Report - www.paintingwithatwist.com/tempe

Report Overview

Submitted URL
www.paintingwithatwist.com/tempe
IP
23.253.135.119
ASN
#27357 RACKSPACE
Submitted
2023-01-04 23:24:39
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
status.geotrust.com	3662	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	666 B	93.184.220.29
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.8 kB	172.217.21.162
px.mountain.com	11897	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	3.7 kB	52.37.218.4
gs.mountain.com	17855	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	731 B	35.81.162.201
diffuser-cdn.app-us1.com	8451	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	599 B	104.17.145.91
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.76.226
www.paintingwithatwist.com	436506	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	591 kB	23.253.135.119
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	859 B	10 kB	142.250.74.106
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	29 kB	157.240.200.14
44.228.85.26	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	435 B	44.228.85.26
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	173 kB	157.240.200.35
insight.adsrvr.org	631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	262 B	35.71.131.137
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.255.30
10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com	793020	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	23 kB	2.18.172.211
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	573 B	216.239.34.36
match.adsrvr.org	349	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	352 B	35.71.131.137
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	12 kB	142.250.74.131
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.36
trackcmp.net	8111	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	487 B	172.64.145.151
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	722 B	90 kB	104.18.21.226
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	96 kB	104.17.24.14
14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com	573762	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	175 kB	2.18.172.211
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	161 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	68 kB	34.120.237.76
dx.mountain.com	12081	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	487 B	4.2 kB	35.83.209.52
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	628 B	718 B	142.251.1.156
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.5 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	80 kB	142.250.74.168
6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com	693807	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	923 B	95 kB	2.18.172.211
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.8 kB	93.184.220.29
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	21 kB	142.250.74.110
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.5 kB	142.250.74.132
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
prism.app-us1.com	8479	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	467 B	104.17.145.91

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-04	medium	44.228.85.26	Sinkholed

JavaScript (39)

	URL	Size	First Seen	Last Seen
	www.paintingwithatwist.com/studio/tempe	131 B	2023-03-12	2023-03-12
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 13215353a8bd10bd39edac7853052da3 64f44001f29609fee18c8f023e032886b11ad56a ab436cb8cfb41df464c255beecce981ecf3746d9c5a650a7957c00938a6260e5 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 5f8197d02dbe2d39ff78bd05d4232e53 e20c9dc251e884734bda129c799b5856b4b58bf4 2c4dee94a41a2fc6769c2bc0b94b5b3393120aedc7ab0018dc5768f04f0f35b7 Loading...

	www.paintingwithatwist.com/studio/tempe	163 B	2023-03-12	2023-03-12
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash f2445cfb1a70977249d3641dd4792e32 1c2d99f0446e78c50d270b130724ebf0d8b2e7fb 219ba9ebf92ff3338d0840beded0645bc1a870f87b6dcbd228ffc661a4240050 Loading...

	diffuser-cdn.app-us1.com/diffuser/diffuser.js	24 kB	2023-03-07	2023-04-05
Pretty URL diffuser-cdn.app-us1.com/diffuser/diffuser.js IP 104.17.145.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-04-05 02:07:52 Times Seen69 Hash 4d482a43613d3966f353ec9d97452e0c 4acc9cf492267ab6d351fb11246431bd7d6e6387 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Loading...

	www.paintingwithatwist.com/assets/js/numscroller-1.0.js	3.7 kB	2023-03-07	2024-02-07
Pretty URL www.paintingwithatwist.com/assets/js/numscroller-1.0.js IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:54 Last Seen2024-02-07 05:47:47 Times Seen75 Hash 2fba96fbe453e1e3add4261f583ae637 8d0fefcc7253f88ed0894cfaf96f96dfc695b266 0e31d015bb1f56b1bdddbebe777ca015ccd6aef7f50913b95fe4a18416ccc814 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js	5.9 kB	2023-03-07	2024-03-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:18 Last Seen2024-03-27 09:53:44 Times Seen55 Hash 90e79833e382c486e0f1184f2ed8fcbd 344e699a1dde7a4015b9e6cc626ce66091720d0a 1fc39d86f356a710875ddf4eb30f11ef23ac5a3f4240a183325ba361506c60cc Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js	24 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:54 Last Seen2024-04-19 02:04:47 Times Seen1102 Hash 08ea8682652b05beea01dda05766d2e1 a88370395f5758361f27803c429286aa12c3f7ee 4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0 Loading...

	www.paintingwithatwist.com/studio/tempe	516 B	2023-03-12	2023-05-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:45 Times Seen2 Hash 2e2c04af7c133ae7be3f3b94de3e891f ac0dd67115e21d05fc60fc90b7a1a19c5c7eff40 a6d438f51b97a1ac2a25e5a99bf6c1404f297327f1ed010365477c4a77b02fd4 Loading...

	www.paintingwithatwist.com/studio/tempe	649 B	2023-03-12	2023-05-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:45 Times Seen2 Hash 95e0c2913a56d3fc3d1a6d34229c0d6b cbb06a57155141906e957bfcb02bcde1003917c9 16f8e175e6de67741b6700ed4aa8eaf5d4c9ee3e51d730e8324f7a58fc8179bb Loading...

	www.paintingwithatwist.com/studio/tempe	168 B	2023-03-12	2023-03-12
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 44cf3f0181a8b56d13fb9ae868a22fdd 58da1a057c953b0b553daecf3988514f8ca3877c a45cdec19b7c2f210d74a3d0437f66eefb1717e2d2aa77b3fadebce195283223 Loading...

	www.paintingwithatwist.com/assets/js/jquery.main.js	120 kB	2023-03-12	2023-03-12
Pretty URL www.paintingwithatwist.com/assets/js/jquery.main.js IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 7a6ad03f9274311773ce11d67d3f829e d10d476caabed3d7a59d0b9826e8aa0ee6dcea60 d38d49aff047d68a0fbaf641027550719d983312b2ffadbfc3d22bcabfa648d4 Loading...

	gs.mountain.com/gs	144 B	2023-03-12	2023-03-12
Pretty URL gs.mountain.com/gs IP 35.81.162.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 8b2ba37054b141324cb2733c48fca4a6 4751df38c1ba8a33129b6390a2652244c1abdf03 884e39592ab27288845c4806665f888b42586c7cffdcc54ea7dcc8c8822203fa Loading...

	connect.facebook.net/signals/config/701969987823556?v=2.9.90&r=stable	300 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/701969987823556?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 6078c518cf70693de9eea50cd7d313bf 20e706a5fed285e312a61951f21345c4f85793ba d42e249a004a7cb9df8894faa977ba9ffa0fe32f156145d700dec4d551b73920 Loading...

	px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C	2.3 kB	2023-03-12	2023-03-12
Pretty URL px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C IP 52.37.218.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 879cbefaa159569ad8360f6a4f6510a5 fe49fb9debcbebadcc9fd82f4b5e6a44dee7e2ec 062528ebdf8aac9bcfc2cb64f19adb5792ecf71ca6307137a6fc79cc21a793a8 Loading...

	www.paintingwithatwist.com/studio/tempe	535 B	2023-03-07	2024-04-24
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-04-24 13:17:39 Times Seen6806 Hash 67c866dc70f00171ef6277d17a7987ae 41d53bdb4eabed4834641ad37984d1e1b9eb6d0d dd1ae61f744792a5ab43f9548d1e6322138b72ea34af5dbc717773f92f271747 Loading...

	cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js	181 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:24 Last Seen2024-04-23 19:04:26 Times Seen985 Hash 87d84bf8b4cc051c16092d27b1a7d9b3 c8b4c65651921d888cf5f27430dfe2ad190d35bf 53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d Loading...

