r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Thu, 05 Jan 2023 01:12:54 GMT
Date: Wed, 04 Jan 2023 23:24:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Thu, 05 Jan 2023 00:54:08 GMT
Date: Wed, 04 Jan 2023 23:24:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 22:47:47 GMT
content-type: application/json
age: 2200
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Thu, 05 Jan 2023 00:14:41 GMT
Date: Wed, 04 Jan 2023 23:24:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XxPBk1ogFXmK/F0WsjgZJYScJR92S/93dM/QzUnWq8rvb7iQJzOTInQBc5v3VGL/ub9QOHsR4ezSNfIow9Dj2Q==
x-amz-request-id: 22KK5WAZ4VR34TYZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 22:59:18 GMT
age: 1509
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 23:24:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 22:33:37 GMT
age: 3051
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.paintingwithatwist.com/tempe
23.253.135.119301 Moved Permanently 157 B URL HTTP/1.1 www.paintingwithatwist.com/tempe
IP 23.253.135.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4347b39efa413e8c888f56832c8b0d38
a4d5d26adca8002cb1aa6cbf0bd0dc4dca78fa68
5495a28fc97e5f572d8ba6d1d257946782bcaf332f9c33f1f6a490811c284477
GET /tempe HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Microsoft-IIS/8.5
Content-Type: text/html; charset=utf-8
Date: Wed, 04 Jan 2023 23:24:27 GMT
Location: https://www.paintingwithatwist.com/tempe
Access-Control-Allow-Origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
Set-Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6; path=/
X-Frame-Options: deny
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: *
Content-Length: 157
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3633
Cache-Control: max-age=124976
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:28 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 10:07:24 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26465204b3106fb08ede53a5d015b026
516f9908b3d14e887fd6714af559794a1866ec74
0aa192e5b30a56892c03722bfffd0c35ae46cab7ec87d218b937817a8cc3b006
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3331
Cache-Control: max-age=134068
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:28 GMT
Etag: "63b5665d-1d7"
Expires: Fri, 06 Jan 2023 12:38:56 GMT
Last-Modified: Wed, 04 Jan 2023 11:43:25 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1ff94b558e810da989ee902e6936545c
59be519695865f7b2038f4c94da4cd0eb0501581
6171a3c7ba58ea1c2fc47ad9382dfb5286558a004c7d9fc3685f4d0e19739722
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:28 GMT
Etag: "63b529e3-1d7"
Server: ECS (amb/6BAC)
Content-Length: 471
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gBgJA0QE94PCSqZhRZi/Ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hexQxrYuOiCXLqflwesrDVs8xLU=
www.paintingwithatwist.com/tempe
23.253.135.119301 Moved Permanently 130 B URL HTTP/2 www.paintingwithatwist.com/tempe
IP 23.253.135.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b0fcd40445382a9c16543f4b36f2b9fe
5fd76449d055f756e62ee834b598dfb09f1a1462
e6116ebc8203637a41a216ad1c970d46734d00a05f00f2a2a26db4925a938ab7
GET /tempe HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
cache-control: private
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 23:24:28 GMT
location: /studio/tempe
x-aspnetmvc-version: 5.2
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
set-cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6; path=/
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 130
X-Firefox-Spdy: h2
www.paintingwithatwist.com/studio/tempe
23.253.135.119200 OK 12 kB URL HTTP/2 www.paintingwithatwist.com/studio/tempe
IP 23.253.135.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1238), with CRLF line terminators
Hash bd89774186173c11084526941dc33de8
ec8f08d28a19ec21a196d18e6afa0fa3a96003df
83ce08d96790c526965d96182f07f612f5a1a5c9ed2ead9950a488bee58bed4e
GET /studio/tempe HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
x-aspnetmvc-version: 5.2
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 11757
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css
104.17.24.14200 OK 18 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65352), with CRLF line terminators
Hash c7e9f749e70cbc70d6ad885b28e50f76
2ca5979384bea4d5cd8ce2c4cddf1637ee509224
40a121eb81dc6a8c9c9126686773cd3ddb832068fe57d6dd56fd0b97574379f0
GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: text/css; charset=utf-8
content-length: 17475
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03efe-22a11"
last-modified: Mon, 04 May 2020 16:12:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2958376
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXmTxsqc1AUFS902G9qR6PjMsph6EIXtAr4gY20RQm48ZFBRZ2uVaX4r9ltsQ%2BNOjPPhp7OUuVad7LwDN5diHkobXeXG9hXNxAieO6wc33R1yeySgy7P9VgPhxdMiKvaQmm2i6DW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba598f5f0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3114938
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eoosUOZbXaN5Js2Saj6xiEtJSuor02nZW%2B3lhvyzqmsX1d7091mTNuhP%2BysLMOsedbBxXk0orgAgpgBxjmXMhZ%2Bi%2FXlAwj%2FqXUgiZ%2BOdLAbDJjcsq4sAsth4slEloegJL1qPUt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba598f610b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js
104.17.24.14200 OK 1.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (5607), with CRLF line terminators
Hash b93f73af47ad554d205de896e64e4e2e
b5afe1497b81980a5ae6d4dd9bc40e0efb5acef5
69637730908765a4b1ffb1e0584924ce47950d8aca199e951c5de053c8f697b3
GET /ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 1947
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6021e167-16ef"
last-modified: Tue, 09 Feb 2021 01:12:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2953815
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSLwMD3falrMsSRklsPdByzPmVrSGI6tmHdT8TCuqPuxltsH9dLzn56o1ZKIqC7mwOA1EX8v9CGtBwSq93tBijUaQOy9l9hXOzYZHhui2voybEOBM%2BuVPIK7uRDwNZJPdYzuc6rY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba599f650b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js
104.17.24.14200 OK 37 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65357)
Hash 172957502510147292fe49ce5e236743
ffb4f0df2e82a8243abe17efba35e2d6b7edb08f
cbd06605a12a759a4422da8b945e81fa814b7a4ee82712acbab8dc9b843e4106
