_warmup

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UlzLb2QNFmrfN2mtb39_jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rustadpublishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-UlzLb2QNFmrfN2mtb39_jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 12 Oct 2024 00:03:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HDd-LtvBJtDxrGkOk5JqUn5hfEpRZllqRklJQWJBZnFqUVlqUbyRgZGJoYGBsZ6BUXyBAQAFMBac"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 368ms
123ms Fetch
text/plain 2607:f8b0:400d:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JC1KZ1M43H&gtm=45je4a90v886205165za200&_p=1728691415491&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101671035~101686685&gdid=dZWRiYj&cid=1616232286.1728691416&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728691416&sct=1&seg=0&dl=https%3A%2F%2Fwww.rustadpublishing.com%2F&dt=Rustad%20Publishing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2559
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JC1KZ1M43H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.rustadpublishing.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 00:03:36 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 3849 0
0 244ms
124ms Document
text/html 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__&r=523787904

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rustadpublishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 00:03:36 GMT
expires: Sun, 12 Oct 2025 00:03:36 GMT
last-modified: Tue, 12 Dec 2023 13:42:01 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 7392 0
0 243ms
125ms Document
text/html 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rustadpublishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 00:03:36 GMT
expires: Sun, 12 Oct 2025 00:03:36 GMT
last-modified: Tue, 12 Dec 2023 13:42:01 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 125ms
123ms Image
text/html 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1368734484&rv=4a90&tag_exp=101529665~101671035~101686685&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&gtm=45je4a90v886205165za200&ccid=86205165&cid=G-JC1KZ1M43H&l=L1689.S8.Y97.B33.E362.I2091.EC6.TC16.HTC0~gtm.init.S0.V0.E43.TS5ogt1pdatav2.TI4.TE1.TS5ccdgalast.TI6.TE0.TS5ccdautoredact.TI7.TE0.TS5ogteventcreate.TI8.TE0.TS5ccdconversionmarking.TI9.TE0.TS5ccdemvideo.TI10.TE0.TS5ccdemsitesearch.TI11.TE0.TS5ccdemscroll.TI12.TE0.TS5ccdempageview.TI13.TE0.TS5ccdemoutboundclick.TI14.TE0.TS5ccdemdownload.TI15.TE1.TS5ccdgaregscope.TI16.TE1.TS5ccdgaadslink.TI17.TE0.TS5setproductsettings.TI18.TE0.TS5ccdgafirst.TI19.TE0~gtm.js.S0.V0.E31.TS5gct.TI1.TE0~*~gtm.dom.S0.V0.E5~gtm.load.S0.V0.E2~gtm.init_consent.S2.V1.E41~GA870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sat, 12 Oct 2024 00:03:36 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 pRMCdOOdl8oIBDnrPUnECnn6-jUBnHH8L-zW61GeXblJeCqQ4RSVX9y8Xk3qF1r-ejD0mP8kd2uNDis0UDpvEj-5pa-Hk5UG47jBvE8akowcIFqF
lh5.googleusercontent.com/ 62 KB
62 KB 1070ms
1069ms Other
image/png 74.125.192.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh5.googleusercontent.com/pRMCdOOdl8oIBDnrPUnECnn6-jUBnHH8L-zW61GeXblJeCqQ4RSVX9y8Xk3qF1r-ejD0mP8kd2uNDis0UDpvEj-5pa-Hk5UG47jBvE8akowcIFqF

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.192.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f132.1e100.net

Software

fife /

Resource Hash

d68ee952de88890a4650ee8215131d71ab20035ed8a52d761f4e8763b501a979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.rustadpublishing.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 00:03:37 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63694
date: Sat, 12 Oct 2024 00:03:37 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="Book Logo Blue-03-03.png"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 137ms
136ms Preflight
text/plain 2607:f8b0:4004:c1f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.rustadpublishing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 12 Oct 2024 00:03:39 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.rustadpublishing.com/_/view/ 16 B
117 B 266ms
263ms XHR
application/json 2607:f8b0:400d:c09::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rustadpublishing.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.k68k26k3feA.O/am=wGAAAg/d=1/rs=AGEqA5n6FCsexjUaOUZD8yS7yATiNwxbFA/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::79 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://www.rustadpublishing.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: same-site
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Oct 2024 00:03:39 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rustadpublishing.com/	1969-12-31 23:59:59	Name: crumb Value: BdtvDZEhu3neOGUxYmZlOTE4OGNhMTFkNDkwNjlmZGI0YjM3NDZi
.rustadpublishing.com/	1970-01-21 09:47:31	Name: _ga_JC1KZ1M43H Value: GS1.1.1728691416.1.0.1728691416.0.0.0
.rustadpublishing.com/	1970-01-21 09:47:31	Name: _ga Value: GA1.1.1616232286.1728691416
.google.com/	1970-01-21 04:35:02	Name: NID Value: 518=1ggKjtazfREw9m0Ee4P34CoCy85xOGZ9utlC40sWmz1rZvMNrHGaC-wmUQ6Z7JfSYC5AnCnbK7bpAtRIHfYl63wBH3IDYVIpEP7hQyVh2D8u6dZb-NdFoyPpooJiCAl_VBKJYd5qa2MXASravQ_7k6o8RReoEL1E-3Dw9--ZknMWryZ7z70
.spotify.com/	1970-01-21 08:57:07	Name: sp_t Value: 86c8fb7f88b4c8aef1d2514464234f38
.spotify.com/	1970-01-21 00:12:57	Name: sp_landing Value: https%3A%2F%2F441358625-atari-embeds.googleusercontent.com%2F%3Fsp_cid%3D86c8fb7f88b4c8aef1d2514464234f38%26device%3Ddesktop