	www.paintingwithatwist.com/studio/tempe	184 B	2023-03-12	2023-05-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:45 Times Seen2 Hash 6e69f25d295eba8fc21de69b8c448fbe f5574ff5407ecccc16b35d1e50f8a7d339d0f9dc c0c5edea57c3c20b0163dfe611e1dbec1b9b8ef935f3b44b9d52b102b233b8c2 Loading...

	www.paintingwithatwist.com/studio/tempe	1.4 kB	2023-03-12	2023-05-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:45 Times Seen2 Hash 1398475a4d70cd0a9ae9b5ab1f86d635 af3e00bafe991fbd42c5e4902e84f24cabe449b7 6b112fcb670477425dadbf1ad2bd848c7d6319d6ec3a49a7dd5baecd19f52439 Loading...

	www.paintingwithatwist.com/studio/tempe	41 B	2023-03-12	2023-03-12
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 366eea603ab4bfd38e5ea934301259ca f9eea8fa53cee524d96d0aa4b6bdfb4d54b6a44a dc276438ce3cbfac18e5e2ce56f79e8367ca340c1c70bc271f2f2f4c824fb7f1 Loading...

	www.paintingwithatwist.com/assets/js/mvcfoolproof.unobtrusive.min.js	3.9 kB	2023-03-12	2024-03-07
Pretty URL www.paintingwithatwist.com/assets/js/mvcfoolproof.unobtrusive.min.js IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2024-03-07 00:06:53 Times Seen13 Hash 60ba60190020717664df151e688794f0 6bee0313ec8674e7dfc2b5ac031c1bbfe86f8bf6 0a591549182c55b8059e9a4490cec8147154c93a2339707898f3a8bb6a41e4f7 Loading...

	www.paintingwithatwist.com/studio/tempe	130 B	2023-03-12	2023-05-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:45 Times Seen2 Hash 778293f3bcc733cb819f04dbbd23bc40 bd1ba5a95afc66a899a3e4ba3ebeeb8959c966c3 9aa5c89d5b95950e45463df2bf1987b1a311b1d5a3ba06bb98855964cbfdd6fb Loading...

	px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369	5.4 kB	2023-03-12	2023-03-12
Pretty URL px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369 IP 52.37.218.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 952ac8949cf5dc2d53defd2ca6d12f1d d25eaeef3940bd27237752d605368eea4ca5036e 0e7b526b73fc8306b2216268162d99143c4a7d9316fdc03caeb1c3d5fee62a8c Loading...

	www.paintingwithatwist.com/studio/tempe	205 B	2023-03-07	2024-04-24
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-04-24 13:17:37 Times Seen6828 Hash b18e821747b6d0acf67b7eb932983ea8 77bdf9e8c6e0bcc96973d71fa191bbf625526782 e74bcbb732fc20232a6235744beb8202085b8ce9b361c361e6c814da56415f07 Loading...

	www.paintingwithatwist.com/studio/tempe	506 B	2023-03-12	2023-05-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:44 Times Seen2 Hash a05df42ccfb94c49636b26710199e429 28a41c3a8727cc1e6e5e8edc287ee0cbd5c4ceaf 50a29f400cc20de60cea4a044baf8148b256af0d620e2b76d97aecc1917dd806 Loading...

	prism.app-us1.com/?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe	246 B	2023-03-12	2023-03-12
Pretty URL prism.app-us1.com/?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe IP 104.17.145.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 57102c74dcea7feeb71e93858eb054d0 bf595e42ca1973bc9851c312a223009c6b4b9e84 636a4979a253a4bbad4b603f3cf2d0994a831dc95585ad9fef57fbdbd652c44e Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4	2.1 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4 IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash d32acf7b942412dfa9c8e02f241588c3 4e2e779b27dd825fe6ccc86d15fb5584fe9cde7b 13c0ff52baf9a0ffff91a313e85d7f474c1427ac63e4397f51f1cb82122bb790 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-09	2024-02-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:12:38 Last Seen2024-02-19 23:40:48 Times Seen21 Hash 8923a23f541784b67eece6aa2fa0a66f f2cad61f4ec65b3792e1295219a36c1f94fce6af 55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9 Loading...

	connect.facebook.net/signals/config/1875383692726736?v=2.9.90&r=stable	300 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/1875383692726736?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash ed931b46e03010ce009bae4f3df733ea 5911f327e0345b03688223146cc0f54fc928ff52 b498e3fdc1fd5145d096cc62f19b77cd526b82aa433d850c4d936ec4491fe0af Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 13:42:14 Times Seen37039274 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.paintingwithatwist.com/studio/tempe	25 B	2023-03-09	2024-01-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:07:27 Last Seen2024-01-27 19:33:57 Times Seen14 Hash 67bd40779895321fbb4a1b71ced50580 8722580bd735b40609b99d0a8cc0e5fdb7368849 41e3c4330c9920c2fd64dadd6afe93f6274528eba897349fd592dadf17838132 Loading...

	www.paintingwithatwist.com/studio/tempe	628 B	2023-03-12	2023-05-27
Pretty URL www.paintingwithatwist.com/studio/tempe IP 23.253.135.119 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:45 Times Seen2 Hash a41f81055169962e9991862618177e83 639d982c5074f924571d4593eded356a64185e07 6147399f779afc7db663a5fb2aa136e2bfd47299037a013f041a06c6f33a8feb Loading...

	www.googletagmanager.com/gtag/js?id=G-GG8Y2XXWB6	229 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-GG8Y2XXWB6 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash bf72601dd11eff4de2b26babec0ca946 dbe5dd4aaf49d0599d0ee02662553d1dadb306b7 501fbf662b6e187a6699991d20780339a06f56f56c7126915d7bfdc8ba728acc Loading...

	www.googletagmanager.com/gtag/js?id=AW-601555795	183 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=AW-601555795 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash d25170a0cda0ebd9f88285a0163ee92a c6dc970bee0465526b1958bee5993f49e519f69c 4b1fab0c6c6adc592c46c3e06ac0f9bfb42f241e3274e271a3588e0f176d951d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	dx.mountain.com/spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value	14 kB	2023-03-12	2023-03-12
Pretty URL dx.mountain.com/spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value IP 35.83.209.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 34132f58ae4063d0601232ecda50c3bc 03878d9133f8f71a5e32d4695b7eed01829065fe 14412228db8826040034e39f41427a0262b48219edb04772e987000d1b62a0b5 Loading...

	connect.facebook.net/signals/config/2265277603725722?v=2.9.90&r=stable	300 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/2265277603725722?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash be56c91b4afe6813c8f51353c9ce9d6b f7968f3f9b388dbb0ee0a2c821b801b727672ae2 2335a303a2c2511e848b3b1ae4d86c58d109edbb18a272a5815ece23ae35fdbc Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3283b46ada463f2b19de87af48643218	255 B	2023-03-12	2023-05-27
Pretty Observations First Seen2023-03-12 14:33:49 Last Seen2023-05-27 19:05:45 Times Seen2 Hash 3283b46ada463f2b19de87af48643218 7fa4462e0f58cd526f6e5fbe53c1c19c79548a58 2fe7eaf692723e85db7a4bff60c44f978ad5e2512958857b8a4c9fc637e0cbaf Loading...

	#2 Eval - 0d0b187e3dd704623c7ffe1c3ec48ef8	466 B	2023-03-08	2023-12-05
Pretty Observations First Seen2023-03-08 16:01:42 Last Seen2023-12-05 23:15:32 Times Seen270 Hash 0d0b187e3dd704623c7ffe1c3ec48ef8 25bff7503f6dddcce9701710a088f1a3658b9bdf a2792230ce8f6e9dbebdfb3fe6a039dad4a8d5e046f869fc3ac28062e81cc1c7 Loading...

	#3 Eval - 0e823fa04c5937625a033d6f224179da	2.4 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 14:33:49 Last Seen2023-03-12 14:33:49 Times Seen1 Hash 0e823fa04c5937625a033d6f224179da 892dae309244991f68c444a3f8173441b97b5656 6398161c5e22ddb99007327cb6823755feccbc824eaab7acd41730978a4a6313 Loading...