GET /ajax/libs/materialize/1.0.0/js/materialize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 36877
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03efe-2c375"
last-modified: Mon, 04 May 2020 16:12:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1098044
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gVxQQG4aPtECIb01Pw1Lt2rF931USj3n0SWH3V6KoD0lCrFb02rTwFIV2GgA%2FFDWpFHiy%2BPpaFS9D8WhjP0Ekn5b1WHg8L%2Bycb6bKvWWaDF8Zvmm4hXuEgGbkLmDNjZAsNkMS6c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba599f670b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js
104.17.24.14200 OK 7.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (24292)
Hash ba5982f457768a57088c572b54db5973
82841900939e7c0e2f2b9436658424f4ad0fc5b5
26dac46cc168804ca4c3edf998fe419343d9d28704e15c52c003dc0792b7496f
GET /ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 6996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c342a7-1b54"
last-modified: Fri, 11 Jun 2021 11:01:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4333886
expires: Mon, 25 Dec 2023 23:24:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FOHcXMw%2FnEYNKJTzmy87XdEP2bPnwlB0JwRpSUdGburENO8iH3wXBaZpT6CUhP6QTrrB0MzSgiS9VQ2v9z5VpEZDlc9H6bTUHCdN%2FPs2A820b6iLWe%2FwfJyOZrHW4BSYXRT%2BN79"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7847ba599f6c0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-GG8Y2XXWB6
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-GG8Y2XXWB6
IP 142.250.74.168:0
File type ASCII text, with very long lines (26337)
Hash 714f5fe9043573a92f5434c430c46790
65f1356feff3a0177e1021054945d77ea2c97950
ed01f8b5216769e0ece030582748fc75652407fe370173916e6b7d5f8d3425dc
GET /gtag/js?id=G-GG8Y2XXWB6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 23:24:29 GMT
expires: Wed, 04 Jan 2023 23:24:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79057
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paintingwithatwist.com/assets/js/mvcfoolproof.unobtrusive.min.js
23.253.135.119200 OK 1.3 kB URL HTTP/2 www.paintingwithatwist.com/assets/js/mvcfoolproof.unobtrusive.min.js
IP 23.253.135.119:0
File type ASCII text, with very long lines (3885), with no line terminators
Hash 16ce76090d4bc2fc3c414c7b35f505ea
fdbd5a7b7afca4bf9dad4b955e77a7ceff0ab50f
3c207ff6efc1659307fe2b8834097932541e447a1acd2cbaf3c71edc5e5512ad
GET /assets/js/mvcfoolproof.unobtrusive.min.js HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "803e49d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 1312
X-Firefox-Spdy: h2
www.paintingwithatwist.com/assets/js/numscroller-1.0.js
23.253.135.119200 OK 996 B URL HTTP/2 www.paintingwithatwist.com/assets/js/numscroller-1.0.js
IP 23.253.135.119:0
Hash 55fe44bcd2691d979838e3ca6b5c182d
2627c9e698ef79845f067ddcc834f0e5dd1bf5e6
02b298ac268e6dbe25bd6dd9585feb1828a5bdb9197108ee8a6bd70f02abec81
GET /assets/js/numscroller-1.0.js HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "803e49d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 996
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/logo-main.png
23.253.135.119200 OK 3.8 kB URL HTTP/2 www.paintingwithatwist.com/images/logo-main.png
IP 23.253.135.119:0
File type PNG image data, 158 x 78, 8-bit colormap, non-interlaced\012- data
Hash 1465c4cf9884721b0d369946c65e4cba
0314381f7113c609bc53b67a31c3124f231c1421
19316ae8efdffffd9ea8153287e456fbb32ef50fbac5a247666c5372d6a2d4cd
GET /images/logo-main.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "b0ba7bd0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 3785
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/text-twist.svg
23.253.135.119200 OK 2.7 kB URL HTTP/2 www.paintingwithatwist.com/images/text-twist.svg
IP 23.253.135.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2729), with no line terminators
Hash 59685f490004e199a548f40f9e512218
dcda1944fb9812775abac7b6e793de0e9a358a01
cc2406b6b82242a04d1f623672508ba57d4a45c0c253973db237b0d8aee7354c
GET /images/text-twist.svg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/svg+xml
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "c234a0d0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 2729
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-mobile-305.jpg
2.18.172.211200 OK 47 kB URL HTTP/1.1 6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-mobile-305.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Hash e41751ab9d743e1029105a0fea79b3e7
2901eff65016e142bfa90d4ef0ebbbf7a5f5e398
e3d191148d7469f2a24a1db8ce14223d67da84cf81b9dc42a7d4ebb789f144f4
GET /franchise-mobile-305.jpg HTTP/1.1
Host: 6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 30 Sep 2022 16:05:45 GMT
ETag: e41751ab9d743e1029105a0fea79b3e7
X-Trans-Id: txcb225249b34349d7a46e3-006374b4f9iad3
Content-Length: 47148
Accept-Ranges: bytes
X-Timestamp: 1664553944.70105
Content-Type: image/jpeg
Cache-Control: public, max-age=12216
Expires: Thu, 05 Jan 2023 02:48:05 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-305.jpg
2.18.172.211200 OK 47 kB URL HTTP/1.1 6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com/franchise-305.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1080x346, components 3\012- data
Hash 07c92b68559475a4337e35761588922c
47523e33db2e67c79539a864fe146cab7322bf16
8ee960a070d5ca8938e6e1441726a60ab5deb532ded0e3cc57c56e6e6259415c
GET /franchise-305.jpg HTTP/1.1
Host: 6f5295793b132e9764f4-3f2730cf5c1e4ad5dfe76e6d27af2964.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 30 Sep 2022 16:05:42 GMT
ETag: 07c92b68559475a4337e35761588922c
X-Trans-Id: txc469266a37fe478c87a03-0063a8b625iad3
Content-Length: 47074
Accept-Ranges: bytes
X-Timestamp: 1664553941.41692
Content-Type: image/jpeg
Cache-Control: public, max-age=12171
Expires: Thu, 05 Jan 2023 02:47:20 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
www.paintingwithatwist.com/assets/js/jquery.main.js
23.253.135.119200 OK 28 kB URL HTTP/2 www.paintingwithatwist.com/assets/js/jquery.main.js
IP 23.253.135.119:0
File type ASCII text, with very long lines (32026), with CRLF line terminators
Hash 2a307084466936829cd25098d6053aaf
74ffdc6725a1c93a9a37386a615e91d1a3e4b105
43e4d54613532fc1cafe7c65fd2569c6e3930ac0b5eea476417ad32a70a779bb
GET /assets/js/jquery.main.js HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "803e49d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 27762
