urlscan.io logo urlscan.io
SecurityTrails logo

www.2brushstrokes.com Open in urlscan Pro
66.235.200.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.2brushstrokes.com/
Effective URL: https://www.2brushstrokes.com/
Submission: On March 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 41 HTTP transactions. The main IP is 66.235.200.28, located in Burlington, United States and belongs to CLOUDFLARENET, US. The main domain is www.2brushstrokes.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on June 18th 2019. Valid for: a year.
This is the only time www.2brushstrokes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 66.235.200.28 13335 (CLOUDFLAR...)
1 2606:2800:133... 15133 (EDGECAST)
3 35.190.14.35 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 40.87.65.131 8075 (MICROSOFT...)
3 52.239.140.10 8075 (MICROSOFT...)
4 13.92.180.208 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
41 17
14    66.235.200.28 (Burlington, United States)

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com
www.2brushstrokes.com
1    2606:2800:133:f17:19e8:2356:251b:2a9 (United States)

ASN15133 (EDGECAST, US)
149b4.wpc.azureedge.net
3    35.190.14.35 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 35.14.190.35.bc.googleusercontent.com
components.mywebsitebuilder.com
3    2a00:1450:4001:809::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    40.87.65.131 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
localize.uat.mywebsitebuilder.com
3    52.239.140.10 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wzuk.blob.core.windows.net
4    13.92.180.208 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
in-us-east-event-hubs.servicebus.windows.net
1    2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
3    2606:4700::6810:f905 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
forms.hubspot.com
3    2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
track.hubspot.com
1    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
Domain Requested by
14 www.2brushstrokes.com 1 redirects components.mywebsitebuilder.com
www.2brushstrokes.com
4 in-us-east-event-hubs.servicebus.windows.net 149b4.wpc.azureedge.net
www.2brushstrokes.com
3 wzuk.blob.core.windows.net components.mywebsitebuilder.com
3 storage.googleapis.com www.2brushstrokes.com
3 components.mywebsitebuilder.com www.2brushstrokes.com
components.mywebsitebuilder.com
2 track.hubspot.com
2 api.hubspot.com js.usemessages.com
www.2brushstrokes.com
1 cdn2.hubspot.net
1 forms.hubspot.com js.hsleadflows.net
1 forms.hsforms.com www.2brushstrokes.com
1 app.hubspot.com js.usemessages.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 localize.uat.mywebsitebuilder.com 149b4.wpc.azureedge.net
1 js.hs-scripts.com www.2brushstrokes.com
1 149b4.wpc.azureedge.net www.2brushstrokes.com
41 18

This site contains no links.

Subject Issuer Validity Valid
www.2brushstrokes.com
CloudFlare Inc ECC CA-2		 2019-06-18 -
2020-06-17		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.mywebsitebuilder.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-05 -
2020-09-28		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
ssl817718.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-21 -
2020-07-29		 6 months crt.sh
*.uat.mywebsitebuilder.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-05 -
2020-09-28		 2 years crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 2		 2020-01-27 -
2022-01-27		 2 years crt.sh
servicebus.windows.net
Microsoft IT TLS CA 1		 2019-08-27 -
2021-08-27		 2 years crt.sh
ssl817703.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-21 -
2020-07-29		 6 months crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-06 -
2020-05-14		 6 months crt.sh
ssl803673.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-06 -
2020-05-14		 6 months crt.sh
ssl817706.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-21 -
2020-07-29		 6 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2		 2019-12-04 -
2020-10-09		 10 months crt.sh
ssl431287.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-01 -
2020-07-09		 6 months crt.sh
hubspot.net
CloudFlare Inc ECC CA-2		 2020-03-16 -
2020-10-09		 7 months crt.sh

This page contains 3 frames:

Primary Page: https://www.2brushstrokes.com/
Frame ID: 6A188B56B7B3190B0F58A59C93817AEF
Requests: 40 HTTP requests in this frame

Frame: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1584468088143&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8iLCJ3elNpemUiOnsid2lkdGgiOjQwMCwiaGVpZ2h0Ijo0MDB9fQ%3D%3D
Frame ID: B64263F7181FFCA37A516E6AC8B3016A
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/a352362af3b64293b2032c916fe4f779?uuid=00478d8a75de4c2a99dd420b277f70c2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=a352362af3b64293b2032c916fe4f779&url=https%3A%2F%2Fwww.2brushstrokes.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false
Frame ID: 9FD510B05244023B0A0786A431DBEFDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.2brushstrokes.com/ HTTP 302
    https://www.2brushstrokes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

41
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

2053 kB
Transfer

4256 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.2brushstrokes.com/ HTTP 302
    https://www.2brushstrokes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.2brushstrokes.com/
Redirect Chain
  • http://www.2brushstrokes.com/
  • https://www.2brushstrokes.com/
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
fce037af9ce160a8e1d9abfa9e5b46d6b607ca7e9650e5976e47a27897380514

Request headers

:method
GET
:authority
www.2brushstrokes.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d73950217461d0c83bff1814f3afd766b1584468086
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 17 Mar 2020 18:01:27 GMT
content-type
text/html
cf-ray
57589e889a4dd729-FRA
age
248838
last-modified
Fri, 28 Feb 2020 14:59:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
CB/KV5Ab2Czm7xx0JWz/XA==
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ms-blob-type
BlockBlob
x-ms-creation-time
Mon, 30 Dec 2019 09:02:36 GMT
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
1d7ef7a7-401e-0004-7a42-fa826e000000
x-ms-server-encrypted
true
x-ms-version
2018-03-28
x-worker-version
1.0.0
server
cloudflare
content-encoding
br