HTTP Transactions (113)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Thu, 05 Jan 2023 01:12:54 GMT
Date: Wed, 04 Jan 2023 23:24:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Thu, 05 Jan 2023 00:54:08 GMT
Date: Wed, 04 Jan 2023 23:24:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 22:47:47 GMT
content-type: application/json
age: 2200
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Thu, 05 Jan 2023 00:14:41 GMT
Date: Wed, 04 Jan 2023 23:24:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XxPBk1ogFXmK/F0WsjgZJYScJR92S/93dM/QzUnWq8rvb7iQJzOTInQBc5v3VGL/ub9QOHsR4ezSNfIow9Dj2Q==
x-amz-request-id: 22KK5WAZ4VR34TYZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 22:59:18 GMT
age: 1509
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 23:24:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 22:33:37 GMT
age: 3051
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.paintingwithatwist.com/tempe

23.253.135.119

301 Moved Permanently

157 B

URL HTTP/1.1
www.paintingwithatwist.com/tempe
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
157 B (157 bytes)
Hash
4347b39efa413e8c888f56832c8b0d38
a4d5d26adca8002cb1aa6cbf0bd0dc4dca78fa68
5495a28fc97e5f572d8ba6d1d257946782bcaf332f9c33f1f6a490811c284477

HTTP Headers

GET /tempe HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: Microsoft-IIS/8.5
Content-Type: text/html; charset=utf-8
Date: Wed, 04 Jan 2023 23:24:27 GMT
Location: https://www.paintingwithatwist.com/tempe
Access-Control-Allow-Origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
Set-Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6; path=/
X-Frame-Options: deny
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: *
Content-Length: 157

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3633
Cache-Control: max-age=124976
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:28 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 10:07:24 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
26465204b3106fb08ede53a5d015b026
516f9908b3d14e887fd6714af559794a1866ec74
0aa192e5b30a56892c03722bfffd0c35ae46cab7ec87d218b937817a8cc3b006

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3331
Cache-Control: max-age=134068
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:28 GMT
Etag: "63b5665d-1d7"
Expires: Fri, 06 Jan 2023 12:38:56 GMT
Last-Modified: Wed, 04 Jan 2023 11:43:25 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1ff94b558e810da989ee902e6936545c
59be519695865f7b2038f4c94da4cd0eb0501581
6171a3c7ba58ea1c2fc47ad9382dfb5286558a004c7d9fc3685f4d0e19739722

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:28 GMT
Etag: "63b529e3-1d7"
Server: ECS (amb/6BAC)
Content-Length: 471

push.services.mozilla.com/

52.89.255.30

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.255.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gBgJA0QE94PCSqZhRZi/Ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hexQxrYuOiCXLqflwesrDVs8xLU=

www.paintingwithatwist.com/tempe

23.253.135.119

301 Moved Permanently

130 B

URL HTTP/2
www.paintingwithatwist.com/tempe
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
130 B (130 bytes)
Hash
b0fcd40445382a9c16543f4b36f2b9fe
5fd76449d055f756e62ee834b598dfb09f1a1462
e6116ebc8203637a41a216ad1c970d46734d00a05f00f2a2a26db4925a938ab7

HTTP Headers

GET /tempe HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
cache-control: private
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 23:24:28 GMT
location: /studio/tempe
x-aspnetmvc-version: 5.2
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
set-cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6; path=/
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 130
X-Firefox-Spdy: h2

www.paintingwithatwist.com/studio/tempe

23.253.135.119

200 OK

12 kB

URL HTTP/2
www.paintingwithatwist.com/studio/tempe
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1238), with CRLF line terminators
Size
12 kB (11757 bytes)
Hash
bd89774186173c11084526941dc33de8
ec8f08d28a19ec21a196d18e6afa0fa3a96003df
83ce08d96790c526965d96182f07f612f5a1a5c9ed2ead9950a488bee58bed4e

HTTP Headers

GET /studio/tempe HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
x-aspnetmvc-version: 5.2
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 11757
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css

104.17.24.14

200 OK

18 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65352), with CRLF line terminators
Size
18 kB (17475 bytes)
Hash
c7e9f749e70cbc70d6ad885b28e50f76
2ca5979384bea4d5cd8ce2c4cddf1637ee509224
40a121eb81dc6a8c9c9126686773cd3ddb832068fe57d6dd56fd0b97574379f0

HTTP Headers

GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: text/css; charset=utf-8
content-length: 17475
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03efe-22a11"
last-modified: Mon, 04 May 2020 16:12:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2958376
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXmTxsqc1AUFS902G9qR6PjMsph6EIXtAr4gY20RQm48ZFBRZ2uVaX4r9ltsQ%2BNOjPPhp7OUuVad7LwDN5diHkobXeXG9hXNxAieO6wc33R1yeySgy7P9VgPhxdMiKvaQmm2i6DW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba598f5f0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3114938
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eoosUOZbXaN5Js2Saj6xiEtJSuor02nZW%2B3lhvyzqmsX1d7091mTNuhP%2BysLMOsedbBxXk0orgAgpgBxjmXMhZ%2Bi%2FXlAwj%2FqXUgiZ%2BOdLAbDJjcsq4sAsth4slEloegJL1qPUt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba598f610b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js

104.17.24.14

200 OK

1.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5607), with CRLF line terminators
Size
1.9 kB (1947 bytes)
Hash
b93f73af47ad554d205de896e64e4e2e
b5afe1497b81980a5ae6d4dd9bc40e0efb5acef5
69637730908765a4b1ffb1e0584924ce47950d8aca199e951c5de053c8f697b3

HTTP Headers

GET /ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 1947
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6021e167-16ef"
last-modified: Tue, 09 Feb 2021 01:12:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2953815
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSLwMD3falrMsSRklsPdByzPmVrSGI6tmHdT8TCuqPuxltsH9dLzn56o1ZKIqC7mwOA1EX8v9CGtBwSq93tBijUaQOy9l9hXOzYZHhui2voybEOBM%2BuVPIK7uRDwNZJPdYzuc6rY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba599f650b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js

104.17.24.14

200 OK

37 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65357)
Size
37 kB (36877 bytes)
Hash
172957502510147292fe49ce5e236743
ffb4f0df2e82a8243abe17efba35e2d6b7edb08f
cbd06605a12a759a4422da8b945e81fa814b7a4ee82712acbab8dc9b843e4106

HTTP Headers

GET /ajax/libs/materialize/1.0.0/js/materialize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 36877
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03efe-2c375"
last-modified: Mon, 04 May 2020 16:12:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1098044
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gVxQQG4aPtECIb01Pw1Lt2rF931USj3n0SWH3V6KoD0lCrFb02rTwFIV2GgA%2FFDWpFHiy%2BPpaFS9D8WhjP0Ekn5b1WHg8L%2Bycb6bKvWWaDF8Zvmm4hXuEgGbkLmDNjZAsNkMS6c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba599f670b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js

104.17.24.14

200 OK

7.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (24292)
Size
7.0 kB (6996 bytes)
Hash
ba5982f457768a57088c572b54db5973
82841900939e7c0e2f2b9436658424f4ad0fc5b5
26dac46cc168804ca4c3edf998fe419343d9d28704e15c52c003dc0792b7496f

HTTP Headers

GET /ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 6996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c342a7-1b54"
last-modified: Fri, 11 Jun 2021 11:01:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4333886
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FOHcXMw%2FnEYNKJTzmy87XdEP2bPnwlB0JwRpSUdGburENO8iH3wXBaZpT6CUhP6QTrrB0MzSgiS9VQ2v9z5VpEZDlc9H6bTUHCdN%2FPs2A820b6iLWe%2FwfJyOZrHW4BSYXRT%2BN79"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba599f6c0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-GG8Y2XXWB6