X-Firefox-Spdy: h2
14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/9763_w.jpg
2.18.172.211200 OK 69 kB URL HTTP/1.1 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/9763_w.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 759x600, components 3\012- data
Hash 13298061915379ac734fb40a7bc614c7
915a71cd46da4deb4b1765b2e813c5643115682f
a27bf1918609b14856bdc5a53e792ec4cef645faa3b49f7f53a4c421e650bd38
GET /9763_w.jpg HTTP/1.1
Host: 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Trans-Id: tx8c29862943334e10b696e-0063b60aadiad3
Content-Length: 69184
Accept-Ranges: bytes
Last-Modified: Thu, 07 Sep 2017 18:57:11 GMT
ETag: 13298061915379ac734fb40a7bc614c7
X-Timestamp: 1504810630.48950
Content-Type: image/jpeg
Cache-Control: public, max-age=3600
Expires: Thu, 05 Jan 2023 00:24:29 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74f1075c111dd64124994b39ee0ae3e0
101362528959858eab5c7fa5bc4aba4cbda612a9
03686764c5ff393fcaba2a367f84faf9915274f33e805018ed2cccf02fb8deb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03686764C5FF393FCABA2A367F84FAF9915274F33E805018ED2CCCF02FB8DEB3"
Last-Modified: Mon, 02 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14988
Expires: Thu, 05 Jan 2023 03:34:17 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
www.paintingwithatwist.com/images/event-types/activity-takehome.jpg
23.253.135.119200 OK 5.2 kB URL HTTP/2 www.paintingwithatwist.com/images/event-types/activity-takehome.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x259, components 3\012- data
Hash be080a782814dc5849d1f48c2338077f
31be93cc84911a93880eb8bbbf17d1d72a634913
a69b9bb06ebc3356892cc8388b4f798c15aa3a4d808ac49e1e2e8f85a42118f6
GET /images/event-types/activity-takehome.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "ae18a0d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 5236
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/logo-footer.png
23.253.135.119200 OK 4.3 kB URL HTTP/2 www.paintingwithatwist.com/images/logo-footer.png
IP 23.253.135.119:0
File type PNG image data, 185 x 93, 8-bit colormap, non-interlaced\012- data
Hash 116c73749dc3ddf9ee4611daaf999ef3
312c57d5d503754bd4f15973d39e5fe1e7b62a84
4be9b17db0b07c7795e271d73bf448dfcc63f6466f28d5e142142edfe63d0e5e
GET /images/logo-footer.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "d62877d0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 4298
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/event-types/activity-events.jpg
23.253.135.119200 OK 9.3 kB URL HTTP/2 www.paintingwithatwist.com/images/event-types/activity-events.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x259, components 3\012- data
Hash f8d29bf43f6fb3bcadc284629f21b919
1289fbba9355873ca296fb12f8ea6a94c6a00cc8
d91cab3d2dc3175a9d13027ba003e024d01823b3b60747f1f83347173a715ac9
GET /images/event-types/activity-events.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "674964d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 9347
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.paintingwithatwist.com/images/event-types/activity-popin.jpg
23.253.135.119200 OK 27 kB URL HTTP/2 www.paintingwithatwist.com/images/event-types/activity-popin.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x259, components 3\012- data
Hash af1f171f1c5d5d2579a46698845ed6c1
4971cce7b3b2a9035f9d2c3219a3501d84e38f7c
696beaac23b9eec4db0eb9c91718a7c23595653aadd8351c117ff60b96477757
GET /images/event-types/activity-popin.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "c2e381d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 26584
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/event-types/event-type_date-night.jpg
23.253.135.119200 OK 25 kB URL HTTP/2 www.paintingwithatwist.com/images/event-types/event-type_date-night.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Hash 03b46d2c0ea3fcaa10298afa7e98a0c1
8d9d5a76995deca3fba3e74395ce9291e98d314f
e8d7e362ffc7db1dd60ba8ae3a59367927c45984df2e986de0d5ffdc1707460f
GET /images/event-types/event-type_date-night.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "322f96d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 24864
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/event-types/event-type_girls-night.jpg
23.253.135.119200 OK 30 kB URL HTTP/2 www.paintingwithatwist.com/images/event-types/event-type_girls-night.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Hash 5370f85fd33ade88d15e923c3e618b3a
cddfda8c5c468cc1336599b3ef0aae628256eb08
67bc6d74b0e35b660cdf2b1aea10a7683675f5790ea75f55562d647b7eb51634
GET /images/event-types/event-type_girls-night.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "4a78a1d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 30520
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 07:08:09 GMT
expires: Sat, 30 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 490580
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/img08.png
23.253.135.119200 OK 36 kB URL HTTP/2 www.paintingwithatwist.com/images/img08.png
IP 23.253.135.119:0
File type PNG image data, 308 x 415, 8-bit colormap, non-interlaced\012- data
Hash 7c2998663b2a53d67cc6e432a57792ce
cb56d665ed16b19524cba4d8fd2bb7b2536c3ef3
f845030683f075c6d92a229bb2644e116297be614afdbedd3e0e478f839e607a
GET /images/img08.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "d24569d0457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:47 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 36453
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/event-types/event-type_paint-your-pet.jpg
23.253.135.119200 OK 38 kB URL HTTP/2 www.paintingwithatwist.com/images/event-types/event-type_paint-your-pet.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Hash 4dcfa721c25585f88fd08d9d5543d306
bc7ff81b4ab7b3c826c6d11d21594aad21382536
8dc2963e49bfc5566350a659f4ef14b09be111d3b4ee72bb834cb9abf1f0fe98
GET /images/event-types/event-type_paint-your-pet.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "49fbcad7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 37515
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.227200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Dec 2022 20:33:17 GMT
expires: Fri, 29 Dec 2023 20:33:17 GMT
cache-control: public, max-age=31536000