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://www.rustadpublishing.com/ Message: Access to fetch at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.rustadpublishing.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.rustadpublishing.com/ Message: Access to fetch at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.rustadpublishing.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-X5UuWpWM7P49tw-Dv9UFiA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
play.google.com
rustadpublishing.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.rustadpublishing.com
play.google.com
172.217.197.94
173.194.175.94
173.194.207.138
198.49.23.144
2607:f8b0:4004:c1f::64
2607:f8b0:400d:c00::84
2607:f8b0:400d:c09::71
2607:f8b0:400d:c09::79
2607:f8b0:400d:c0b::65
2607:f8b0:400d:c0b::66
2607:f8b0:400d:c0c::5f
2607:f8b0:400d:c0d::61
74.125.192.132
0ba3cd81055684d4f20b4cc2e9f32ece0201c7ce0829ded5506a326dba214a80
0bd5116d2ffdb38b9f3b1b9f66b4bb3f8d5b2f3973b932aa9f87f3817bfc2339
1a0b23b3e8de62d2c29b287aba5f5f94b58af5f8b1e47f0fe5bbd7a08e869ce6
1b56ae58b5934a55eafcf0ab656f1d0a39049df13368077c6b4f51aa29470bcf
1d47a66ccdfc86a81a213a021dfebb52b8b1e45da9c8a8e006b0dc903713b7dd
2988a5ff3b3292953842f0d5edc881a0bf234183c8d922459837956eb068c6dd
342c5303df18c79b3352e432c2f3b1dfaf02d1c6dce9664a98dd5a72e9a45d53
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
510b4c83be4f15e9a66da3c33c162439cbf4ea0a5917e8964eb7284e5c4eefd2
51c84fafb7ec0a3769a0cc6a5def2122425c714a2beebc53567baef87f3d72a4
527a8e956c43f43d6a5ebf6ab9fe333cf70ebba5e1e71461178ccab69aa9f19a
52ffca7894a38596741b20bf624dc6d73f1f8ea0589bf8e8947ae35023dad8ab
56e7f4140071e50d35f3efdc67054b09334d9067e73b65554befd659c1feb63e
59b067e22bf25da04a4db48d732caa60ff506db97c1dbe30fc6be4119ae61dcb
6c81884d7068f7a9bd169ad2cd596b81e9483836b850279cfe51c253bd6a0c6c
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89f75febfd1be53d2b7186e4a5fe27716e4c2d7814400bb108de6fa5c01e5610
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
8f17d4472d648b8bdded27a9316a32a03ac0ff4da24c15abcd9ebc52f3828f49
8f5c8edd8446263fe987bd729607ac983c70ec28115e8f3f7c3f00c8f9d6600a
94bf15959c201be7ce4ee345ae3cce61de0f85426cfab1ff596148c834d1c747
968164fbb1e505b1dd62fa770a0ff4b127f0c188e0e0253f108b0665c7ff2e13
9b7e7b1e9d290f9c9ae5681397f35875614edaefd5475e547250e3d34550c6f5
b7ea458e8ab15c8dd9626d301c4df3913e7f8bf7716c22c130319d0637fdd338
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c98a1ea603d68e2d866fde9219569da34b8aac48faf2ae7663eb005bd6376c7d
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cfed40c09e886b2667ef25c38615e37aca8fd732152ffcb27e750a11bf4602c4
d104f005f405000f55bf2556b580db23acf6d751cb62db0877f8c57e8facd32e
d68ee952de88890a4650ee8215131d71ab20035ed8a52d761f4e8763b501a979
dac13088be5d6efcf9a848b26ed1eb7cbacea1d9e607cf48b2a30118939d61f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
e58d20724a222f1ebc5c7346247786566bbead4eedc4372197380d9c59b00ed4
e9a07ec4e8fb42e8b71fe8cb90d7f80f340b4350c80e58dd280eb6f41d5f2d99
efa650cdb50e6e0d036d4438b05460435cf89d16f389acb638a68e151815d90c
f0861e8a3f39121028470f10d8f8cbfb17c2ce9027f4229fcd46ff33cd18162a
f5dc4da48beccd5853ed48289f6706688515f69dc4abb8e0d31b3f7451acdd15
fe25ce82dea56319d078140b1c3b41e024f9a7025dcbe7763d953cb2ee5b9552

www.rustadpublishing.com Open in urlscan Pro 2607:f8b0:400d:c09::79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

62 %IPv6

7 Domains

14 Subdomains

13 IPs

1 Countries

3044 kBTransfer

6300 kBSize

6 Cookies

15 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rustadpublishing.com Open in urlscan Pro
2607:f8b0:400d:c09::79 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

62 %
IPv6

7
Domains

14
Subdomains

13
IPs

1
Countries

3044 kB
Transfer

6300 kB
Size

6
Cookies

48 HTTP transactions
0 data transactions