142.250.74.168

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-GG8Y2XXWB6
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (26337)
Size
79 kB (79057 bytes)
Hash
714f5fe9043573a92f5434c430c46790
65f1356feff3a0177e1021054945d77ea2c97950
ed01f8b5216769e0ece030582748fc75652407fe370173916e6b7d5f8d3425dc

HTTP Headers

GET /gtag/js?id=G-GG8Y2XXWB6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 23:24:29 GMT
expires: Wed, 04 Jan 2023 23:24:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79057
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.paintingwithatwist.com/assets/js/mvcfoolproof.unobtrusive.min.js

23.253.135.119

200 OK

1.3 kB

URL HTTP/2
www.paintingwithatwist.com/assets/js/mvcfoolproof.unobtrusive.min.js
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
ASCII text, with very long lines (3885), with no line terminators
Size
1.3 kB (1312 bytes)
Hash
16ce76090d4bc2fc3c414c7b35f505ea
fdbd5a7b7afca4bf9dad4b955e77a7ceff0ab50f
3c207ff6efc1659307fe2b8834097932541e447a1acd2cbaf3c71edc5e5512ad

HTTP Headers

GET /assets/js/mvcfoolproof.unobtrusive.min.js HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "803e49d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 1312
X-Firefox-Spdy: h2

www.paintingwithatwist.com/assets/js/numscroller-1.0.js

23.253.135.119

200 OK

996 B

URL HTTP/2
www.paintingwithatwist.com/assets/js/numscroller-1.0.js
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
ASCII text
Size
996 B (996 bytes)
Hash
55fe44bcd2691d979838e3ca6b5c182d
2627c9e698ef79845f067ddcc834f0e5dd1bf5e6
02b298ac268e6dbe25bd6dd9585feb1828a5bdb9197108ee8a6bd70f02abec81

HTTP Headers

GET /assets/js/numscroller-1.0.js HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "803e49d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 996
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/logo-main.png

23.253.135.119

200 OK

3.8 kB

URL HTTP/2
www.paintingwithatwist.com/images/logo-main.png
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
PNG image data, 158 x 78, 8-bit colormap, non-interlaced\012- data
Size
3.8 kB (3785 bytes)
Hash
1465c4cf9884721b0d369946c65e4cba
0314381f7113c609bc53b67a31c3124f231c1421
19316ae8efdffffd9ea8153287e456fbb32ef50fbac5a247666c5372d6a2d4cd

HTTP Headers

GET /images/logo-main.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "b0ba7bd0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 3785
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/text-twist.svg

23.253.135.119

200 OK

2.7 kB

URL HTTP/2
www.paintingwithatwist.com/images/text-twist.svg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2729), with no line terminators
Size
2.7 kB (2729 bytes)
Hash
59685f490004e199a548f40f9e512218
dcda1944fb9812775abac7b6e793de0e9a358a01
cc2406b6b82242a04d1f623672508ba57d4a45c0c253973db237b0d8aee7354c

HTTP Headers

GET /images/text-twist.svg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/svg+xml
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "c234a0d0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 2729
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-mobile-305.jpg

2.18.172.211

200 OK

47 kB

URL HTTP/1.1
6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-mobile-305.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Size
47 kB (47148 bytes)
Hash
e41751ab9d743e1029105a0fea79b3e7
2901eff65016e142bfa90d4ef0ebbbf7a5f5e398
e3d191148d7469f2a24a1db8ce14223d67da84cf81b9dc42a7d4ebb789f144f4

HTTP Headers

GET /franchise-mobile-305.jpg HTTP/1.1
Host: 6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Fri, 30 Sep 2022 16:05:45 GMT
ETag: e41751ab9d743e1029105a0fea79b3e7
X-Trans-Id: txcb225249b34349d7a46e3-006374b4f9iad3
Content-Length: 47148
Accept-Ranges: bytes
X-Timestamp: 1664553944.70105
Content-Type: image/jpeg
Cache-Control: public, max-age=12216
Expires: Thu, 05 Jan 2023 02:48:05 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-305.jpg

2.18.172.211

200 OK

47 kB

URL HTTP/1.1
6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-305.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1080x346, components 3\012- data
Size
47 kB (47074 bytes)
Hash
07c92b68559475a4337e35761588922c
47523e33db2e67c79539a864fe146cab7322bf16
8ee960a070d5ca8938e6e1441726a60ab5deb532ded0e3cc57c56e6e6259415c

HTTP Headers

GET /franchise-305.jpg HTTP/1.1
Host: 6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Fri, 30 Sep 2022 16:05:42 GMT
ETag: 07c92b68559475a4337e35761588922c
X-Trans-Id: txc469266a37fe478c87a03-0063a8b625iad3
Content-Length: 47074
Accept-Ranges: bytes
X-Timestamp: 1664553941.41692
Content-Type: image/jpeg
Cache-Control: public, max-age=12171
Expires: Thu, 05 Jan 2023 02:47:20 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

www.paintingwithatwist.com/assets/js/jquery.main.js

23.253.135.119

200 OK

28 kB

URL HTTP/2
www.paintingwithatwist.com/assets/js/jquery.main.js
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
ASCII text, with very long lines (32026), with CRLF line terminators
Size
28 kB (27762 bytes)
Hash
2a307084466936829cd25098d6053aaf
74ffdc6725a1c93a9a37386a615e91d1a3e4b105
43e4d54613532fc1cafe7c65fd2569c6e3930ac0b5eea476417ad32a70a779bb

HTTP Headers

GET /assets/js/jquery.main.js HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "803e49d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 27762
X-Firefox-Spdy: h2

14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/9763_w.jpg

2.18.172.211

200 OK

69 kB

URL HTTP/1.1
14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/9763_w.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 759x600, components 3\012- data
Size
69 kB (69184 bytes)
Hash
13298061915379ac734fb40a7bc614c7
915a71cd46da4deb4b1765b2e813c5643115682f
a27bf1918609b14856bdc5a53e792ec4cef645faa3b49f7f53a4c421e650bd38

HTTP Headers

GET /9763_w.jpg HTTP/1.1
Host: 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Trans-Id: tx8c29862943334e10b696e-0063b60aadiad3
Content-Length: 69184
Accept-Ranges: bytes
Last-Modified: Thu, 07 Sep 2017 18:57:11 GMT
ETag: 13298061915379ac734fb40a7bc614c7
X-Timestamp: 1504810630.48950
Content-Type: image/jpeg
Cache-Control: public, max-age=3600
Expires: Thu, 05 Jan 2023 00:24:29 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74f1075c111dd64124994b39ee0ae3e0
101362528959858eab5c7fa5bc4aba4cbda612a9
03686764c5ff393fcaba2a367f84faf9915274f33e805018ed2cccf02fb8deb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03686764C5FF393FCABA2A367F84FAF9915274F33E805018ED2CCCF02FB8DEB3"
Last-Modified: Mon, 02 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14988
Expires: Thu, 05 Jan 2023 03:34:17 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

www.paintingwithatwist.com/images/event-types/activity-takehome.jpg

23.253.135.119

200 OK

5.2 kB

URL HTTP/2
www.paintingwithatwist.com/images/event-types/activity-takehome.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x259, components 3\012- data
Size
5.2 kB (5236 bytes)
Hash
be080a782814dc5849d1f48c2338077f
31be93cc84911a93880eb8bbbf17d1d72a634913
a69b9bb06ebc3356892cc8388b4f798c15aa3a4d808ac49e1e2e8f85a42118f6

HTTP Headers

GET /images/event-types/activity-takehome.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "ae18a0d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 5236
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/logo-footer.png