age: 528672
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/landing/trivia-night-title.jpg
23.253.135.119200 OK 136 kB URL HTTP/2 www.paintingwithatwist.com/images/landing/trivia-night-title.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 507x318, components 3\012- data
Size 136 kB (135845 bytes)
Hash d639efe62a903b3fb59d059664d1017d
079398b1e0303f910afbc45eb3e1f39dd4db07ff
b677b800671d83134732a976022727a059b442e6a9d2367210b35d268a5a0656
GET /images/landing/trivia-night-title.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "ffcbe5458e5d81:0"
last-modified: Fri, 21 Oct 2022 14:20:54 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 135845
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/banners/homepage-alt4.jpg
23.253.135.119200 OK 72 kB URL HTTP/2 www.paintingwithatwist.com/images/banners/homepage-alt4.jpg
IP 23.253.135.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1400x935, components 3\012- data
Hash ad915d9cbfb1f5581b213f8db7a7aebc
57ae2ff6549c50f7bf6744a587f0531cb39f2240
037cef53dfef2208dfaa9a5840cedfb63406cbac8b653f7d49947d05b39039a2
GET /images/banners/homepage-alt4.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "fa72c3d6457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:58 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 72332
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/img-plus.png
23.253.135.119200 OK 579 B URL HTTP/2 www.paintingwithatwist.com/images/img-plus.png
IP 23.253.135.119:0
File type PNG image data, 24 x 28, 8-bit colormap, non-interlaced\012- data
Hash a0015933619b55d3ffd8a8f711c5f14b
c3e5bfa20d28db13fd7b640089e480fe9c2e25f5
35ad2d0d3eaa2c0be4e4d1e71d943f59d2f53a4288c4793699f180a16d2d6805
GET /images/img-plus.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/assets/css/main.css?20211015
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "bfbefcf457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:46 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 579
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 8.6 kB URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:0
Hash 75e9b2a24178c3b3dc757c23b99761c6
f83cd9d3661300688f5835822aa2aa8d884a0926
e85737d6868d3a2fcd6ecef8f3b4028186a8ae8d42f21a0dc29bae67b2650455
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 23:24:29 GMT
date: Wed, 04 Jan 2023 23:24:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/img-bg01.png
23.253.135.119200 OK 90 kB URL HTTP/2 www.paintingwithatwist.com/images/img-bg01.png
IP 23.253.135.119:0
File type PNG image data, 1400 x 438, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e1dc7c40e65e7c7a53cfc5d741ea880
44187cbd610a8ef00a2ce7a85dfad20d5cb030ae
1879d5d6b341de8cdf93da98c03fb554d3eff3dc570b1bde27de0d002bec2184
GET /images/img-bg01.png HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/png
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "513cc5cf457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:46 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 89945
X-Firefox-Spdy: h2
www.paintingwithatwist.com/assets/fonts/Celestina.woff2
23.253.135.119200 OK 42 kB URL HTTP/2 www.paintingwithatwist.com/assets/fonts/Celestina.woff2
IP 23.253.135.119:0
File type Web Open Font Format (Version 2), TrueType, length 42468, version 1.0\012- data
Hash 19ac3893618b785d116382b914b0ee1a
91cab3038045cfbdc4a510a02d41cfd92655d5b1
d6d1c5313360caa498be1d333963361ee32272167fa89f0f40a6d5c8dd0c206a
GET /assets/fonts/Celestina.woff2 HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/assets/css/main.css?20211015
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: application/font-woff2
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "de8451d1457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:49 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 42468
X-Firefox-Spdy: h2
14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/19322_w.jpg
2.18.172.211200 OK 59 kB URL HTTP/1.1 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/19322_w.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 480x600, components 3\012- data
Hash 872ccaa6a7191a07f61d53e1d38671d6
e09672dd93ac83446b8c5899a11d1b95e80b46f8
dba3dabd34390981eb2d874117916860a488678b47af51e5718f1c9bcc17bd43
GET /19322_w.jpg HTTP/1.1
Host: 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Trans-Id: tx5ce4ec888e5c41c78a341-0063b60aadiad3
Content-Length: 59136
Accept-Ranges: bytes
Last-Modified: Fri, 06 May 2022 15:49:47 GMT
ETag: 872ccaa6a7191a07f61d53e1d38671d6
X-Timestamp: 1651852186.81513
Content-Type: image/jpeg
Cache-Control: public, max-age=3600
Expires: Thu, 05 Jan 2023 00:24:29 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/18833_w.jpg
2.18.172.211200 OK 46 kB URL HTTP/1.1 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com/18833_w.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 478x600, components 3\012- data
Hash e9f6d62d37a3e5c01137fd26824ab4e9
87648a8114e381ea5593cd60b2e22e91d056a690
278b8c9a79cc07aec2731b87f3e84406e2f7da61ceac56437445852d870de08d
GET /18833_w.jpg HTTP/1.1
Host: 14d14a1b70be1f7f7d4a-0863ae42a3340022d3e557e78745c047.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Trans-Id: tx8d131b9de3aa49eb94bed-0063b60aadiad3
Content-Length: 45852
Accept-Ranges: bytes
Last-Modified: Mon, 29 Nov 2021 16:45:47 GMT
ETag: e9f6d62d37a3e5c01137fd26824ab4e9
X-Timestamp: 1638204346.24222
Content-Type: image/jpeg
Cache-Control: public, max-age=3567
Expires: Thu, 05 Jan 2023 00:23:56 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/19322_t.jpg
2.18.172.211200 OK 8.9 kB URL HTTP/1.1 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/19322_t.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 151x189, components 3\012- data
Hash 78dbca66f0e7f65c3cf1c7edeff9548b
ecb4e3a849808e827b7a02d70509cf20ad842e94
f1a504da50b9a82febb8241227e6a04b60fe3cf695a7c23641f1f52df69ab53b
GET /19322_t.jpg HTTP/1.1
Host: 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Trans-Id: txe6d6661f31594606b0815-0063b60aadiad3
Content-Length: 8880
Accept-Ranges: bytes
Last-Modified: Fri, 06 May 2022 15:49:48 GMT
ETag: 78dbca66f0e7f65c3cf1c7edeff9548b
X-Timestamp: 1651852187.08529
Content-Type: image/jpeg
Cache-Control: public, max-age=86400