Redirect headers

Date
Tue, 17 Mar 2020 18:01:27 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
__cfduid=d73950217461d0c83bff1814f3afd766b1584468086; expires=Thu, 16-Apr-20 18:01:26 GMT; path=/; domain=.www.2brushstrokes.com; HttpOnly; SameSite=Lax
Location
https://www.2brushstrokes.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
57589e86c8a8d711-FRA
t.js
149b4.wpc.azureedge.net/80149B4/insights/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202002181202533198
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:f17:19e8:2356:251b:2a9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA5) /
Resource Hash
a015ca1e691b49e6b2ace57963ae217787f08b5b0a838f818a25e524d6a92164

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 18:01:27 GMT
content-encoding
gzip
age
2436619
x-cache
HIT
status
200
content-length
6620
x-aspnetmvc-version
4.0
last-modified
Tue, 18 Feb 2020 13:11:08 GMT
server
ECAcc (frc/8EA5)
etag
-674198720
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-headers
Origin, Content-Type, Accept, Authorization
expires
Wed, 17 Mar 2021 18:01:27 GMT
viewer.css
components.mywebsitebuilder.com/g-202002181202533198/viewer-gator/ 		143 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/g-202002181202533198/viewer-gator/viewer.css
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.14.35 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eb432a1953c47da72aaea376cf04ac4090d45bd668986f6233ad0f06ed237b8b

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 26 Feb 2020 23:45:53 GMT
content-encoding
gzip
age
1707334
status
200
x-guploader-uploadid
AEnB2UqHzEFrNow5mIiewxaQMFHJGqKFlAjtc76alaGGo3yTR-tF1HRiYge_ov5D7V13CCNIq19x7IsYkzqxoev98lT15-4Xd_V5UGZ0DwrvVj5zndlEtFc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
21683
last-modified
Tue, 18 Feb 2020 12:22:08 GMT
server
UploadServer
etag
"0635c86694d9c6a79778788fcec04a23"
vary
Accept-Encoding
x-goog-hash
crc32c=tOOrVA==, md5=BjXIZpTZxqeXeHiPzsBKIw==
x-goog-generation
1582028528396815
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
21683
accept-ranges
bytes
content-type
text/css
expires
Thu, 25 Feb 2021 23:45:53 GMT
viewer.js
components.mywebsitebuilder.com/g-202002181202533198/viewer/ 		2 MB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/g-202002181202533198/viewer/viewer.js
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.14.35 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
675728a0e5978735a53907f1be61fda4ea70c2f8ad2f103e89b1f8a1fe21fabe

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 12:28:04 GMT
content-encoding
gzip
age
2439203
status
200
x-guploader-uploadid
AEnB2Urn-rOxlJCPzRMBs5uRgUTnXeSxBuX5Sk7rHEoh7Kb_3lByAUcq5EeDu6jBFVLCkHLNFY2RUbxng9Qd3hNb9ANd_ATwGcCmYjeY9ACYjFFcpmg6F1s
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
533533
last-modified
Tue, 18 Feb 2020 12:22:07 GMT
server
UploadServer
etag
"b639fe8f74ad5f65fe8debd8a0213202"
vary
Accept-Encoding
x-goog-hash
crc32c=MuT9MQ==, md5=tjn+j3StX2X+jevYoCEyAg==
x-goog-generation
1582028527669086
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
533533
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 17 Feb 2021 12:28:04 GMT
04654738bdf140a3b7ff943d30ebee2a.js
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/04654738bdf140a3b7ff943d30ebee2a.js?1582901963
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
21a477eab203bfda6a4cf7ce8be3fc5bfa0d431ff640f0291c9d0d8a77cf7f1d

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 18:01:27 GMT
status
200
x-guploader-uploadid
AEnB2Up00g3pYH6NOIUvxMLSnvBg5P8bF4Y-0M5emWEI5R1VE6OkRcFzqI0pek2iHAY2OgY48SQLc4o0CcOXGNuJIPx8X9S8FA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23654
last-modified
Fri, 28 Feb 2020 14:59:19 GMT
server
UploadServer
etag
"b6d3d2a891af7a25830415684c1312f3"
x-goog-hash
crc32c=zMfBpg==, md5=ttPSqJGveiWDBBVoTBMS8w==
x-goog-generation
1582901959132784
cache-control
public, max-age=3600
x-goog-stored-content-length
23654
accept-ranges
bytes
content-type
application/json
expires
Tue, 17 Mar 2020 19:01:27 GMT
893d1b9cb8aa4a3c89486949375ba278.js
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 		138 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/893d1b9cb8aa4a3c89486949375ba278.js?1582901963
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6bcbf57535c46a7b14d163e9dc73f33f4a4adafd8d93ae59759fa134ac3a0826

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 18:01:27 GMT
status
200
x-guploader-uploadid
AEnB2UoiQEsmcZaPk5cXGcvNAmpDitSMaKix4LgnJXEmPR-7PhCjszjnAkvu0MJ8Ba4gQgGWPuTBS4s1VbCM4So9C1xy7MjNvg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
141220
last-modified
Fri, 28 Feb 2020 14:58:55 GMT
server
UploadServer
etag
"b0b00cbadd3828b37c1fb409e3a33cd3"
x-goog-hash
crc32c=6AIpHA==, md5=sLAMut04KLN8H7QJ46M80w==
x-goog-generation
1582901935373236
cache-control
public, max-age=3600
x-goog-stored-content-length
141220
accept-ranges
bytes
content-type
application/json
expires
Tue, 17 Mar 2020 19:01:27 GMT
16d53bd37a90439f8e00a180e31a1b6b.js
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 		81 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/16d53bd37a90439f8e00a180e31a1b6b.js?1582901963
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bede9d931b99e557db04d9970e5621f47d7fc08279793b8487efaefd853b63fa