23.253.135.119

200 OK

4.3 kB

URL HTTP/2
www.paintingwithatwist.com/images/logo-footer.png
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
PNG image data, 185 x 93, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
116c73749dc3ddf9ee4611daaf999ef3
312c57d5d503754bd4f15973d39e5fe1e7b62a84
4be9b17db0b07c7795e271d73bf448dfcc63f6466f28d5e142142edfe63d0e5e

HTTP Headers

GET /images/logo-footer.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "d62877d0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 4298
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/event-types/activity-events.jpg

23.253.135.119

200 OK

9.3 kB

URL HTTP/2
www.paintingwithatwist.com/images/event-types/activity-events.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x259, components 3\012- data
Size
9.3 kB (9347 bytes)
Hash
f8d29bf43f6fb3bcadc284629f21b919
1289fbba9355873ca296fb12f8ea6a94c6a00cc8
d91cab3d2dc3175a9d13027ba003e024d01823b3b60747f1f83347173a715ac9

HTTP Headers

GET /images/event-types/activity-events.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "674964d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 9347
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.paintingwithatwist.com/images/event-types/activity-popin.jpg

23.253.135.119

200 OK

27 kB

URL HTTP/2
www.paintingwithatwist.com/images/event-types/activity-popin.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x259, components 3\012- data
Size
27 kB (26584 bytes)
Hash
af1f171f1c5d5d2579a46698845ed6c1
4971cce7b3b2a9035f9d2c3219a3501d84e38f7c
696beaac23b9eec4db0eb9c91718a7c23595653aadd8351c117ff60b96477757

HTTP Headers

GET /images/event-types/activity-popin.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "c2e381d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 26584
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/event-types/event-type_date-night.jpg

23.253.135.119

200 OK

25 kB

URL HTTP/2
www.paintingwithatwist.com/images/event-types/event-type_date-night.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Size
25 kB (24864 bytes)
Hash
03b46d2c0ea3fcaa10298afa7e98a0c1
8d9d5a76995deca3fba3e74395ce9291e98d314f
e8d7e362ffc7db1dd60ba8ae3a59367927c45984df2e986de0d5ffdc1707460f

HTTP Headers

GET /images/event-types/event-type_date-night.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "322f96d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 24864
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/event-types/event-type_girls-night.jpg

23.253.135.119

200 OK

30 kB

URL HTTP/2
www.paintingwithatwist.com/images/event-types/event-type_girls-night.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Size
30 kB (30520 bytes)
Hash
5370f85fd33ade88d15e923c3e618b3a
cddfda8c5c468cc1336599b3ef0aae628256eb08
67bc6d74b0e35b660cdf2b1aea10a7683675f5790ea75f55562d647b7eb51634

HTTP Headers

GET /images/event-types/event-type_girls-night.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "4a78a1d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 30520
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 07:08:09 GMT
expires: Sat, 30 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 490580
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/img08.png

23.253.135.119

200 OK

36 kB

URL HTTP/2
www.paintingwithatwist.com/images/img08.png
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
PNG image data, 308 x 415, 8-bit colormap, non-interlaced\012- data
Size
36 kB (36453 bytes)
Hash
7c2998663b2a53d67cc6e432a57792ce
cb56d665ed16b19524cba4d8fd2bb7b2536c3ef3
f845030683f075c6d92a229bb2644e116297be614afdbedd3e0e478f839e607a

HTTP Headers

GET /images/img08.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "d24569d0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 36453
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/event-types/event-type_paint-your-pet.jpg

23.253.135.119

200 OK

38 kB

URL HTTP/2
www.paintingwithatwist.com/images/event-types/event-type_paint-your-pet.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Size
38 kB (37515 bytes)
Hash
4dcfa721c25585f88fd08d9d5543d306
bc7ff81b4ab7b3c826c6d11d21594aad21382536
8dc2963e49bfc5566350a659f4ef14b09be111d3b4ee72bb834cb9abf1f0fe98

HTTP Headers

GET /images/event-types/event-type_paint-your-pet.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "49fbcad7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 37515
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 20:33:17 GMT
expires: Fri, 29 Dec 2023 20:33:17 GMT
cache-control: public, max-age=31536000
age: 528672
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/landing/trivia-night-title.jpg

23.253.135.119

200 OK

136 kB

URL HTTP/2
www.paintingwithatwist.com/images/landing/trivia-night-title.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Size
136 kB (135845 bytes)
Hash
d639efe62a903b3fb59d059664d1017d
079398b1e0303f910afbc45eb3e1f39dd4db07ff
b677b800671d83134732a976022727a059b442e6a9d2367210b35d268a5a0656

HTTP Headers

GET /images/landing/trivia-night-title.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "ffcbe5458e5d81:0"
last-modified: Fri, 21 Oct 2022 14:20:54 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 135845
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/banners/homepage-alt4.jpg

23.253.135.119

200 OK

72 kB

URL HTTP/2
www.paintingwithatwist.com/images/banners/homepage-alt4.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1400x935, components 3\012- data
Size
72 kB (72332 bytes)
Hash
ad915d9cbfb1f5581b213f8db7a7aebc
57ae2ff6549c50f7bf6744a587f0531cb39f2240
037cef53dfef2208dfaa9a5840cedfb63406cbac8b653f7d49947d05b39039a2

HTTP Headers

GET /images/banners/homepage-alt4.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "fa72c3d6457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:58 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 72332
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/img-plus.png

23.253.135.119

200 OK

579 B

URL HTTP/2
www.paintingwithatwist.com/images/img-plus.png
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
PNG image data, 24 x 28, 8-bit colormap, non-interlaced\012- data
Size
579 B (579 bytes)
Hash
a0015933619b55d3ffd8a8f711c5f14b
c3e5bfa20d28db13fd7b640089e480fe9c2e25f5
35ad2d0d3eaa2c0be4e4d1e71d943f59d2f53a4288c4793699f180a16d2d6805

HTTP Headers

GET /images/img-plus.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/assets/css/main.css?20211015
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "bfbefcf457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:46 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 579
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

8.6 kB

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
8.6 kB (8585 bytes)
Hash
75e9b2a24178c3b3dc757c23b99761c6
f83cd9d3661300688f5835822aa2aa8d884a0926
e85737d6868d3a2fcd6ecef8f3b4028186a8ae8d42f21a0dc29bae67b2650455

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 23:24:29 GMT
date: Wed, 04 Jan 2023 23:24:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/img-bg01.png

23.253.135.119

200 OK

90 kB

URL HTTP/2
www.paintingwithatwist.com/images/img-bg01.png
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
PNG image data, 1400 x 438, 8-bit/color RGBA, non-interlaced\012- data
Size
90 kB (89945 bytes)
Hash
1e1dc7c40e65e7c7a53cfc5d741ea880
44187cbd610a8ef00a2ce7a85dfad20d5cb030ae
1879d5d6b341de8cdf93da98c03fb554d3eff3dc570b1bde27de0d002bec2184

HTTP Headers

GET /images/img-bg01.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "513cc5cf457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:46 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 89945
X-Firefox-Spdy: h2

www.paintingwithatwist.com/assets/fonts/Celestina.woff2

23.253.135.119

200 OK

42 kB

URL HTTP/2
www.paintingwithatwist.com/assets/fonts/Celestina.woff2
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
Web Open Font Format (Version 2), TrueType, length 42468, version 1.0\012- data
Size
42 kB (42468 bytes)
Hash
19ac3893618b785d116382b914b0ee1a
91cab3038045cfbdc4a510a02d41cfd92655d5b1
d6d1c5313360caa498be1d333963361ee32272167fa89f0f40a6d5c8dd0c206a

HTTP Headers

GET /assets/fonts/Celestina.woff2 HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/assets/css/main.css?20211015
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: application/font-woff2
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "de8451d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 42468
X-Firefox-Spdy: h2