Expires: Thu, 05 Jan 2023 23:24:29 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/9763_t.jpg
2.18.172.211200 OK 4.9 kB URL HTTP/1.1 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/9763_t.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 151x119, components 3\012- data
Hash 05202af7ab784597d1779212ddca18a9
8ec7506d80be8183ee5aa1ec72e0322ba1569cc3
e6aec8cccb92c908daca6cee066582f1b28dcd1d43d4e9454fde5e3de200c8a2
GET /9763_t.jpg HTTP/1.1
Host: 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Trans-Id: tx1d0e1e5c405146e48ca2a-0063b60aadiad3
Content-Length: 4946
Accept-Ranges: bytes
Last-Modified: Thu, 07 Sep 2017 20:33:05 GMT
ETag: 05202af7ab784597d1779212ddca18a9
X-Timestamp: 1504816384.86733
Content-Type: image/jpeg
Cache-Control: public, max-age=86347
Expires: Thu, 05 Jan 2023 23:23:36 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/18833_t.jpg
2.18.172.211200 OK 8.2 kB URL HTTP/1.1 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com/18833_t.jpg
IP 2.18.172.211:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 151x189, components 3\012- data
Hash 0ba69a6747f09df25faab1694d736066
7b06eb7de1ad256099a8a4fefb862a1cb23dbd4a
282e7b013f065eb6a1ddd8d1bac53ac560c846384fc28e1e599a880bf17efcfb
GET /18833_t.jpg HTTP/1.1
Host: 10552c3a7f59f38d9c1e-85e0a6ebf056f3519dc1e8ddd4c6d0d6.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Trans-Id: txf2b1eebb4f8f4457b3b77-0063b60aadiad3
Content-Length: 8180
Accept-Ranges: bytes
Last-Modified: Mon, 29 Nov 2021 16:45:47 GMT
ETag: 0ba69a6747f09df25faab1694d736066
X-Timestamp: 1638204346.28391
Content-Type: image/jpeg
Cache-Control: public, max-age=86399
Expires: Thu, 05 Jan 2023 23:24:28 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 0ab78a7816d99f089c0b136921dbe219
ae1bdfff7302340978779365ded4685d7965cb52
cd63044ee02e59038211ce995b7954c90cdf3a08bde51edd94e2b308131d48a0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 04 Jan 2023 23:24:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 22:24:09 GMT
Expires: Thu, 05 Jan 2023 22:24:09 GMT
ETag: "ae1bdfff7302340978779365ded4685d7965cb52"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 60994c3fe7f2713299eb28da6fc637f0
896512094967e65904342fa041072f10cf04b0cf
ff6de6b9eee316cff10d6a988f9c55c5aaad09dec5bc607e65f8c9f1ee5d7124
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2881
Cache-Control: max-age=144042
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:29 GMT
Etag: "63b58f16-117"
Expires: Fri, 06 Jan 2023 15:25:11 GMT
Last-Modified: Wed, 04 Jan 2023 14:37:10 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Thu, 05 Jan 2023 01:15:09 GMT
Date: Wed, 04 Jan 2023 23:24:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e35c08d-9d47-44e2-a839-cbcbd7ba499e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e35c08d-9d47-44e2-a839-cbcbd7ba499e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f47bd2c920099c071d5d6d8383915e04
502f6afdccb731d96e5ac3e69dbf91712149fcbc
84bc8c89c2686c1af0796b26c00a032fec455352c6e28f901ff0f49748ac0260
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e35c08d-9d47-44e2-a839-cbcbd7ba499e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ba145acc-8f57-4ff1-8861-d016b1981f18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKywH9eIAMFn7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1ab-5031d35e2516bdd77e37a5b2;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YrJunMQc2sabIeNnv27zFhzD1P6ixBtEf505GSeIL3yosiy_vpf7Ew==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:57:10 GMT
age: 5239
etag: "502f6afdccb731d96e5ac3e69dbf91712149fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb431a43a-b1a3-46f7-8e91-9f652b2d5add.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb431a43a-b1a3-46f7-8e91-9f652b2d5add.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1baebae9058866bc7c9baf0fa75211a9
beab584d0b8be1795ca594d075599e4631cf0224
7ad66c6e81e4f04613b4fcc7273fc631b31e9e20b3f1c749b63dd1245b0cb3c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb431a43a-b1a3-46f7-8e91-9f652b2d5add.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6834
x-amzn-requestid: 90b5cd1d-ce5a-4e98-b521-b57c49bbfd23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKyuG_cIAMFrBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1aa-57ca38951d902f4e2bcbbfa5;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PVMOxqMGUHtV8nkSf-cjar4ZvtugWyfUV0u8wsTTB_Tz2G3y2krczA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:49:21 GMT
age: 5708
etag: "beab584d0b8be1795ca594d075599e4631cf0224"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 17ccfd69-0d12-42ac-b111-059a68735e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCutmF7mIAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f7f0-5e1653641a0303815656a578;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:03:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nR6vOzio5JonZZq2SZTwpYBaOUlL9Dw5ntz93jS__r16JEGVqc8Xhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 06:06:12 GMT
age: 62297
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f22f65ce84ef540224278e198edbe5dd
e64e4d49a0a630036019dbb06a8e5a526323975f
ad334d8c521c61a83836cecc0c2b2e19381d361c75a8f79a2c00536fdad5f4df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7329
x-amzn-requestid: 0ffe55a3-cf07-43cd-b4df-4187d2e2686a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVzQFCVIAMFtww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39ce1-1ddb337722ed75aa22e9637a;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:11:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3vR1Lk9_7Cde_rqOrhIxG9afQbr6agHxi2_3lBuSEWmXQAlnW5qokA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:36:23 GMT
age: 71287
etag: "e64e4d49a0a630036019dbb06a8e5a526323975f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p4EQ0DgVF1JVg9r4rzbQsRzgFgqX3Ke8tWzeUHAXGXrawUAhssi71A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:38:33 GMT
age: 56757
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4148f46-96a7-4939-96bb-68a4dfd7d78e.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4148f46-96a7-4939-96bb-68a4dfd7d78e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64a319c9177608c935ab9266fb6340bf
736103d51a827f76da95e5a6839b27278ed1e41e