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 18:01:27 GMT
status
200
x-guploader-uploadid
AEnB2Uo4yS6fxeDleCQaEwt1iEtk4Ca2wsNIlQK2DMtdzTPAVj_tpfb8Y5zPHwkXgFgxNISw8KJ5XuNUgVaOpviT3eTBMzACjw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
82439
last-modified
Fri, 28 Feb 2020 14:58:55 GMT
server
UploadServer
etag
"e0602364f77cc39774070f7595e66ffc"
x-goog-hash
crc32c=h4PYow==, md5=4GAjZPd8w5d0Bw91leZv/A==
x-goog-generation
1582901935466874
cache-control
public, max-age=3600
x-goog-stored-content-length
82439
accept-ranges
bytes
content-type
application/json
expires
Tue, 17 Mar 2020 19:01:27 GMT
4764964.js
js.hs-scripts.com/ 		2 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4764964.js
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a75c31d6f11651da62a5622682b5a2d0cd03b8eb1d909380e2ca4a0c43545e35

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 18:01:27 GMT
content-encoding
gzip
cf-cache-status
MISS
status
200
access-control-max-age
3600
content-length
548
server
cloudflare
x-trace
2BC172A0164A276EDF0383826FFD9A52CEA486AC15000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.2brushstrokes.com
cache-control
public, max-age=60
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
57589e8aedd3c2b8-FRA
expires
Tue, 17 Mar 2020 18:02:27 GMT
/
localize.uat.mywebsitebuilder.com/ 		25 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://localize.uat.mywebsitebuilder.com/
Requested by
Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202002181202533198
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.87.65.131 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
9e561bd18a5f121526634a0a7120d38f16d5f03bb1a298904d684e491352fde0

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Mar 2020 18:01:27 GMT
Content-Encoding
gzip
Server
Kestrel
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ee4ea65db6fe9c920d6844298f9ac16152841c7813f02c5d8c7da29f49b60a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
embed-html.html
components.mywebsitebuilder.com/extern/embed-html/ Frame B642 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1584468088143&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8iLCJ3elNpemUiOnsid2lkdGgiOjQwMCwiaGVpZ2h0Ijo0MDB9fQ%3D%3D
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/g-202002181202533198/viewer/viewer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.14.35 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
components.mywebsitebuilder.com
:scheme
https
:path
/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1584468088143&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8iLCJ3elNpemUiOnsid2lkdGgiOjQwMCwiaGVpZ2h0Ijo0MDB9fQ%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.2brushstrokes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.2brushstrokes.com/

Response headers

status
200
x-guploader-uploadid
AEnB2UoZH7LtQroo5Bwr59SqFEed_hROE5ZBD-B_fSx3S6Bg6VZhAuVvxFtIr5cTgyYHfb7NrhbP54n5C69MFxlSIXwpauA5JQ
expires
Tue, 17 Mar 2020 18:34:39 GMT
date
Tue, 17 Mar 2020 17:34:39 GMT
last-modified
Mon, 18 Mar 2019 10:01:46 GMT
etag
"d764867dd92feb4a5db43b1421dae81e"
x-goog-generation
1552903306346559
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2212
content-type
text/html
x-goog-hash
crc32c=u8oTFg== md5=12SGfdkv60pdtDsUIdroHg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
2212
access-control-allow-origin
*
access-control-expose-headers
Content-Type
server
UploadServer
age
1609
cache-control
public, max-age=3600
alt-svc
clear
1aJZYUlSkk6puu4aOD3swQ.woff
wzuk.blob.core.windows.net/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wzuk.blob.core.windows.net/assets/fonts/1aJZYUlSkk6puu4aOD3swQ.woff
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/g-202002181202533198/viewer/viewer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 17 Mar 2020 18:01:27 GMT
x-ms-copy-progress
21704/21704
x-ms-copy-source
https://webzaitest.blob.core.windows.net/assets/fonts/1aJZYUlSkk6puu4aOD3swQ.woff
x-ms-copy-status
success
Content-Length
21704
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Mon, 28 Jul 2014 14:52:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D1788AAFC21BEE"
x-ms-copy-completion-time
Mon, 28 Jul 2014 14:52:28 GMT
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
1d0e95e6-d01e-0042-0286-fc0c42000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control
public, max-age=31536000
x-ms-version
2013-08-15
x-ms-copy-id
741e6713-78d4-49e4-a8cf-5c8744a5c1bc
Accept-Ranges
bytes
I7CsSHRfZ0GB3AlD-DX-CQ.woff
wzuk.blob.core.windows.net/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wzuk.blob.core.windows.net/assets/fonts/I7CsSHRfZ0GB3AlD-DX-CQ.woff
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/g-202002181202533198/viewer/viewer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2f06077fe3d50522c14a3e84f5b24dd5b00e1513a2b371f4a9c4735c334872df

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 17 Mar 2020 18:01:28 GMT
x-ms-copy-progress
22004/22004
x-ms-copy-source
https://webzaitest.blob.core.windows.net/assets/fonts/I7CsSHRfZ0GB3AlD-DX-CQ.woff
x-ms-copy-status
success
Content-Length
22004
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Mon, 28 Jul 2014 14:53:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D1788AC856392E"
x-ms-copy-completion-time
Mon, 28 Jul 2014 14:53:09 GMT
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
f3e600ea-701e-0029-0186-fc5114000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control
public, max-age=31536000
x-ms-version
2013-08-15
x-ms-copy-id
3aadb96e-f104-4fe1-8e98-13a164028fc4
Accept-Ranges
bytes
zrpWq297sEeRsdU269eKIw.woff
wzuk.blob.core.windows.net/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wzuk.blob.core.windows.net/assets/fonts/zrpWq297sEeRsdU269eKIw.woff
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/g-202002181202533198/viewer/viewer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b206afe82a1c9176a352276634580f2eac291be9c2c5c3a4d2f4b58b174b55f

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 17 Mar 2020 18:01:27 GMT
x-ms-copy-progress
21512/21512
x-ms-copy-source
https://webzaitest.blob.core.windows.net/assets/fonts/zrpWq297sEeRsdU269eKIw.woff
x-ms-copy-status
success
Content-Length
21512
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Mon, 28 Jul 2014 14:56:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D1788B34F4026E"
x-ms-copy-completion-time
Mon, 28 Jul 2014 14:56:12 GMT
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
891e4e58-401e-0125-3186-fcf9b0000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control
public, max-age=31536000
x-ms-version
2013-08-15
x-ms-copy-id
8e2fbce3-71aa-4c2b-a7df-1bf3ed2b1e01
Accept-Ranges
bytes
/
www.2brushstrokes.com/x/cdn/ 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/BTDDYOAbc0-ezSF5ZTSTnQ.jpg
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/g-202002181202533198/viewer/viewer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
556f05f07d01f2944d414b9bfbb3fdd0fd0bef5413e1a9b88238829e93bd8e8d

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UoIyNK_Io1D174xGS1dlwvsjHvI8Nxj-CxFPXefqsMvKJ7z6g-xsBnZrpw5pWwXthYt3wLjsD8FIIwTCU8B6xQx8g4Rdg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
image/jpeg
last-modified
Thu, 08 Mar 2018 14:21:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Uf7/qg==, md5=k6Q0hxK6Jb+SkXEm1r1+tw==
x-image-proxy-version
1.24
x-goog-generation
1520518889486766
cache-control
public, max-age=31536000
x-goog-stored-content-length
384980
cf-ray
57589e902a38d729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b47aa96929e3ZKnbu4f/Orange-2BS-Logo_d800.png
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
539c323c54874cc3ca45733f7e2ef26631eff05d65d883b8f5c92debc1623336

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UqTdcn5wDozM_S8lMomm9j7eFEq9vu8zU-BMlAL7ixJ3aqgMtLi_fZXZsnXwnQYMQUOeF6NXeKr-xjfvP8jorkBfX4ETA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
42506
last-modified
Thu, 12 Jul 2018 19:23:04 GMT
server
cloudflare
etag
"69506b66f8f3f7514954bf3ff3321dd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=P0atGw==, md5=aVBrZvjz91FJVL8/8zId0Q==
x-image-proxy-version
1.24
x-goog-generation
1531423384701096
cache-control
public, max-age=31536000
x-goog-stored-content-length
42506
accept-ranges
bytes
cf-ray
57589e903a6ad729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c30633c6f6kr7FGTv/Mission-Stmt.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
3737c4790f4392dc2f2d4e0d7e1b789e190eb5fbc8f777e1025de2edbab7bc3b

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2Up6_7zv3Q3ndGKHvOw7HBgSEG2yBGtkXSGLyNanfztxI4ZSnMmdTKrjsoWAiLH7NVJDm_nU4eq-I02NTGaux3AVuooZLA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
9104
last-modified
Thu, 21 Jun 2018 23:10:27 GMT
server
cloudflare
etag
"8582a75cd2a1fe94e1b8bd381d888b14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=B/C/Zw==, md5=hYKnXNKh/pThuL04HYiLFA==
x-image-proxy-version
1.24
x-goog-generation
1529622627489763
cache-control
public, max-age=31536000
x-goog-stored-content-length
9104
accept-ranges
bytes
cf-ray
57589e903a6dd729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c315fd906e7ngJdp7/Process_improvement2.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
40673c7d64f1132c7535a729549db01b15caf95482754f17eba796eec4f10c4f

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UoprHEf8aaoOjUB7cfGP71_zIbW6L6piBr58bq0QbDe9CMhdxIcygJ18x4AkwCOQd2XuTWkJD_1RrnOEhoEbeIT2ouSvw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
14961
last-modified
Thu, 21 Jun 2018 23:14:40 GMT
server
cloudflare
etag
"5942ae313384b4d64a333045685fac4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=K0ej8A==, md5=WUKuMTOEtNZKMzBFaF+sTA==
x-image-proxy-version
1.24
x-goog-generation
1529622880072094
cache-control
public, max-age=31536000
x-goog-stored-content-length
14961
accept-ranges
bytes
cf-ray
57589e903a6ed729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c32e0e4fa2jRC9Xrc/human-bot-handshake_d400.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
372c0041fc964def0aec95ae17c6f03a3e5e5ccfe5969952c6de7e5c0f7cc34b

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UqTfJyQSBvMfbIquiyVGM07Gwko8SFJjofzKnFEVnpr3PYF4rlLnaw7iH10sm0xhalqd4Wkg-rRB0p8ZAZGOnCc3AJArw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
12846
last-modified
Thu, 21 Jun 2018 23:21:05 GMT
server
cloudflare
etag
"9ba7f58b0b670c0dd84c2da4caf6874b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=n3Y0yw==, md5=m6f1iwtnDA3YTC2kyvaHSw==
x-image-proxy-version
1.24
x-goog-generation
1529623265736412
cache-control
public, max-age=31536000
x-goog-stored-content-length
12846
accept-ranges
bytes
cf-ray
57589e903a72d729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b27d3e79f2d5rQXyCqw/process_improvement.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
dc78c937d6c8b53437632543e23205db0eb2f3abe89df9addf1e9db3545ef8c6

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2Up9NCfWunsBEbaMzYROP0XNns9B0JD4jBFVaxshryhHslcqMp9L0Wu80-zZ3xJk5Zm0BdRlJM9l2yNIupvIIpaNvLe8jg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
9365
last-modified
Mon, 18 Jun 2018 15:46:47 GMT
server
cloudflare
etag
"f3c2e79e80fb1827eeed8ad93620e618"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=CoEmiA==, md5=88LnnoD7GCfu7YrZNiDmGA==
x-image-proxy-version
1.24
x-goog-generation
1529336807876017
cache-control
public, max-age=31536000
x-goog-stored-content-length
9365
accept-ranges
bytes
cf-ray
57589e903a74d729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/mY8lxYeK9UWSDi7wQ57r1Q_200.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
e198de6f17513362c0a81e349c45dc1712626f67d912dcd034bcff7cf6fb2241

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UqvZjylKpet4iWLFf7FpPLjgEBGwGLyE0L4RI0B48cex3pB1ZYF5m7ZsFGKsf2stZLwufKr8Z8TCRTV-MrvP3NkCdltFA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
image/jpeg
last-modified
Thu, 08 Mar 2018 14:22:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=6Q99mA==, md5=lakflSWSxQ8n+3rJYW7oew==
x-image-proxy-version
1.24
x-goog-generation
1520518953409381
cache-control
public, max-age=31536000
x-goog-stored-content-length
8727
cf-ray
57589e903a77d729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b27d70b05511S7WQDMD/bot-at-a-terminal_d200.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
f169aa6428abcc1183e66b4e5e333e816018c61412647d12c812f809974f3aab

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2Uq_2JeiJzNn9bfzuXyrujvC55Kk8JXJJH2joT7BN7WxzM9-z454h9nTwCbqGXBa2Dyf_ZC_OqBmwN5gTj4u_6wE3B_gWQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
6427
last-modified
Mon, 18 Jun 2018 16:00:11 GMT
server
cloudflare
etag
"aa12bb641ada3a9bdf873b112c3e649f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=gn5TFg==, md5=qhK7ZBraOpvfhzsRLD5knw==
x-image-proxy-version
1.24
x-goog-generation
1529337611573286
cache-control
public, max-age=31536000
x-goog-stored-content-length
6427
accept-ranges
bytes
cf-ray
57589e903a79d729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b27d7da8c4c8qO5gXdR/multicutural-meeting_d200.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
5eb08af3febcbf6170705d5fbf877f4a5d9aff2cae39c2e95203ddd4855b65fe

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UpVpkkFQvSDwHQxMAYlQw0fER-k9o6xvbKTHNK7dyxrOxzz93fMdXfpVi25dDY2eSlWAdChJvYBi2vUmpeAwMKoNTPblQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
6164
last-modified
Mon, 18 Jun 2018 16:03:39 GMT
server
cloudflare
etag
"a3618ad80a14e1dd8f322b0dc02bb768"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=dfDu+w==, md5=o2GK2AoU4d2PMisNwCu3aA==
x-image-proxy-version
1.24
x-goog-generation
1529337819238087
cache-control
public, max-age=31536000
x-goog-stored-content-length
6164
accept-ranges
bytes
cf-ray
57589e903a7bd729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://images.unsplash.com/photo-1526633731461-c7903581c0bd?ixlib=rb-0.3.5&q=85&fm=jpg&crop=entropy&cs=srgb&s=ed782d582b32b79026de3a429111c708&w=200
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
2c264076e0fb90d3abb81dce8e26b42791749273508a52b8e343e77366f9f7cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
cf-ray
57589e903a7fd729-FRA
x-cache
HIT, MISS
status
200
x-imgix-id
bb5ce06719578bf156f299767e3001ea0755ba45
content-length
12516
x-served-by
cache-lax8628-LAX, cache-fra19121-FRA
last-modified
Mon, 09 Mar 2020 21:35:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-image-proxy-version
1.24
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
content-type
image/jpeg
/
www.2brushstrokes.com/x/cdn/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/LL2KDPXgK0-Jq9SNF_86KA.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
da34c64c820e5b895cd95a7aa5271d8fa27eb896fb2e072c47099bf9bb015a10

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UqGSJD9qfJJq2nDt8aW0q8OrKDo7YddOwS76Qs5iC2v09lAeGZFWmK3xVyMklHDSU-vgD6j-b7v4FFc5QxjM26HiIBaUw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
image/jpeg
last-modified
Thu, 08 Mar 2018 14:21:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=FP1EPw==, md5=p6ZWvCog0JeKrlle6h7IQw==
x-image-proxy-version
1.24
x-goog-generation
1520518905987306
cache-control
public, max-age=31536000
x-goog-stored-content-length
203999
cf-ray
57589e903a83d729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/0tRP5zHdwkCY6OWnKW8beg.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
e02f0d48e69425e5b002bd6ecd5f83fb6cc2e16166abe99bb8883c3caefff00a

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UquPl9X4R1M7nwM5u-LoDXf6hzfXFCDTtLNjRRnAUaR6PVzOENW3UZTUN9_nfJZx_6OuCZplgxYG4DiqEndssXdRUdSaA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
image/jpeg
last-modified
Thu, 08 Mar 2018 14:20:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=BR+V8g==, md5=6tdPH4PerTUI9ArtGlSBdw==
x-image-proxy-version
1.24
x-goog-generation
1520518859536839
cache-control
public, max-age=31536000
x-goog-stored-content-length
294397
cf-ray
57589e904aa9d729-FRA
expires
Wed, 17 Mar 2021 18:01:28 GMT
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Requested by
Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202002181202533198
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Access-Control-Request-Method
POST
Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Tue, 17 Mar 2020 18:01:28 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.2brushstrokes.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-origin,authorization,content-type
Content-Length
0
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Requested by
Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202002181202533198
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Access-Control-Request-Method
POST
Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Tue, 17 Mar 2020 18:01:27 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.2brushstrokes.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-origin,authorization,content-type
Content-Length
0
conversations-embed.js
js.usemessages.com/ 		60 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
410c78b4d9ff76214734cd37fa87bcaa8b0df44e914d89ce3b6e3477d50ce549

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
via
1.1 d91484ed0f2bc08dc4c74b0ab1bda282.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
449
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
x-amz-version-id
sqgn4Ot.EnFhSoLpVp.TAU_iJYWSN1Dl
last-modified
Thu, 12 Mar 2020 04:16:52 GMT
server
cloudflare
etag
W/"53b76cb8e148f1e04c1c571aa050d670"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-pop
IAD89-C2
cf-ray
57589e904e92d721-FRA
x-amz-cf-id
ZmTuPrnt3PWSCnd0YF0UqqCXzWJv1Z31olITUJudZ3AjyBcG0NR7Sw==
4764964.js
js.hs-analytics.net/analytics/1584468000000/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1584468000000/4764964.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f53c03edd3f98661a262df8555724afb7c1e556a2ea5410142328c1e609a267

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 18:01:29 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
663E05BA27E8F1E9
x-amz-server-side-encryption
AES256
status
200
content-type
text/javascript
x-amz-id-2
wAjXm0gI87IgEPmky82q8f64m7NwuAwOf1zfL2kMpPHXMIsH4YOTlCzqK3bd0H84Cpp8VvBNnoU=
last-modified
Thu, 12 Mar 2020 16:07:04 GMT
server
cloudflare
etag
W/"db6f2236561fd381799acdaa641c7402"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
57589e904800325c-FRA
expires
Tue, 17 Mar 2020 18:06:28 GMT
collectedforms.js
js.hscollectedforms.net/ 		85 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b9acf28aa23de86049ef99df499b5144735d8f65a86e962a5542f6fb3ce9ab

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Mar 2020 18:01:29 GMT
via
1.1 5bbbde7889bb9c7247f5924a32d2fdf1.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
gzip
content-type
application/javascript; charset=utf-8
last-modified
Fri, 21 Feb 2020 04:12:07 GMT
server
cloudflare
etag
W/"c00f8a7a08e52f63a2b33d54d330a070"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
3yoBVacLLgVfkY3C5uUUkp3Y6DI.cfqb
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
cf-ray
57589e906f28d72d-FRA
x-amz-cf-id
uPFdCuomh5ygnfLK28u4mTyd7Zed78X_tJ4Qs-_EVLQBFbJrPUEkXg==
leadflows.js
js.hsleadflows.net/ 		378 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c1214e59c44f5e5c8df55e450b79c53173ec6d1be075d5586d42aca95cd1c5

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
via
1.1 ddeb8679359f033dad405557c487bfdd.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Mon, 09 Mar 2020 04:08:40 GMT
server
cloudflare
etag
W/"2e38cc0a0ac0df26db1ee131533ec1c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
g.iTr1QYUHTKmLRDHUCic9UdeJCTzz0A
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
cf-ray
57589e9048f36419-FRA
x-amz-cf-id
Lrd6hUCRXr1mokkzMZqSMojJ-EgfBiQpTNET3khEox6C6o3SsI48gA==
public
api.hubspot.com/livechat-public/v1/message/ 		18 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4764964&conversations-embed=static-1.6094&mobile=false&messagesUtk=a352362af3b64293b2032c916fe4f779&traceId=a352362af3b64293b2032c916fe4f779
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
GET
Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
x-hubspot-messages-uri

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
18
allow
HEAD,GET,OPTIONS
server
cloudflare
x-trace
2B3AEFDC8EB63061C82D8081231E8395623AC2D044000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.2brushstrokes.com
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
57589e90cb801f1d-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4764964&conversations-embed=static-1.6094&mobile=false&messagesUtk=a352362af3b64293b2032c916fe4f779&traceId=a352362af3b64293b2032c916fe4f779
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e262bd3d02b229ec3b940a5857814eba125aa1c6458a05ba44a93c6737054728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
empty
X-HubSpot-Messages-Uri
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Mar 2020 18:01:28 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
1315
server
cloudflare
x-trace
2BABF9B9653A89C9C6FE4488EACADF6A468F5B8E7B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.2brushstrokes.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
57589e919d911f1d-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Access-Control-Allow-Origin
*
Authorization
SharedAccessSignature sr=https%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1%2Fpublishers%2Fa7eb7df2-c03b-4196-9fc0-88f2fac0e84b%2Fmessages&sig=YZig2K2L908OLTBF4dZaAgprwScLOKg%2BGIO9PXDgBt4%3D&se=1584471688.358&skn=Send
Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.2brushstrokes.com
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Date
Tue, 17 Mar 2020 18:01:28 GMT
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Access-Control-Allow-Origin
*
Authorization
SharedAccessSignature sr=https%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1%2Fpublishers%2Fa7eb7df2-c03b-4196-9fc0-88f2fac0e84b%2Fmessages&sig=HMF1PPqbph%2BmfEiios2H%2BYKYzY033Rm0SKrDRWJhpi4%3D&se=1584471688.36&skn=Send
Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.2brushstrokes.com
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Date
Tue, 17 Mar 2020 18:01:27 GMT
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
a352362af3b64293b2032c916fe4f779
app.hubspot.com/conversations-visitor/4764964/threads/utk/ Frame 9FD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/4764964/threads/utk/a352362af3b64293b2032c916fe4f779?uuid=00478d8a75de4c2a99dd420b277f70c2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=a352362af3b64293b2032c916fe4f779&url=https%3A%2F%2Fwww.2brushstrokes.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.hubspot.com
:scheme
https
:path
/conversations-visitor/4764964/threads/utk/a352362af3b64293b2032c916fe4f779?uuid=00478d8a75de4c2a99dd420b277f70c2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=a352362af3b64293b2032c916fe4f779&url=https%3A%2F%2Fwww.2brushstrokes.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.2brushstrokes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.2brushstrokes.com/

Response headers

status
200
date
Tue, 17 Mar 2020 18:01:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d31351873cb6538293aeaf1215129e22f1584468088; expires=Thu, 16-Apr-20 18:01:28 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status
COMPLETED
last-modified
Thu, 12 Mar 2020 04:55:24 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
1gYxAPb0wsZfx_8DsOfwzVYSzRskY6RM
etag
W/"52068408d86274d61330c602e09c5848"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
d9mNvRpDzF778Vb4yBU5OuOqHfHPiSdOqBIhjZdOjCNvvSFc5j-_6Q==
age
3026
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
57589e932a5cd6e1-FRA
content-encoding
br
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B8F51D86D51A18802C90128189153EF40BF710832000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
57589e96dd431f51-FRA
content-length
35
__ptq.gif
track.hubspot.com/ 		45 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=4764964&pu=https%3A%2F%2Fwww.2brushstrokes.com%2F&t=Home&cts=1584468089580&vi=4004bfc0197b3e0a093daf2d620bf7ff&nc=true&u=203433231.4004bfc0197b3e0a093daf2d620bf7ff.1584468089577.1584468089577.1584468089577.1&b=203433231.1.1584468089577
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
57589e97e9a7d6e1-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
json
forms.hubspot.com/lead-flows-config/v1/config/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4764964&utk=4004bfc0197b3e0a093daf2d620bf7ff&__hstc=203433231.4004bfc0197b3e0a093daf2d620bf7ff.1584468089577.1584468089577.1584468089577.1&__hssc=203433231.1.1584468089577&currentUrl=https%3A%2F%2Fwww.2brushstrokes.com%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a1cc02fcf6230a4552e59af0f02ad6ac61e759597ada625912966efc091eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
Origin
https://www.2brushstrokes.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Mar 2020 18:01:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-ray
57589e97f8261f1d-FRA
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.2brushstrokes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
__ptq.gif
track.hubspot.com/ 		45 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=16&fi=66dfd3db-54a7-4845-a958-3473d43a5f43&lfi=362784&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=4764964&pu=https%3A%2F%2Fwww.2brushstrokes.com%2F&t=Home&cts=1584468089744&vi=4004bfc0197b3e0a093daf2d620bf7ff&nc=true&u=203433231.4004bfc0197b3e0a093daf2d620bf7ff.1584468089577.1584468089577.1584468089577.1&b=203433231.1.1584468089577
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
57589e98ed59d6e1-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
Orange%202BS%20Logo-1.png
cdn2.hubspot.net/hubfs/4764964/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.hubspot.net/hubfs/4764964/Orange%202BS%20Logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89aa6357c17a293ec242ff774d3176fe0c8770152319b47bc5a5a0bda9c5d02d

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 17 Mar 2020 18:01:30 GMT
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-meta-cache-tag
F-6112813798,P-4764964,FLS-ALL
x-amz-cf-pop
FRA50-C1
cf-ray
57589e9f2d3ec281-FRA
edge-cache-tag
F-6112813798,P-4764964,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 53
content-length
61385
x-amz-id-2
VvcfCJUIdD5uP0JVWoBCiP9xa8MOxxSJOmdqkcXBoYS2FDUiustWa8bz2NZmCuSNMJKE11oGJZw=
last-modified
Mon, 27 Aug 2018 20:04:20 GMT
server
cloudflare
etag
"2d4f1256943f8ce2760d297bd560e4a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
A84FE52F32739432
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
BkpZq8nyFZ3bU0PuYTg0Ps1f8.5wRFhV
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
2Q7h0QKcK5dc6g83BOnYI0Z0TWSNtJAWRQqd8hKz7AsLyHS1OeSqeA==

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| _gaq undefined| ga object| _fc function| getInsights object| require object| PageData object| Global object| SiteInformation object| Settings object| EventHubHistory object| AMInsights function| safeExecution undefined| $ undefined| jQuery undefined| TraceKit undefined| Raygun object| _wzErrorHandler object| html5 object| JSONPController object| WzPublicIcons function| $f function| Froogaloop function| onYouTubeIframeAPIReady function| onGoogleMapAPIReady object| jQuery111207695233739143552 object| VideoDataSourceEnum object| GalleryDataSourceEnum object| PhotosDataSourceEnum object| ReviewsEnum object| EventsDataSourceEnum object| MusicDataSourceEnum object| NewsDataSourceEnum object| _wz_ object| Viewer object| SiteStructure object| PagesStructures object| MasterPagesStructures object| SiteFilesMap object| DynamicPageContent object| DBSiteMetaData object| TemporaryImages boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq function| bindToWindowOnError function| defineProperties object| globalRoot undefined| hns object| leadflows function| hmerge object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq object| _hsp boolean| _hspb_loaded boolean| _hstc_loaded function| setImmediate function| clearImmediate object| __hsCollectedFormsDebug boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

4 Cookies

Domain/Path Name / Value
.2brushstrokes.com/ Name: __hssc
Value: 203433231.1.1584468089577
.2brushstrokes.com/ Name: hubspotutk
Value: 4004bfc0197b3e0a093daf2d620bf7ff
.2brushstrokes.com/ Name: __hssrc
Value: 1
.2brushstrokes.com/ Name: __hstc
Value: 203433231.4004bfc0197b3e0a093daf2d620bf7ff.1584468089577.1584468089577.1584468089577.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149b4.wpc.azureedge.net
api.hubspot.com
app.hubspot.com
cdn2.hubspot.net
components.mywebsitebuilder.com
forms.hsforms.com
forms.hubspot.com
in-us-east-event-hubs.servicebus.windows.net
js.hs-analytics.net
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
localize.uat.mywebsitebuilder.com
storage.googleapis.com
track.hubspot.com
www.2brushstrokes.com
wzuk.blob.core.windows.net
13.92.180.208
2606:2800:133:f17:19e8:2356:251b:2a9
2606:4700::6810:5805
2606:4700::6810:f905
2606:4700::6810:fb05
2606:4700::6811:43b0
2606:4700::6811:82ab
2606:4700::6811:d5cc
2606:4700::6811:e6cc
2606:4700::6811:edcc
2606:4700::6811:f2cc
2a00:1450:4001:809::2010
35.190.14.35
40.87.65.131
52.239.140.10
66.235.200.28
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
21a477eab203bfda6a4cf7ce8be3fc5bfa0d431ff640f0291c9d0d8a77cf7f1d
23ee4ea65db6fe9c920d6844298f9ac16152841c7813f02c5d8c7da29f49b60a
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2c264076e0fb90d3abb81dce8e26b42791749273508a52b8e343e77366f9f7cb
2f06077fe3d50522c14a3e84f5b24dd5b00e1513a2b371f4a9c4735c334872df
372c0041fc964def0aec95ae17c6f03a3e5e5ccfe5969952c6de7e5c0f7cc34b
3737c4790f4392dc2f2d4e0d7e1b789e190eb5fbc8f777e1025de2edbab7bc3b
40673c7d64f1132c7535a729549db01b15caf95482754f17eba796eec4f10c4f
410c78b4d9ff76214734cd37fa87bcaa8b0df44e914d89ce3b6e3477d50ce549
4b206afe82a1c9176a352276634580f2eac291be9c2c5c3a4d2f4b58b174b55f
539c323c54874cc3ca45733f7e2ef26631eff05d65d883b8f5c92debc1623336
556f05f07d01f2944d414b9bfbb3fdd0fd0bef5413e1a9b88238829e93bd8e8d
56a1cc02fcf6230a4552e59af0f02ad6ac61e759597ada625912966efc091eea
5eb08af3febcbf6170705d5fbf877f4a5d9aff2cae39c2e95203ddd4855b65fe
675728a0e5978735a53907f1be61fda4ea70c2f8ad2f103e89b1f8a1fe21fabe
69b9acf28aa23de86049ef99df499b5144735d8f65a86e962a5542f6fb3ce9ab
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bcbf57535c46a7b14d163e9dc73f33f4a4adafd8d93ae59759fa134ac3a0826
89aa6357c17a293ec242ff774d3176fe0c8770152319b47bc5a5a0bda9c5d02d
9e561bd18a5f121526634a0a7120d38f16d5f03bb1a298904d684e491352fde0
9f53c03edd3f98661a262df8555724afb7c1e556a2ea5410142328c1e609a267
a015ca1e691b49e6b2ace57963ae217787f08b5b0a838f818a25e524d6a92164
a75c31d6f11651da62a5622682b5a2d0cd03b8eb1d909380e2ca4a0c43545e35
b1c1214e59c44f5e5c8df55e450b79c53173ec6d1be075d5586d42aca95cd1c5
bede9d931b99e557db04d9970e5621f47d7fc08279793b8487efaefd853b63fa
da34c64c820e5b895cd95a7aa5271d8fa27eb896fb2e072c47099bf9bb015a10
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc78c937d6c8b53437632543e23205db0eb2f3abe89df9addf1e9db3545ef8c6
e02f0d48e69425e5b002bd6ecd5f83fb6cc2e16166abe99bb8883c3caefff00a
e198de6f17513362c0a81e349c45dc1712626f67d912dcd034bcff7cf6fb2241
e262bd3d02b229ec3b940a5857814eba125aa1c6458a05ba44a93c6737054728
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb432a1953c47da72aaea376cf04ac4090d45bd668986f6233ad0f06ed237b8b
f169aa6428abcc1183e66b4e5e333e816018c61412647d12c812f809974f3aab
fce037af9ce160a8e1d9abfa9e5b46d6b607ca7e9650e5976e47a27897380514