14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/19322_w.jpg

2.18.172.211

200 OK

59 kB

URL HTTP/1.1
14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/19322_w.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 480x600, components 3\012- data
Size
59 kB (59136 bytes)
Hash
872ccaa6a7191a07f61d53e1d38671d6
e09672dd93ac83446b8c5899a11d1b95e80b46f8
dba3dabd34390981eb2d874117916860a488678b47af51e5718f1c9bcc17bd43

HTTP Headers

GET /19322_w.jpg HTTP/1.1
Host: 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Trans-Id: tx5ce4ec888e5c41c78a341-0063b60aadiad3
Content-Length: 59136
Accept-Ranges: bytes
Last-Modified: Fri, 06 May 2022 15:49:47 GMT
ETag: 872ccaa6a7191a07f61d53e1d38671d6
X-Timestamp: 1651852186.81513
Content-Type: image/jpeg
Cache-Control: public, max-age=3600
Expires: Thu, 05 Jan 2023 00:24:29 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/18833_w.jpg

2.18.172.211

200 OK

46 kB

URL HTTP/1.1
14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/18833_w.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 478x600, components 3\012- data
Size
46 kB (45852 bytes)
Hash
e9f6d62d37a3e5c01137fd26824ab4e9
87648a8114e381ea5593cd60b2e22e91d056a690
278b8c9a79cc07aec2731b87f3e84406e2f7da61ceac56437445852d870de08d

HTTP Headers

GET /18833_w.jpg HTTP/1.1
Host: 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Trans-Id: tx8d131b9de3aa49eb94bed-0063b60aadiad3
Content-Length: 45852
Accept-Ranges: bytes
Last-Modified: Mon, 29 Nov 2021 16:45:47 GMT
ETag: e9f6d62d37a3e5c01137fd26824ab4e9
X-Timestamp: 1638204346.24222
Content-Type: image/jpeg
Cache-Control: public, max-age=3567
Expires: Thu, 05 Jan 2023 00:23:56 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/19322_t.jpg

2.18.172.211

200 OK

8.9 kB

URL HTTP/1.1
10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/19322_t.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 151x189, components 3\012- data
Size
8.9 kB (8880 bytes)
Hash
78dbca66f0e7f65c3cf1c7edeff9548b
ecb4e3a849808e827b7a02d70509cf20ad842e94
f1a504da50b9a82febb8241227e6a04b60fe3cf695a7c23641f1f52df69ab53b

HTTP Headers

GET /19322_t.jpg HTTP/1.1
Host: 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Trans-Id: txe6d6661f31594606b0815-0063b60aadiad3
Content-Length: 8880
Accept-Ranges: bytes
Last-Modified: Fri, 06 May 2022 15:49:48 GMT
ETag: 78dbca66f0e7f65c3cf1c7edeff9548b
X-Timestamp: 1651852187.08529
Content-Type: image/jpeg
Cache-Control: public, max-age=86400
Expires: Thu, 05 Jan 2023 23:24:29 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/9763_t.jpg

2.18.172.211

200 OK

4.9 kB

URL HTTP/1.1
10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/9763_t.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 151x119, components 3\012- data
Size
4.9 kB (4946 bytes)
Hash
05202af7ab784597d1779212ddca18a9
8ec7506d80be8183ee5aa1ec72e0322ba1569cc3
e6aec8cccb92c908daca6cee066582f1b28dcd1d43d4e9454fde5e3de200c8a2

HTTP Headers

GET /9763_t.jpg HTTP/1.1
Host: 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Trans-Id: tx1d0e1e5c405146e48ca2a-0063b60aadiad3
Content-Length: 4946
Accept-Ranges: bytes
Last-Modified: Thu, 07 Sep 2017 20:33:05 GMT
ETag: 05202af7ab784597d1779212ddca18a9
X-Timestamp: 1504816384.86733
Content-Type: image/jpeg
Cache-Control: public, max-age=86347
Expires: Thu, 05 Jan 2023 23:23:36 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/18833_t.jpg

2.18.172.211

200 OK

8.2 kB

URL HTTP/1.1
10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/18833_t.jpg
IP
2.18.172.211:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 151x189, components 3\012- data
Size
8.2 kB (8180 bytes)
Hash
0ba69a6747f09df25faab1694d736066
7b06eb7de1ad256099a8a4fefb862a1cb23dbd4a
282e7b013f065eb6a1ddd8d1bac53ac560c846384fc28e1e599a880bf17efcfb

HTTP Headers

GET /18833_t.jpg HTTP/1.1
Host: 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Trans-Id: txf2b1eebb4f8f4457b3b77-0063b60aadiad3
Content-Length: 8180
Accept-Ranges: bytes
Last-Modified: Mon, 29 Nov 2021 16:45:47 GMT
ETag: 0ba69a6747f09df25faab1694d736066
X-Timestamp: 1638204346.28391
Content-Type: image/jpeg
Cache-Control: public, max-age=86399
Expires: Thu, 05 Jan 2023 23:24:28 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
0ab78a7816d99f089c0b136921dbe219
ae1bdfff7302340978779365ded4685d7965cb52
cd63044ee02e59038211ce995b7954c90cdf3a08bde51edd94e2b308131d48a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 04 Jan 2023 23:24:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 22:24:09 GMT
Expires: Thu, 05 Jan 2023 22:24:09 GMT
ETag: "ae1bdfff7302340978779365ded4685d7965cb52"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
60994c3fe7f2713299eb28da6fc637f0
896512094967e65904342fa041072f10cf04b0cf
ff6de6b9eee316cff10d6a988f9c55c5aaad09dec5bc607e65f8c9f1ee5d7124

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2881
Cache-Control: max-age=144042
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Etag: "63b58f16-117"
Expires: Fri, 06 Jan 2023 15:25:11 GMT
Last-Modified: Wed, 04 Jan 2023 14:37:10 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e35c08d-9d47-44e2-a839-cbcbd7ba499e.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e35c08d-9d47-44e2-a839-cbcbd7ba499e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10514 bytes)
Hash
f47bd2c920099c071d5d6d8383915e04
502f6afdccb731d96e5ac3e69dbf91712149fcbc
84bc8c89c2686c1af0796b26c00a032fec455352c6e28f901ff0f49748ac0260

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e35c08d-9d47-44e2-a839-cbcbd7ba499e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ba145acc-8f57-4ff1-8861-d016b1981f18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKywH9eIAMFn7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1ab-5031d35e2516bdd77e37a5b2;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YrJunMQc2sabIeNnv27zFhzD1P6ixBtEf505GSeIL3yosiy_vpf7Ew==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:57:10 GMT
age: 5239
etag: "502f6afdccb731d96e5ac3e69dbf91712149fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb431a43a-b1a3-46f7-8e91-9f652b2d5add.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6834 bytes)
Hash
1baebae9058866bc7c9baf0fa75211a9
beab584d0b8be1795ca594d075599e4631cf0224
7ad66c6e81e4f04613b4fcc7273fc631b31e9e20b3f1c749b63dd1245b0cb3c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb431a43a-b1a3-46f7-8e91-9f652b2d5add.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6834
x-amzn-requestid: 90b5cd1d-ce5a-4e98-b521-b57c49bbfd23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKyuG_cIAMFrBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1aa-57ca38951d902f4e2bcbbfa5;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PVMOxqMGUHtV8nkSf-cjar4ZvtugWyfUV0u8wsTTB_Tz2G3y2krczA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:49:21 GMT
age: 5708
etag: "beab584d0b8be1795ca594d075599e4631cf0224"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4248 bytes)
Hash
008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 17ccfd69-0d12-42ac-b111-059a68735e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCutmF7mIAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f7f0-5e1653641a0303815656a578;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:03:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nR6vOzio5JonZZq2SZTwpYBaOUlL9Dw5ntz93jS__r16JEGVqc8Xhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 06:06:12 GMT
age: 62297
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7329 bytes)
Hash
f22f65ce84ef540224278e198edbe5dd
e64e4d49a0a630036019dbb06a8e5a526323975f
ad334d8c521c61a83836cecc0c2b2e19381d361c75a8f79a2c00536fdad5f4df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7329
x-amzn-requestid: 0ffe55a3-cf07-43cd-b4df-4187d2e2686a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVzQFCVIAMFtww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39ce1-1ddb337722ed75aa22e9637a;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:11:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3vR1Lk9_7Cde_rqOrhIxG9afQbr6agHxi2_3lBuSEWmXQAlnW5qokA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:36:23 GMT
age: 71287
etag: "e64e4d49a0a630036019dbb06a8e5a526323975f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10696 bytes)
Hash
02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p4EQ0DgVF1JVg9r4rzbQsRzgFgqX3Ke8tWzeUHAXGXrawUAhssi71A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:38:33 GMT
age: 56757
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4148f46-96a7-4939-96bb-68a4dfd7d78e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9560 bytes)
Hash
64a319c9177608c935ab9266fb6340bf
736103d51a827f76da95e5a6839b27278ed1e41e
3ab12956a0acb1479b54cc9205756aea575cd03c56c56901bc2dcd71e25db0d2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4148f46-96a7-4939-96bb-68a4dfd7d78e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9560
x-amzn-requestid: 508636ac-4f34-473e-a9f5-b411a56fabd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePK0PGE7oAMF4dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1b4-00dcf18377c4c3275b9971f4;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xl2aatuyW0-dKh9Uu-Rtx6IXngiBS833lq4TL3Sun3KD2JKw0vo7DQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:58:12 GMT
age: 5178
etag: "736103d51a827f76da95e5a6839b27278ed1e41e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dx.mountain.com/spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value