3ab12956a0acb1479b54cc9205756aea575cd03c56c56901bc2dcd71e25db0d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4148f46-96a7-4939-96bb-68a4dfd7d78e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9560
x-amzn-requestid: 508636ac-4f34-473e-a9f5-b411a56fabd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePK0PGE7oAMF4dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1b4-00dcf18377c4c3275b9971f4;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xl2aatuyW0-dKh9Uu-Rtx6IXngiBS833lq4TL3Sun3KD2JKw0vo7DQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:58:12 GMT
age: 5178
etag: "736103d51a827f76da95e5a6839b27278ed1e41e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value
35.83.209.52200 OK 3.8 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value
IP 35.83.209.52:0
File type ASCII text, with very long lines (14420), with no line terminators
Hash e3c6b903983c720d4e349bb1bf4972d4
8df0acfcda57db3ac1e4677ef259683bdbadb20d
82e681774ef8e013a9cfcd05e0145edc7e28cfac368f745e682ba80d37401d4f
GET /spx?dxver=4.0.0&shaid=33497&tdr=&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Wed, 04 Jan 2023 23:24:29 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
trackcmp.net/t_prism_sitemessages.php?trackid=25570710&prismid=e278d761-c29a-405a-89f9-2c37e7be671c&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe
172.64.145.151200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=25570710&prismid=e278d761-c29a-405a-89f9-2c37e7be671c&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe
IP 172.64.145.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=25570710&prismid=e278d761-c29a-405a-89f9-2c37e7be671c&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:30 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-envoy-upstream-service-time: 22
x-powered-by: PHP/8.1.13
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7847ba5f5bb51c16-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 04 Jan 2023 22:41:11 GMT
expires: Thu, 05 Jan 2023 00:41:11 GMT
cache-control: public, max-age=7200
age: 2599
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GG8Y2XXWB6>m=2oebu0&_p=1229881401&cid=1060161976.1672874660&ul=en-us&sr=1280x1024&_s=1&sid=1672874659&sct=1&seg=0&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GG8Y2XXWB6>m=2oebu0&_p=1229881401&cid=1060161976.1672874660&ul=en-us&sr=1280x1024&_s=1&sid=1672874659&sct=1&seg=0&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GG8Y2XXWB6>m=2oebu0&_p=1229881401&cid=1060161976.1672874660&ul=en-us&sr=1280x1024&_s=1&sid=1672874659&sct=1&seg=0&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.paintingwithatwist.com
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ec4eb5276a6872b64135f424c57124
261ffe8ee941a2e48eb12bb5f6e5d6bc0b8e6344
38dc5616ee5568e1714ea7364b2578af0e854599f46e699fa97990bd1154da66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 624
Cache-Control: max-age=129538
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Etag: "63b55f40-1d7"
Expires: Fri, 06 Jan 2023 11:23:28 GMT
Last-Modified: Wed, 04 Jan 2023 11:13:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4
172.217.21.162200 OK 970 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2112), with no line terminators
Hash 6b3cbca8894f8c128909f294611c0a84
c5c4f3da157f30d6750e2e413327c78e2328a9e5
8ea1d40f13822bab42f3fcdf62d1d81106a3f481280ec27e6fd4c9ac4bfdc956
GET /pagead/viewthroughconversion/730460011/?random=1672874659830&cv=11&fst=1672874659830&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 970
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Jan-2023 23:39:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 943 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2081), with no line terminators
Hash 20b2c59ea622b687db4514f9761b81c4
234b2c769ce53169cf42269b362a3e2243bbc99f
457d5f992228d8e25eb8183e7b645fe424098773443bad9f27cec9c86407bec6
GET /pagead/viewthroughconversion/601555795/?random=1672874659925&cv=11&fst=1672874659925&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&auid=642879271.1672874660&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 943
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Jan-2023 23:39:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1229881401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&ul=en-us&de=UTF-8&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAACAAI~&jid=1016736680&gjid=303473865&cid=1060161976.1672874660&tid=UA-16182957-1&_gid=1456507001.1672874660&_r=1&_slc=1&z=934991288
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1229881401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&ul=en-us&de=UTF-8&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAACAAI~&jid=1016736680&gjid=303473865&cid=1060161976.1672874660&tid=UA-16182957-1&_gid=1456507001.1672874660&_r=1&_slc=1&z=934991288
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=1229881401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&ul=en-us&de=UTF-8&dt=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAACAAI~&jid=1016736680&gjid=303473865&cid=1060161976.1672874660&tid=UA-16182957-1&_gid=1456507001.1672874660&_r=1&_slc=1&z=934991288 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.paintingwithatwist.com
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paintingwithatwist.com/favicon.ico
23.253.135.119200 OK 15 kB URL HTTP/2 www.paintingwithatwist.com/favicon.ico
IP 23.253.135.119:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b26b095dc7228be183f501842e9dbc13
91fd954bd69feff368f26c1bad67665ccf851116
5b5725c2ee54d29b627125b6ea40fa5d8fc666ce42f376c73b2619f305d70864
GET /favicon.ico HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6; _ga_GG8Y2XXWB6=GS1.1.1672874659.1.0.1672874659.0.0.0; _ga=GA1.1.1060161976.1672874660; _gcl_au=1.1.642879271.1672874660; prism_25570710=e278d761-c29a-405a-89f9-2c37e7be671c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/x-icon
date: Wed, 04 Jan 2023 23:24:29 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "2b412dc9457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:35 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 15406
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2XHzxdzwH1U92eV99qgP+n1AbQ1jbJrwYNqO7ETfLYwfNP4RyyEJkyV4Iyq19aEjjVLSIcHu1xDSNld5HJzI+w==
content-length: 27298
x-fb-trip-id: 1679558926
date: Wed, 04 Jan 2023 23:24:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b815e7b1a5f00b7cff7f2a68bb723f77
c944dc7284f4758dfebbd1b8ab4b7b327259f651
f1701c75e48206c4405afcd5a60ae3141ff4db9f811ec9ab4cdd9090af666f26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ec4eb5276a6872b64135f424c57124
261ffe8ee941a2e48eb12bb5f6e5d6bc0b8e6344
38dc5616ee5568e1714ea7364b2578af0e854599f46e699fa97990bd1154da66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 624
Cache-Control: max-age=129538
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Etag: "63b55f40-1d7"
Expires: Fri, 06 Jan 2023 11:23:28 GMT
Last-Modified: Wed, 04 Jan 2023 11:13:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16182957-1&cid=1060161976.1672874660&jid=1016736680&gjid=303473865&_gid=1456507001.1672874660&_u=IADAAEAAAAAAACAAI~&z=1768519676
142.251.1.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16182957-1&cid=1060161976.1672874660&jid=1016736680&gjid=303473865&_gid=1456507001.1672874660&_u=IADAAEAAAAAAACAAI~&z=1768519676
IP 142.251.1.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16182957-1&cid=1060161976.1672874660&jid=1016736680&gjid=303473865&_gid=1456507001.1672874660&_u=IADAAEAAAAAAACAAI~&z=1768519676 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.paintingwithatwist.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/730460011/?random=1672874659830&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=uoNVCIHhmagBEOvep9wC&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&fmt=3&is_vtc=1&random=420115343&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/601555795/?random=1672874659925&cv=11&fst=1672873200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&tiba=Paint%2C%20Sip%20Wine%2C%20have%20fun%20at%20our%20Tempe%2C%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=849558411&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 23:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 974e444c7b66a760e0fdec04b8bebb82
23d1de086afcfbdedbd5c60fcef69c88b840b448
458cf84b0a13820b027dfeafe101e87d2cc692fc998dc0347268df5afd816aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c8811382bcd40ec65e7a6e339e94904
38d741442c52bcdde863d1a2d593ce0c81c7efbd
ce5c1060c028784381224586783b9b0943fd14947bb15bb38e6d401a1a221c23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 23:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 25338094bc946c04342abe561f2c0651
8a4f5ed3fcd4aa0305ecbb817d5e6ebe94633c7f
71c024ec947b6570f10ce74f5c4b7575656b037d5e91e75958aa7f0133921258
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 23:24:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 13:02:16 GMT
Expires: Mon, 09 Jan 2023 13:02:15 GMT
Etag: "8a4f5ed3fcd4aa0305ecbb817d5e6ebe94633c7f"
Cache-Control: max-age=394064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7847ba61de2fb4e8-OSL
44.228.85.26/is
44.228.85.26200 OK 32 B IP 44.228.85.26:0
File type ASCII text, with no line terminators
Hash 4d708d9354da78dafc3411958ac9c821
8f352d28d45733eb704363f5587c1213867346aa
c13cb3ca406b1c667481d8f92d73b5bac4577346eb14a6fa5ee94ab9ecfa2b23
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 44.228.85.26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paintingwithatwist.com/
Origin: https://www.paintingwithatwist.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
www.facebook.com/tr/?id=1875383692726736&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661581&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1875383692726736&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661581&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1875383692726736&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661581&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Jan 2023 23:24:31 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2265277603725722&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661586&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2265277603725722&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661586&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2265277603725722&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661586&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Jan 2023 23:24:31 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=701969987823556&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661583&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
157.240.200.35200 OK 172 kB URL HTTP/2 www.facebook.com/tr/?id=701969987823556&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661583&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET
IP 157.240.200.35:0
File type gzip compressed data, from Unix\012- data
Size 172 kB (171825 bytes)
Hash d610311d381d94fed1d5867602a4486b
a943b916b3119edc4496596554a2add3233016df
3d9482b37453c298d08f57e4d33f3e2607a06a4812c8cf6e49e15187785da0e9
GET /tr/?id=701969987823556&ev=PageView&dl=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&rl=&if=false&ts=1672874661583&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672874661580.2037555476&it=1672874660565&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Jan 2023 23:24:31 GMT
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C
52.37.218.4200 OK 1.2 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C
IP 52.37.218.4:0
File type ASCII text, with very long lines (2323)
Hash d6d096517b736b7e97d4c773e157bc08
00c7e2c1fd3e73f952901ef81d17e5de3de2d035
f854bd16c7fec8d37c660ce8ebf7d0105e44f13af12c4e697b986715d48c4461
GET /st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&cb=29368533417785250term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:31 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=f10d4b97-8c86-11ed-8e19-65514302066e;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
gs.mountain.com/gs
35.81.162.201200 OK 144 B IP 35.81.162.201:0
File type ASCII text, with no line terminators
Hash 8b2ba37054b141324cb2733c48fca4a6
4751df38c1ba8a33129b6390a2652244c1abdf03
884e39592ab27288845c4806665f888b42586c7cffdcc54ea7dcc8c8822203fa
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Cookie: guid=f10d4b97-8c86-11ed-8e19-65514302066e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369
52.37.218.4200 OK 1.3 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369
IP 52.37.218.4:0
File type ASCII text, with very long lines (5401), with no line terminators
Hash 3686f81b191ae505b6a3e79536fd67c6
62a42d0217a783f5625bdc2598930c1418176b12
d1168004f1374cad909b96158f64cda23c2e934b96da0c7bc7a78400df86e294
GET /st?ga_tracking_id=UA-16182957-1&ga_client_id=1060161976.1672874660&shpt=Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-16182957-1%22%2C%22ga_client_id%22%3A%221060161976.1672874660%22%2C%22shpt%22%3A%22Paint%20Sip%20Wine%20have%20fun%20at%20our%20Tempe%20AZ%20Paint%20Studio%20%7C%20Painting%20with%20a%20Twist%22%2C%22dcm_cid%22%3A%221672874659.1%22%2C%22dcm_gid%22%3A%221456507001.1672874660%22%2C%22mntnis%22%3A%22L%2BFuyVcGQ6%2BiVGR5DxwOwWdddhm2Iys6%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1672874659.1&dcm_gid=1456507001.1672874660&dxver=4.0.0&shaid=33497&plh=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe&shadditional=googletagmanager%3Dtrue%2C&cb=1672874671604829&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672874672369 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Cookie: guid=f10d4b97-8c86-11ed-8e19-65514302066e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 04 Jan 2023 23:24:33 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt="H4sIAAAAAAAAAKtW8guKNzY2sTSPN7IwtlCyMtBBEjG3NAaLlClZGekoISszNDM3sjA3MTM3NrAwrgUA7PaY5UYAAAA=";Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzM0OTc6MTY3Mjg3NDY3Mw==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=f10d4b97-8c86-11ed-8e19-65514302066e;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 13
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 87 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
File type gzip compressed data, from Unix\012- data
Hash 1d546fe2d005c33beb9e2b54dc413ed5
87fd810e6ac09ba5c3bf1c3d55aea61c1861597a
9047bf96ffa1e6f8a89cf4f3666a4cfedf59db8948c15398e0492214239fbf56
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 23:24:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 08 Jan 2023 20:17:01 GMT
ETag: "a2d22971ef07dccb540c74e0a93dbd0c34089ec9"
Last-Modified: Wed, 04 Jan 2023 20:17:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3075
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7847ba741ea3b524-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 4cb80580d0803d5062020939cd3c6c97
a2d22971ef07dccb540c74e0a93dbd0c34089ec9
1c82b0d3e2218cb1565c89eae932653491c7125047d705a826b9361c37ab9fa8
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 23:24:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 08 Jan 2023 20:17:01 GMT
ETag: "a2d22971ef07dccb540c74e0a93dbd0c34089ec9"
Last-Modified: Wed, 04 Jan 2023 20:17:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3075
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7847ba741bb9fac0-OSL
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=f10d4b97-8c86-11ed-8e19-65514302066e&gdpr=&gdpr_consent=
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=f10d4b97-8c86-11ed-8e19-65514302066e&gdpr=&gdpr_consent=
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=f10d4b97-8c86-11ed-8e19-65514302066e&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:33 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash caeb8110d6451a09f92d0603994d82d8
cca8920d92a37b0b1e4f019a10674052c1b8dcbe
622aeb4a54a3cb82191e8d1f238ad9f5a86262fdedbc3e4b03426e4fb86493a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11838
x-amzn-requestid: aabfce3c-15dc-4de0-910c-ca2d24d4fc81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVmBE8HIAMFa_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39c8c-16a130601f6ccd3513485a7c;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:10:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtL5oh76QUNUzUHwTW6FHkamUukqDkdsjmO10KCWGnijLxcc3oLnLg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 05:22:07 GMT
age: 64949
etag: "cca8920d92a37b0b1e4f019a10674052c1b8dcbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,300,400,500,600,700%7CRoboto:500&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,300,400,500,600,700%7CRoboto:500&display=swap
IP 142.250.74.106:0
GET /css?family=Montserrat:100,300,400,500,600,700%7CRoboto:500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 23:24:29 GMT
date: Wed, 04 Jan 2023 23:24:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paintingwithatwist.com/images/event-types/activity-private.jpg
23.253.135.119200 OK 0 B URL HTTP/2 www.paintingwithatwist.com/images/event-types/activity-private.jpg
IP 23.253.135.119:0
GET /images/event-types/activity-private.jpg HTTP/1.1
Host: www.paintingwithatwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/studio/tempe
Cookie: X-Mapping-fjhppofk=80861DDBFC7C026798F47A2BF4D313A6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/8.5
content-type: image/jpeg
date: Wed, 04 Jan 2023 23:24:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://c5d09e4dde1ed5344aab-92274ace7e84ee4d27ca2a6920e2d585.ssl.cf5.rackcdn.com
etag: "45896d7457ad81:0"
last-modified: Tue, 07 Jun 2022 08:08:59 GMT
x-frame-options: deny
x-powered-by: ASP.NET
access-control-allow-methods: *
access-control-allow-headers: *
content-length: 20082
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 0 B URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:0
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 231
server: cloudflare
cf-ray: 7847ba5b7fdab4e8-OSL
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=0k2y2lb&ct=0:l4rcz95&fmt=3
35.71.131.137200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=0k2y2lb&ct=0:l4rcz95&fmt=3
IP 35.71.131.137:0
GET /track/evnt/?adv=0k2y2lb&ct=0:l4rcz95&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:33 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
prism.app-us1.com/?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe
IP 104.17.145.91:0
GET /?a=25570710&u=https%3A%2F%2Fwww.paintingwithatwist.com%2Fstudio%2Ftempe HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paintingwithatwist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 23:24:29 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_25570710=e278d761-c29a-405a-89f9-2c37e7be671c; expires=Fri, 03-Feb-2023 23:24:29 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 48
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7847ba5da84bb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2