35.83.209.52

200 OK

3.8 kB

URL HTTP/1.1
dx.mountain.com/spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value
IP
35.83.209.52:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (14420), with no line terminators
Size
3.8 kB (3793 bytes)
Hash
e3c6b903983c720d4e349bb1bf4972d4
8df0acfcda57db3ac1e4677ef259683bdbadb20d
82e681774ef8e013a9cfcd05e0145edc7e28cfac368f745e682ba80d37401d4f

HTTP Headers

GET /spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Wed, 04 Jan 2023 23:24:29 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked

trackcmp.net/t_prism_sitemessages.php?trackid=25570710&prismid=e278d761-c29a-405a-89f9-2c37e7be671c&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe

172.64.145.151

200 OK

0 B

URL HTTP/2
trackcmp.net/t_prism_sitemessages.php?trackid=25570710&prismid=e278d761-c29a-405a-89f9-2c37e7be671c&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe
IP
172.64.145.151:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t_prism_sitemessages.php?trackid=25570710&prismid=e278d761-c29a-405a-89f9-2c37e7be671c&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:30 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-envoy-upstream-service-time: 22
x-powered-by: PHP/8.1.13
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7847ba5f5bb51c16-OSL
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 04 Jan 2023 22:41:11 GMT
expires: Thu, 05 Jan 2023 00:41:11 GMT
cache-control: public, max-age=7200
age: 2599
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-GG8Y2XXWB6&gtm=2oebu0&_p=1229881401&cid=1060161976.1672874660&ul=en-us&sr=1280x1024&_s=1&sid=1672874659&sct=1&seg=0&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GG8Y2XXWB6&gtm=2oebu0&_p=1229881401&cid=1060161976.1672874660&ul=en-us&sr=1280x1024&_s=1&sid=1672874659&sct=1&seg=0&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GG8Y2XXWB6&gtm=2oebu0&_p=1229881401&cid=1060161976.1672874660&ul=en-us&sr=1280x1024&_s=1&sid=1672874659&sct=1&seg=0&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.paintingwithatwist.com
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1ec4eb5276a6872b64135f424c57124
261ffe8ee941a2e48eb12bb5f6e5d6bc0b8e6344
38dc5616ee5568e1714ea7364b2578af0e854599f46e699fa97990bd1154da66

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 624
Cache-Control: max-age=129538
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Etag: "63b55f40-1d7"
Expires: Fri, 06 Jan 2023 11:23:28 GMT
Last-Modified: Wed, 04 Jan 2023 11:13:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4

172.217.21.162

200 OK

970 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2112), with no line terminators
Size
970 B (970 bytes)
Hash
6b3cbca8894f8c128909f294611c0a84
c5c4f3da157f30d6750e2e413327c78e2328a9e5
8ea1d40f13822bab42f3fcdf62d1d81106a3f481280ec27e6fd4c9ac4bfdc956

HTTP Headers

GET /pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 970
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Jan-2023 23:39:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4

172.217.21.162

200 OK

943 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2081), with no line terminators
Size
943 B (943 bytes)
Hash
20b2c59ea622b687db4514f9761b81c4
234b2c769ce53169cf42269b362a3e2243bbc99f
457d5f992228d8e25eb8183e7b645fe424098773443bad9f27cec9c86407bec6

HTTP Headers

GET /pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 943
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Jan-2023 23:39:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=1229881401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&ul=en-us&de=UTF-8&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAACAAI~&jid=1016736680&gjid=303473865&cid=1060161976.1672874660&tid=UA-16182957-1&_gid=1456507001.1672874660&_r=1&_slc=1&z=934991288

142.250.74.110

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1229881401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&ul=en-us&de=UTF-8&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAACAAI~&jid=1016736680&gjid=303473865&cid=1060161976.1672874660&tid=UA-16182957-1&_gid=1456507001.1672874660&_r=1&_slc=1&z=934991288
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=1229881401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&ul=en-us&de=UTF-8&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAACAAI~&jid=1016736680&gjid=303473865&cid=1060161976.1672874660&tid=UA-16182957-1&_gid=1456507001.1672874660&_r=1&_slc=1&z=934991288 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.paintingwithatwist.com
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.paintingwithatwist.com/favicon.ico

23.253.135.119

200 OK

15 kB

URL HTTP/2
www.paintingwithatwist.com/favicon.ico
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15406 bytes)
Hash
b26b095dc7228be183f501842e9dbc13
91fd954bd69feff368f26c1bad67665ccf851116
5b5725c2ee54d29b627125b6ea40fa5d8fc666ce42f376c73b2619f305d70864

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6; _ga_GG8Y2XXWB6=GS1.1.1672874659.1.0.1672874659.0.0.0; _ga=GA1.1.1060161976.1672874660; _gcl_au=1.1.642879271.1672874660; prism_25570710=e278d761-c29a-405a-89f9-2c37e7be671c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/x-icon
date: Wed, 04 Jan 2023 23:24:29 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "2b412dc9457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:35 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 15406
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27298 bytes)
Hash
8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2XHzxdzwH1U92eV99qgP+n1AbQ1jbJrwYNqO7ETfLYwfNP4RyyEJkyV4Iyq19aEjjVLSIcHu1xDSNld5HJzI+w==
content-length: 27298
x-fb-trip-id: 1679558926
date: Wed, 04 Jan 2023 23:24:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1ec4eb5276a6872b64135f424c57124
261ffe8ee941a2e48eb12bb5f6e5d6bc0b8e6344
38dc5616ee5568e1714ea7364b2578af0e854599f46e699fa97990bd1154da66

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 624
Cache-Control: max-age=129538
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Etag: "63b55f40-1d7"
Expires: Fri, 06 Jan 2023 11:23:28 GMT
Last-Modified: Wed, 04 Jan 2023 11:13:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16182957-1&cid=1060161976.1672874660&jid=1016736680&gjid=303473865&_gid=1456507001.1672874660&_u=IADAAEAAAAAAACAAI~&z=1768519676

142.251.1.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16182957-1&cid=1060161976.1672874660&jid=1016736680&gjid=303473865&_gid=1456507001.1672874660&_u=IADAAEAAAAAAACAAI~&z=1768519676
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16182957-1&cid=1060161976.1672874660&jid=1016736680&gjid=303473865&_gid=1456507001.1672874660&_u=IADAAEAAAAAAACAAI~&z=1768519676 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.paintingwithatwist.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7c8811382bcd40ec65e7a6e339e94904
38d741442c52bcdde863d1a2d593ce0c81c7efbd
ce5c1060c028784381224586783b9b0943fd14947bb15bb38e6d401a1a221c23

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
25338094bc946c04342abe561f2c0651
8a4f5ed3fcd4aa0305ecbb817d5e6ebe94633c7f
71c024ec947b6570f10ce74f5c4b7575656b037d5e91e75958aa7f0133921258

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 23:24:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 13:02:16 GMT
Expires: Mon, 09 Jan 2023 13:02:15 GMT
Etag: "8a4f5ed3fcd4aa0305ecbb817d5e6ebe94633c7f"
Cache-Control: max-age=394064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7847ba61de2fb4e8-OSL

44.228.85.26/is

44.228.85.26

200 OK

32 B

URL HTTP/1.1
44.228.85.26/is
IP
44.228.85.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
4d708d9354da78dafc3411958ac9c821
8f352d28d45733eb704363f5587c1213867346aa
c13cb3ca406b1c667481d8f92d73b5bac4577346eb14a6fa5ee94ab9ecfa2b23

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /is HTTP/1.1
Host: 44.228.85.26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paintingwithatwist.com/
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close

www.facebook.com/tr/?id=1875383692726736&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661581&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1875383692726736&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661581&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1875383692726736&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661581&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Jan 2023 23:24:31 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=2265277603725722&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661586&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=2265277603725722&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661586&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=2265277603725722&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661586&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Jan 2023 23:24:31 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=701969987823556&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661583&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET

157.240.200.35

200 OK

172 kB

URL HTTP/2
www.facebook.com/tr/?id=701969987823556&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661583&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
172 kB (171825 bytes)
Hash
d610311d381d94fed1d5867602a4486b
a943b916b3119edc4496596554a2add3233016df
3d9482b37453c298d08f57e4d33f3e2607a06a4812c8cf6e49e15187785da0e9

HTTP Headers

GET /tr/?id=701969987823556&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661583&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Jan 2023 23:24:31 GMT
X-Firefox-Spdy: h2

px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C

52.37.218.4

200 OK

1.2 kB

URL HTTP/1.1
px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C
IP
52.37.218.4:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2323)
Size
1.2 kB (1188 bytes)
Hash
d6d096517b736b7e97d4c773e157bc08
00c7e2c1fd3e73f952901ef81d17e5de3de2d035
f854bd16c7fec8d37c660ce8ebf7d0105e44f13af12c4e697b986715d48c4461

HTTP Headers

GET /st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:31 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=f10d4b97-8c86-11ed-8e19-65514302066e;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked

gs.mountain.com/gs

35.81.162.201

200 OK

144 B

URL HTTP/1.1
gs.mountain.com/gs
IP
35.81.162.201:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
8b2ba37054b141324cb2733c48fca4a6
4751df38c1ba8a33129b6390a2652244c1abdf03
884e39592ab27288845c4806665f888b42586c7cffdcc54ea7dcc8c8822203fa

HTTP Headers

GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Cookie: guid=f10d4b97-8c86-11ed-8e19-65514302066e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close

px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369

52.37.218.4

200 OK

1.3 kB

URL HTTP/1.1
px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369
IP
52.37.218.4:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5401), with no line terminators
Size
1.3 kB (1318 bytes)
Hash
3686f81b191ae505b6a3e79536fd67c6
62a42d0217a783f5625bdc2598930c1418176b12
d1168004f1374cad909b96158f64cda23c2e934b96da0c7bc7a78400df86e294

HTTP Headers

GET /st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Cookie: guid=f10d4b97-8c86-11ed-8e19-65514302066e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:33 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt="H4sIAAAAAAAAAKtW8guKNzY2sTSPN7IwtlCyMtBBEjG3NAaLlClZGekoISszNDM3sjA3MTM3NrAwrgUA7PaY5UYAAAA=";Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzM0OTc6MTY3Mjg3NDY3Mw==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=f10d4b97-8c86-11ed-8e19-65514302066e;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 13
server: istio-envoy
connection: close
transfer-encoding: chunked

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

87 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
87 kB (87375 bytes)
Hash
1d546fe2d005c33beb9e2b54dc413ed5
87fd810e6ac09ba5c3bf1c3d55aea61c1861597a
9047bf96ffa1e6f8a89cf4f3666a4cfedf59db8948c15398e0492214239fbf56

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 23:24:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 08 Jan 2023 20:17:01 GMT
ETag: "a2d22971ef07dccb540c74e0a93dbd0c34089ec9"
Last-Modified: Wed, 04 Jan 2023 20:17:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3075
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7847ba741ea3b524-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
4cb80580d0803d5062020939cd3c6c97
a2d22971ef07dccb540c74e0a93dbd0c34089ec9
1c82b0d3e2218cb1565c89eae932653491c7125047d705a826b9361c37ab9fa8

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 23:24:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 08 Jan 2023 20:17:01 GMT
ETag: "a2d22971ef07dccb540c74e0a93dbd0c34089ec9"
Last-Modified: Wed, 04 Jan 2023 20:17:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3075
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7847ba741bb9fac0-OSL

match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=f10d4b97-8c86-11ed-8e19-65514302066e&gdpr=&gdpr_consent=

35.71.131.137

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=f10d4b97-8c86-11ed-8e19-65514302066e&gdpr=&gdpr_consent=
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=f10d4b97-8c86-11ed-8e19-65514302066e&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:33 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11838 bytes)
Hash
caeb8110d6451a09f92d0603994d82d8
cca8920d92a37b0b1e4f019a10674052c1b8dcbe
622aeb4a54a3cb82191e8d1f238ad9f5a86262fdedbc3e4b03426e4fb86493a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11838
x-amzn-requestid: aabfce3c-15dc-4de0-910c-ca2d24d4fc81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVmBE8HIAMFa_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39c8c-16a130601f6ccd3513485a7c;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:10:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtL5oh76QUNUzUHwTW6FHkamUukqDkdsjmO10KCWGnijLxcc3oLnLg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 05:22:07 GMT
age: 64949
etag: "cca8920d92a37b0b1e4f019a10674052c1b8dcbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,300,400,500,600,700%7CRoboto:500&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,300,400,500,600,700%7CRoboto:500&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:100,300,400,500,600,700%7CRoboto:500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 23:24:29 GMT
date: Wed, 04 Jan 2023 23:24:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.paintingwithatwist.com/images/event-types/activity-private.jpg

23.253.135.119

200 OK

0 B

URL HTTP/2
www.paintingwithatwist.com/images/event-types/activity-private.jpg
IP
23.253.135.119:0
ASN
#27357 RACKSPACE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/event-types/activity-private.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "45896d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 20082
X-Firefox-Spdy: h2

diffuser-cdn.app-us1.com/diffuser/diffuser.js

104.17.145.91

200 OK

0 B

URL HTTP/2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP
104.17.145.91:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 231
server: cloudflare
cf-ray: 7847ba5b7fdab4e8-OSL
X-Firefox-Spdy: h2

insight.adsrvr.org/track/evnt/?adv=0k2y2lb&ct=0:l4rcz95&fmt=3

35.71.131.137

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/evnt/?adv=0k2y2lb&ct=0:l4rcz95&fmt=3
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/evnt/?adv=0k2y2lb&ct=0:l4rcz95&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:33 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

prism.app-us1.com/?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe

104.17.145.91

200 OK

0 B

URL HTTP/2
prism.app-us1.com/?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe
IP
104.17.145.91:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_25570710=e278d761-c29a-405a-89f9-2c37e7be671c; expires=Fri, 03-Feb-2023 23:24:29 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 48
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7847ba5da84bb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations