www.2brushstrokes.com Open in urlscan Pro
66.235.200.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJq...
Effective URL:
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70Y...
Submission Tags: falconsandbox
Submission: On September 05 via api (September 5th 2021, 2:22:00 am UTC) from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 18 domains to perform 51 HTTP transactions. The main IP is 66.235.200.28, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.2brushstrokes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2021. Valid for: a year.

This is the only time www.2brushstrokes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:5d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	66.235.200.28 66.235.200.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:133... 2606:2800:133:f17:19e8:2356:251b:2a9	15133 (EDGECAST) (EDGECAST)
6	35.190.14.35 35.190.14.35	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2010	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:a40a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.239.140.10 52.239.140.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	13.92.180.208 13.92.180.208	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	204.141.43.67 204.141.43.67	2639 (ZOHO-AS) (ZOHO-AS)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	() ()
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:f0cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
51	22

2 2606:4700::6812:5d7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hs-4764964.t.hubspotstarter-iy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 66.235.200.28 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com

www.2brushstrokes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:f17:19e8:2356:251b:2a9 (United States)

ASN15133 (EDGECAST, US)

149b4.wpc.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.14.35 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 35.14.190.35.bc.googleusercontent.com

components.mywebsitebuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a40a (United States)

ASN13335 (CLOUDFLARENET, US)

localize.uat.mywebsitebuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.239.140.10 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wzuk.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.92.180.208 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

in-us-east-event-hubs.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9a53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.141.43.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN- ()

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f0cc (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	hubspot.com 1 redirects api.hubspot.com app.hubspot.com track.hubspot.com forms.hubspot.com	25 KB
8	2brushstrokes.com 1 redirects www.2brushstrokes.com	608 KB
7	windows.net wzuk.blob.core.windows.net in-us-east-event-hubs.servicebus.windows.net	67 KB
7	mywebsitebuilder.com components.mywebsitebuilder.com localize.uat.mywebsitebuilder.com	713 KB
5	hsappstatic.net static.hsappstatic.net	239 KB
3	googleapis.com storage.googleapis.com	161 KB
2	zohocdn.com css.zohocdn.com js.zohocdn.com	36 KB
2	hubspot.net avatars.hubspot.net cdn2.hubspot.net	62 KB
2	zoho.com salesiq.zoho.com	42 KB
2	hubspotstarter-iy.net 1 redirects hs-4764964.t.hubspotstarter-iy.net	3 KB
1	hsforms.com forms.hsforms.com	519 B
1	hs-analytics.net js.hs-analytics.net	20 KB
1	usemessages.com js.usemessages.com	21 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hs-scripts.com js.hs-scripts.com	1012 B
1	azureedge.net 149b4.wpc.azureedge.net	7 KB
51	18

	Domain	Requested by
8	www.2brushstrokes.com	1 redirects hs-4764964.t.hubspotstarter-iy.net www.2brushstrokes.com
6	components.mywebsitebuilder.com	www.2brushstrokes.com components.mywebsitebuilder.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	api.hubspot.com	1 redirects js.usemessages.com static.hsappstatic.net
4	in-us-east-event-hubs.servicebus.windows.net	149b4.wpc.azureedge.net
3	wzuk.blob.core.windows.net	www.2brushstrokes.com
3	storage.googleapis.com	www.2brushstrokes.com
2	track.hubspot.com
2	salesiq.zoho.com	hs-4764964.t.hubspotstarter-iy.net salesiq.zoho.com
2	hs-4764964.t.hubspotstarter-iy.net	1 redirects
1	cdn2.hubspot.net
1	js.zohocdn.com	salesiq.zoho.com
1	css.zohocdn.com	salesiq.zoho.com
1	forms.hubspot.com	js.hsleadflows.net
1	avatars.hubspot.net	app.hubspot.com
1	app.hubspot.com	js.usemessages.com
1	forms.hsforms.com	www.2brushstrokes.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	localize.uat.mywebsitebuilder.com	149b4.wpc.azureedge.net
1	js.hs-scripts.com	www.2brushstrokes.com
1	149b4.wpc.azureedge.net	www.2brushstrokes.com
51	25

This site contains no links.

Subject Issuer	Validity	Valid
hubspotstarter-iy.net Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
www.2brushstrokes.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
*.mywebsitebuilder.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-25` - `2021-09-26`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
mywebsitebuilder.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-08-31` - `2022-08-31`	a year	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 01	`2021-07-19` - `2022-07-14`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-14` - `2022-05-14`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.zohocdn.com R3	`2021-09-04` - `2021-12-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Frame ID: 9122940D57B60960A3487147494AA479
Requests: 33 HTTP requests in this frame

Frame: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Frame ID: 2B19B6EC9CBFD5727F0FBC3C7BE7ABA9
Requests: 8 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/19d5471e9abb478db08b937a51deb5b6?uuid=31c9d0f007044e53a54ba77d3afe07c4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=19d5471e9abb478db08b937a51deb5b6&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: BAF2C8551DDEAEE42BAF3A855B19FA83
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Sm... Page URL
https://hs-4764964.t.hubspotstarter-iy.net/events/public/v1/track/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4... HTTP 307
http://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L... HTTP 301
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

51
Requests

100 %
HTTPS

71 %
IPv6

18
Domains

25
Subdomains

22
IPs

4
Countries

2132 kB
Transfer

5220 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11 Page URL
https://hs-4764964.t.hubspotstarter-iy.net/events/public/v1/track/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11?_ud=a2444202-2500-4085-b30d-939adb683a37&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
http://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460 HTTP 301
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://api.hubspot.com/userpreferences/v1/avatar/61f4c3824596ae814769bb0037bb7cca/100 HTTP 307
https://avatars.hubspot.net/default-100

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQW... Show response
hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/ 10 KB
3 KB 272ms
230ms Document
text/html 2606:4700::6812:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8a445e74ec408f0144a0cde2226f28b9efaf76e19875d79f0afd40ffca804f

Request headers

:method: GET
:authority: hs-4764964.t.hubspotstarter-iy.net
:scheme: https
:path: /e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:33 GMT
content-type: text/html;charset=utf-8
x-robots-tag: none
referrer-policy: no-referrer
vary: Accept-Encoding
x-hubspot-correlation-id: c9efe470-b725-409b-a4cc-bdedbb6b779a
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 689bfc1d9c5cdfa9-FRA
content-encoding: br

GET
H2

200

Primary Request / Show response
www.2brushstrokes.com/
Redirect Chain

https://hs-4764964.t.hubspotstarter-iy.net/events/public/v1/track/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW5...
http://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_...
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&...

17 KB
7 KB

181ms
137ms

Document
text/html

66.235.200.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Requested by: Host: hs-4764964.t.hubspotstarter-iy.net
URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: af8dbb575d3d3afcbcb058a156f6cdd368728cc2483bfca0bfbb531978fffda9

Request headers

:method: GET
:authority: www.2brushstrokes.com
:scheme: https
:path: /?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11

Response headers

date: Sun, 05 Sep 2021 02:21:34 GMT
content-type: text/html
cf-ray: 689bfc22f8333b73-CDG
age: 89051
last-modified: Tue, 25 Aug 2020 16:28:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: L32R+HGSVhuYB8+8yGC1dA==
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ms-blob-type: BlockBlob
x-ms-creation-time: Mon, 30 Dec 2019 09:02:36 GMT
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: d4a0ca63-b01e-011e-212d-a1eb54000000
x-ms-server-encrypted: true
x-ms-version: 2018-03-28
x-worker-version: 1.0.0
server: cloudflare
content-encoding: br

Redirect headers

Date: Sun, 05 Sep 2021 02:21:34 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 689bfc210dd6cda7-CDG

GET
H2 200 t.js Show response
149b4.wpc.azureedge.net/80149B4/insights/ 16 KB
7 KB 39ms
9ms Script
application/javascript 2606:2800:133:f17:19e8:2356:251b:2a9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:f17:19e8:2356:251b:2a9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA5) /
Resource Hash: a015ca1e691b49e6b2ace57963ae217787f08b5b0a838f818a25e524d6a92164

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:34 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
last-modified: Mon, 10 May 2021 08:22:38 GMT
server: ECAcc (frc/8EA5)
age: 10173536
etag: -1741585332
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, Content-Type, Accept, Authorization
content-length: 6620
expires: Mon, 05 Sep 2022 02:21:35 GMT

GET
H2 200 viewer.css
components.mywebsitebuilder.com/g-202007071407399460/viewer-gator/ 144 KB
144 KB 313ms
20ms Stylesheet
text/css 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/g-202007071407399460/viewer-gator/viewer.css
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54c49c13b9577aa5b4794e64f0745b4df11481cf20a19e7920624f6d122718e0

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 18:25:35 GMT
age: 374159
x-guploader-uploadid: ADPycduLsMcUlxiUXM52T9_nJAmn5_qMecdB3hc2vK2xnMJV7wuZorzhg4ROgvGzDS9KOvbdhckoYRu9DYVof2VBTYg
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 147014
last-modified: Tue, 07 Jul 2020 14:52:51 GMT
server: UploadServer
etag: W/"17d86ee49251547465af634815788d57"
vary: Accept-Encoding
x-goog-hash: crc32c=/rM1Hw==, md5=F9hu5JJRVHRlr2NIFXiNVw==
x-goog-generation: 1594133571430937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 21762
accept-ranges: bytes
content-type: text/css
warning: 214 UploadServer gunzipped
expires: Wed, 31 Aug 2022 18:25:35 GMT

GET
H2 200 viewer.js Show response
components.mywebsitebuilder.com/g-202007071407399460/viewer/ 2 MB
522 KB 372ms
80ms Script
application/javascript 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/g-202007071407399460/viewer/viewer.js
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 10eb63f9533bc9f2d8ba9799a95ce9b722624f46d4d537278711017b7dcad93e

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:32:53 GMT
content-encoding: gzip
age: 312521
x-guploader-uploadid: ADPycdvnho2sK7rfnu5VGjjW1813vYSdXQeet8qnJWc2vm6f-KkFywYKZ8MSmpiDitRVfh3MUUZzZKrnYHeh_18DXjg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 533573
last-modified: Tue, 07 Jul 2020 14:52:50 GMT
server: UploadServer
etag: "39162515ed70ff76bd7c98c197a1a80e"
vary: Accept-Encoding
x-goog-hash: crc32c=iym8aw==, md5=ORYlFe1w/3a9fJjBl6GoDg==
x-goog-generation: 1594133570840976
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 533573
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 01 Sep 2022 11:32:53 GMT

GET
H2 200 8c6f3b9c98fa4168b7c061991601e6a7.js Show response
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 23 KB
24 KB 397ms
374ms Script
application/json 2a00:1450:4001:810::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/8c6f3b9c98fa4168b7c061991601e6a7.js?1598372884
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3cb3718e482bd4b3f2b31b8c7b6e44b7085ef17a830fbfe5e68a97619ce5ff92

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:34 GMT
x-guploader-uploadid: ADPycduT2LRcg9sM_OZwuvhVlHU_WWjGge3uavltL8yxxqhqte7q9ZHT1axBqzzCysg7FEw3JuGoVMVTxEfGms90wJA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23832
last-modified: Tue, 25 Aug 2020 16:27:59 GMT
server: UploadServer
etag: "528e80f6ceaa970bc192a864a71c4e29"
x-goog-hash: crc32c=D0MMQA==, md5=Uo6A9s6qlwvBkqhkpxxOKQ==
x-goog-generation: 1598372879530552
cache-control: public, max-age=3600
x-goog-stored-content-length: 23832
accept-ranges: bytes
content-type: application/json
expires: Sun, 05 Sep 2021 03:21:34 GMT

GET
H2 200 0f3ec490bf5545f994a3a7d98fca5398.js Show response
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 56 KB
56 KB 402ms
379ms Script
application/json 2a00:1450:4001:810::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/0f3ec490bf5545f994a3a7d98fca5398.js?1598372884
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b89b3f71b3a76e9c6ff2eb4a8f8c4da933d7d554f4c60b6011850a4a9af79f53

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:34 GMT
x-guploader-uploadid: ADPycds-oA3bVsvkHMemGMqd-9zEewVYzV5FWPVGL_oxBfMwV1Xy93_IRcgcPPRoipGsKl5eafQh8RqdtEiW857YoOQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57094
last-modified: Tue, 28 Jul 2020 18:47:14 GMT
server: UploadServer
etag: "9a05ae6ffdc4323f43f10d510c668873"
x-goog-hash: crc32c=lnNYhQ==, md5=mgWub/3EMj9D8Q1RDGaIcw==
x-goog-generation: 1595962034760268
cache-control: public, max-age=3600
x-goog-stored-content-length: 57094
accept-ranges: bytes
content-type: application/json
expires: Sun, 05 Sep 2021 03:21:34 GMT

GET
H2 200 95404429fef54d9a982e4b78d3e2718a.js Show response
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 81 KB
81 KB 408ms
386ms Script
application/json 2a00:1450:4001:810::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/95404429fef54d9a982e4b78d3e2718a.js?1598372884
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e2a6bedeaa5fa6be7a6d36fdf494790004252781df48c2fe7b1b21a18653fa9f

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:34 GMT
x-guploader-uploadid: ADPycdulBFLoBM4dr2VlIDewSzL932vlXYTHtaCu-qTbdAskTSWcztG1GWzNkOOWiyN1yaD9bSvY5NmqKYrH-78ocL8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82706
last-modified: Tue, 25 Aug 2020 16:27:45 GMT
server: UploadServer
etag: "01a19dc56f028bd3542cb14a266085db"
x-goog-hash: crc32c=GLK3aw==, md5=AaGdxW8Ci9NULLFKJmCF2w==
x-goog-generation: 1598372865079345
cache-control: public, max-age=3600
x-goog-stored-content-length: 82706
accept-ranges: bytes
content-type: application/json
expires: Sun, 05 Sep 2021 03:21:34 GMT

GET
H2 200 4764964.js Show response
js.hs-scripts.com/ 2 KB
1012 B 168ms
152ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4764964.js
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db06960de8a5d0a6466c3dcb032f7a7db70c0b913bab76999e9faf035ad1c31f

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-hubspot-correlation-id: 5b92769b-cce6-4113-83e0-032942be7b45
x-trace: 2BD1A7FEA4A85761DB2AC4E7BED2F215B736FA28A7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.2brushstrokes.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 689bfc2698114e92-FRA
expires: Sun, 05 Sep 2021 02:22:35 GMT

GET
H2 200 / Show response
localize.uat.mywebsitebuilder.com/ 29 B
611 B 400ms
375ms XHR
application/javascript 2606:4700::6813:a40a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://localize.uat.mywebsitebuilder.com/
Requested by: Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:a40a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50f5078b5bdec86cf1ecfc9c2f41aae80b049737691ddddac58ee3b273774fa4

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 689bfc248c9a4eb0-FRA

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ee4ea65db6fe9c920d6844298f9ac16152841c7813f02c5d8c7da29f49b60a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 embed-html.html Show response
components.mywebsitebuilder.com/extern/embed-html/ Frame 2B19 2 KB
2 KB 20ms
19ms Document
text/html 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Requested by: Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/g-202007071407399460/viewer/viewer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 242523b55015d3d64e15a62829a6ea75c3415f5a65a6916f7cf8608dd13bea09

Request headers

:method: GET
:authority: components.mywebsitebuilder.com
:scheme: https
:path: /extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.2brushstrokes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.2brushstrokes.com/

Response headers

x-guploader-uploadid: ADPycdtLGQrjeDO3EgYZXuK1kHJBrqyDVqS_XdZL5WPVSIBqUtTx4b-YD3wsW34C35AN4Wt2Ops_RO8C2t8WsVy-fMs
expires: Sun, 05 Sep 2021 02:59:26 GMT
date: Sun, 05 Sep 2021 01:59:26 GMT
last-modified: Mon, 18 Mar 2019 10:01:46 GMT
etag: "d764867dd92feb4a5db43b1421dae81e"
x-goog-generation: 1552903306346559
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2212
content-type: text/html
x-goog-hash: crc32c=u8oTFg== md5=12SGfdkv60pdtDsUIdroHg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
age: 1329
cache-control: public, max-age=3600
alt-svc: clear

GET
H/1.1 200
OK 1aJZYUlSkk6puu4aOD3swQ.woff
wzuk.blob.core.windows.net/assets/fonts/ 21 KB
22 KB 176ms
45ms Font
application/x-font-woff 52.239.140.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wzuk.blob.core.windows.net/assets/fonts/1aJZYUlSkk6puu4aOD3swQ.woff
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Origin: https://www.2brushstrokes.com
Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 05 Sep 2021 02:21:35 GMT
x-ms-copy-progress: 21704/21704
x-ms-copy-source: https://webzaitest.blob.core.windows.net/assets/fonts/1aJZYUlSkk6puu4aOD3swQ.woff
x-ms-copy-status: success
Content-Length: 21704
x-ms-lease-state: available
x-ms-lease-status: unlocked
Accept-Ranges: bytes
Last-Modified: Mon, 28 Jul 2014 14:52:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D1788AAFC21BEE"
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
x-ms-request-id: bc4afca6-601e-00f1-4ffc-a1f6c5000000
Access-Control-Expose-Headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control: public, max-age=31536000
x-ms-version: 2013-08-15
x-ms-copy-id: 741e6713-78d4-49e4-a8cf-5c8744a5c1bc
x-ms-copy-completion-time: Mon, 28 Jul 2014 14:52:28 GMT

GET
H/1.1 200
OK I7CsSHRfZ0GB3AlD-DX-CQ.woff
wzuk.blob.core.windows.net/assets/fonts/ 21 KB
22 KB 177ms
46ms Font
application/x-font-woff 52.239.140.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wzuk.blob.core.windows.net/assets/fonts/I7CsSHRfZ0GB3AlD-DX-CQ.woff
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2f06077fe3d50522c14a3e84f5b24dd5b00e1513a2b371f4a9c4735c334872df

Request headers

Origin: https://www.2brushstrokes.com
Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 05 Sep 2021 02:21:35 GMT
x-ms-copy-progress: 22004/22004
x-ms-copy-source: https://webzaitest.blob.core.windows.net/assets/fonts/I7CsSHRfZ0GB3AlD-DX-CQ.woff
x-ms-copy-status: success
Content-Length: 22004
x-ms-lease-state: available
x-ms-lease-status: unlocked
Accept-Ranges: bytes
Last-Modified: Mon, 28 Jul 2014 14:53:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D1788AC856392E"
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
x-ms-request-id: 933371c6-c01e-0030-0bfc-a17d7c000000
Access-Control-Expose-Headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control: public, max-age=31536000
x-ms-version: 2013-08-15
x-ms-copy-id: 3aadb96e-f104-4fe1-8e98-13a164028fc4
x-ms-copy-completion-time: Mon, 28 Jul 2014 14:53:09 GMT

GET
H/1.1 200
OK zrpWq297sEeRsdU269eKIw.woff
wzuk.blob.core.windows.net/assets/fonts/ 21 KB
22 KB 176ms
45ms Font
application/x-font-woff 52.239.140.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wzuk.blob.core.windows.net/assets/fonts/zrpWq297sEeRsdU269eKIw.woff
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b206afe82a1c9176a352276634580f2eac291be9c2c5c3a4d2f4b58b174b55f

Request headers

Origin: https://www.2brushstrokes.com
Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 05 Sep 2021 02:21:35 GMT
x-ms-copy-progress: 21512/21512
x-ms-copy-source: https://webzaitest.blob.core.windows.net/assets/fonts/zrpWq297sEeRsdU269eKIw.woff
x-ms-copy-status: success
Content-Length: 21512
x-ms-lease-state: available
x-ms-lease-status: unlocked
Accept-Ranges: bytes
Last-Modified: Mon, 28 Jul 2014 14:56:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D1788B34F4026E"
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
x-ms-request-id: 06dc5db4-001e-0087-75fc-a17279000000
Access-Control-Expose-Headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control: public, max-age=31536000
x-ms-version: 2013-08-15
x-ms-copy-id: 8e2fbce3-71aa-4c2b-a7df-1bf3ed2b1e01
x-ms-copy-completion-time: Mon, 28 Jul 2014 14:56:12 GMT

GET
H2 200 /
www.2brushstrokes.com/x/cdn/ 302 KB
302 KB 51ms
48ms Image
image/jpeg 66.235.200.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/BTDDYOAbc0-ezSF5ZTSTnQ.jpg
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: b6196d1a8e8fa513b322e93199d6307ce3cad3b2fdfee6ba26859d980c91f09d

Request headers

:path: /x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/BTDDYOAbc0-ezSF5ZTSTnQ.jpg
pragma: no-cache
cookie: app_ses_key=6CC54FB3-EFC3-D61B-3E6C-2EEED2C14ACB/none; app_key=5A5C3395-505F-9D1E-2EBA-750A441E1F14/1630808494773
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.2brushstrokes.com
referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-engine: cloud
date: Sun, 05 Sep 2021 02:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 689bfc282bbd3b73-CDG
access-control-allow-headers: *

GET
H2 200 /
www.2brushstrokes.com/x/cdn/ 42 KB
42 KB 463ms
461ms Image
image/png 66.235.200.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b47aa96929e3ZKnbu4f/Orange-2BS-Logo_d800.png
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 539c323c54874cc3ca45733f7e2ef26631eff05d65d883b8f5c92debc1623336

Request headers

:path: /x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b47aa96929e3ZKnbu4f/Orange-2BS-Logo_d800.png
pragma: no-cache
cookie: app_ses_key=6CC54FB3-EFC3-D61B-3E6C-2EEED2C14ACB/none; app_key=5A5C3395-505F-9D1E-2EBA-750A441E1F14/1630808494773
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.2brushstrokes.com
referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-engine: cloud
date: Sun, 05 Sep 2021 02:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 689bfc282bbf3b73-CDG
access-control-allow-headers: *
content-length: 42506

GET
H2 200 /
www.2brushstrokes.com/x/cdn/ 9 KB
9 KB 436ms
434ms Image
image/jpeg 66.235.200.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c30633c6f6kr7FGTv/Mission-Stmt.jpg
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 3737c4790f4392dc2f2d4e0d7e1b789e190eb5fbc8f777e1025de2edbab7bc3b

Request headers

:path: /x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c30633c6f6kr7FGTv/Mission-Stmt.jpg
pragma: no-cache
cookie: app_ses_key=6CC54FB3-EFC3-D61B-3E6C-2EEED2C14ACB/none; app_key=5A5C3395-505F-9D1E-2EBA-750A441E1F14/1630808494773
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.2brushstrokes.com
referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-engine: cloud
date: Sun, 05 Sep 2021 02:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 689bfc282bc33b73-CDG
access-control-allow-headers: *
content-length: 9104

GET
H2 200 /
www.2brushstrokes.com/x/cdn/ 15 KB
15 KB 427ms
425ms Image
image/jpeg 66.235.200.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c315fd906e7ngJdp7/Process_improvement2.jpg
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 40673c7d64f1132c7535a729549db01b15caf95482754f17eba796eec4f10c4f

Request headers

:path: /x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c315fd906e7ngJdp7/Process_improvement2.jpg
pragma: no-cache
cookie: app_ses_key=6CC54FB3-EFC3-D61B-3E6C-2EEED2C14ACB/none; app_key=5A5C3395-505F-9D1E-2EBA-750A441E1F14/1630808494773
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.2brushstrokes.com
referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-engine: cloud
date: Sun, 05 Sep 2021 02:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 689bfc282bc53b73-CDG
access-control-allow-headers: *
content-length: 14961

GET
H2 200 /
www.2brushstrokes.com/x/cdn/ 13 KB
13 KB 459ms
457ms Image
image/jpeg 66.235.200.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c32e0e4fa2jRC9Xrc/human-bot-handshake_d400.jpg
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 372c0041fc964def0aec95ae17c6f03a3e5e5ccfe5969952c6de7e5c0f7cc34b

Request headers

:path: /x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c32e0e4fa2jRC9Xrc/human-bot-handshake_d400.jpg
pragma: no-cache
cookie: app_ses_key=6CC54FB3-EFC3-D61B-3E6C-2EEED2C14ACB/none; app_key=5A5C3395-505F-9D1E-2EBA-750A441E1F14/1630808494773
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.2brushstrokes.com
referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-engine: cloud
date: Sun, 05 Sep 2021 02:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 689bfc282bc73b73-CDG
access-control-allow-headers: *
content-length: 12846

GET
H2 200 /
www.2brushstrokes.com/x/cdn/ 220 KB
221 KB 49ms
47ms Image
image/jpeg 66.235.200.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/0tRP5zHdwkCY6OWnKW8beg.jpg
Requested by: Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: af1341bf0fd4ad8645366232727aec126de06f4603e35e4de77f6bac287e7bf6

Request headers

:path: /x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/0tRP5zHdwkCY6OWnKW8beg.jpg
pragma: no-cache
cookie: app_ses_key=6CC54FB3-EFC3-D61B-3E6C-2EEED2C14ACB/none; app_key=5A5C3395-505F-9D1E-2EBA-750A441E1F14/1630808494773
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.2brushstrokes.com
referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-engine: cloud
date: Sun, 05 Sep 2021 02:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 689bfc282bc83b73-CDG
access-control-allow-headers: *

OPTIONS
H/1.1 200
OK messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ Frame 0
0 455ms
99ms Preflight 13.92.180.208
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10

Protocol

HTTP/1.1

Server

13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,authorization,content-type
Origin: https://www.2brushstrokes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.2brushstrokes.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: access-control-allow-origin,authorization,content-type
Strict-Transport-Security: max-age=31536000
Date: Sun, 05 Sep 2021 02:21:35 GMT

POST
H/1.1 201
Created messages Show response
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 0
316 B 208ms
108ms XHR
application/xml 13.92.180.208
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10

Requested by

Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Access-Control-Allow-Origin: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.2brushstrokes.com/
Authorization: SharedAccessSignature sr=https%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1%2Fpublishers%2Fa7eb7df2-c03b-4196-9fc0-88f2fac0e84b%2Fmessages&sig=FNPrBcAa2SUWZGEhzZlutw03D0tFtuDUEriOvMsoC5Q%3D&se=1630812095.398&skn=Send
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.2brushstrokes.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 05 Sep 2021 02:21:35 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 0
316 B 242ms
133ms XHR
application/xml 13.92.180.208
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10

Requested by

Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Access-Control-Allow-Origin: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.2brushstrokes.com/
Authorization: SharedAccessSignature sr=https%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1%2Fpublishers%2Fa7eb7df2-c03b-4196-9fc0-88f2fac0e84b%2Fmessages&sig=b4UqePLWizVhhqBoiUkyQr1dgpquC%2B8c9rrAZAQ4peE%3D&se=1630812095.399&skn=Send
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.2brushstrokes.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 05 Sep 2021 02:21:35 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ Frame 0
0 553ms
99ms Preflight 13.92.180.208
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10

Protocol

HTTP/1.1

Server

13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,authorization,content-type
Origin: https://www.2brushstrokes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.2brushstrokes.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: access-control-allow-origin,authorization,content-type
Strict-Transport-Security: max-age=31536000
Date: Sun, 05 Sep 2021 02:21:35 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 202ms
182ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5343b9a9c667a328bd11798a1d4950326c2e48189873d45b2d515c56aad2cd6

Request headers

Origin: https://www.2brushstrokes.com
Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
via: 1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1053/bundle/main/lead-flows-release.js&cfRay=689bfc288a71c2ef-IAD
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 689bfc288a71c2ef-FRA
last-modified: Wed, 01 Sep 2021 08:32:41 UTC
server: cloudflare
etag: W/"06b9cc0a137bb12ab3bdef2f5d9c59e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: sGyMCPzZ_yO5cY5tFaL3Y3aSs3R6Eatx
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: IGK1HM7RQy6qCZyv3vr5HVrVYn_ZQAVcDKulYdc7nYmchOec4hvXeQ==
x-hs-target-asset: lead-flows-js/static-1.1053/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
26 KB 231ms
211ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14

Request headers

Origin: https://www.2brushstrokes.com
Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
via: 1.1 600860a2fda807ac628822c14b5de861.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.243/bundles/project.js&cfRay=689bfc288f7b4e6e-IAD
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 689bfc288f7b4e6e-FRA
last-modified: Mon, 26 Jul 2021 08:57:16 UTC
server: cloudflare
etag: W/"71e1b9bc533ea0484715e256cd176305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: B7tJDnPGhJYQnx9vLunWV_JVNjkGgLI4
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 2IjLvnbPiqUOS-Y3XTafhMTf3S1_LyoDPjJeaO6ld01Vh2Z-VMuIDg==
x-hs-target-asset: collected-forms-embed-js/static-1.243/bundles/project.js

GET
H2 200 4764964.js Show response
js.hs-banner.com/ 60 KB
16 KB 547ms
528ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4764964.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359c412a1a374b5b3686b59f9e61067a0366376d62cce71ac0fc1598b9fe4034

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 26XNTCK6ZS24RXTA
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: V98BnXSMb9o3RS95IvVPlxYdhTGsOw38QjdKF7lZ9x++U0LjtJ8VXSC3HpHG4AAEpBR/Nc8KVi0=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 20:03:38 GMT
server: cloudflare
etag: W/"f28f51a22aecbdf537391d2361689147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: p1xuA.VYiLAg0LMKcF0ELY6Z3nSYtp2d
access-control-allow-origin: https://www.2brushstrokes.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 689bfc288d334e3e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sun, 05 Sep 2021 02:26:35 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 36ms
17ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caea56378e539ae5dcad0604d85984a6118acc0dff058b580de396ab1a17f758

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
via: 1.1 738984066968793a5714282f49fe0ab9.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 155
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9175/bundles/project.js&cfRay=689bf85dac4ddff3-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 01 Sep 2021 08:42:30 UTC
server: cloudflare
etag: W/"39f670199cc428cefa200da31e32eb31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: SarDCchMLrNPLxP5Z2MFohrG.WvMEyKe
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 689bfc288bb04dd6-FRA
x-amz-cf-id: CBMe72g7XTB0pKeyUHgC2hgnQZpd9KEblQfru7FGPrKToUMAqwUUUg==
x-hs-target-asset: conversations-embed/static-1.9175/bundles/project.js

GET
H2 200 4764964.js Show response
js.hs-analytics.net/analytics/1630808400000/ 62 KB
20 KB 580ms
561ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1630808400000/4764964.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b6dd847db200d94adc9ff8a0ec720f4f3118c261541da47f2af105414a7275

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 26XXEAEJASPSSXYZ
x-amz-server-side-encryption: AES256
cf-ray: 689bfc288fba42c9-FRA
x-amz-id-2: 4fZnz5qj9cTh1RgUOv7wog17jlr5LB665ANu5wF/bzKyz4UyUaBGiGSHqxpbEj4VVMQoSfCXhUw=
last-modified: Mon, 19 Jul 2021 15:00:13 GMT
server: cloudflare
etag: W/"8df9edd92effb7b7f704bf6779dcc2c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Sun, 05 Sep 2021 02:26:35 GMT

GET
H2 200 apps-api.js Show response
components.mywebsitebuilder.com/extern/apps-api/ Frame 2B19 21 KB
21 KB 21ms
20ms Script
text/javascript 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/extern/apps-api/apps-api.js
Requested by: Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e8ac29a7ad2786a8791d23898841e482546bf3a369e8d43f63a62f1540de492c

Request headers

Referer: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:11:45 GMT
age: 590
x-guploader-uploadid: ADPycdu9YjJOD3TlY4bBLy86A1WQd_KN269gIhvFLX9ewfhRjnfyMIUzyN-bVyTiwNOZIY4KPAllkz3_aHtMDJP39gHXg_FusQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 21187
last-modified: Mon, 18 Mar 2019 09:51:06 GMT
server: UploadServer
etag: "96a4d02bd1de25520d08d3d583416fb7"
x-goog-hash: crc32c=nbTZ7A==, md5=lqTQK9HeJVINCNPVg0Fvtw==
x-goog-generation: 1552902666941504
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 21187
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 05 Sep 2021 03:11:45 GMT

GET
H2 200 embed-html.html Show response
components.mywebsitebuilder.com/extern/embed-html/ Frame 2B19 2 KB
2 KB 20ms
19ms Document
text/html 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Requested by: Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 242523b55015d3d64e15a62829a6ea75c3415f5a65a6916f7cf8608dd13bea09

Request headers

:method: GET
:authority: components.mywebsitebuilder.com
:scheme: https
:path: /extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D

Response headers

x-guploader-uploadid: ADPycdtLGQrjeDO3EgYZXuK1kHJBrqyDVqS_XdZL5WPVSIBqUtTx4b-YD3wsW34C35AN4Wt2Ops_RO8C2t8WsVy-fMs
expires: Sun, 05 Sep 2021 02:59:26 GMT
date: Sun, 05 Sep 2021 01:59:26 GMT
last-modified: Mon, 18 Mar 2019 10:01:46 GMT
etag: "d764867dd92feb4a5db43b1421dae81e"
x-goog-generation: 1552903306346559
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2212
content-type: text/html
x-goog-hash: crc32c=u8oTFg== md5=12SGfdkv60pdtDsUIdroHg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
age: 1329
cache-control: public, max-age=3600
alt-svc: clear

GET
H3-29 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 264ms
240ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4764964&conversations-embed=static-1.9175&mobile=false&messagesUtk=19d5471e9abb478db08b937a51deb5b6&traceId=19d5471e9abb478db08b937a51deb5b6

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8298e2fab8531fb52ed21bf66d11bc1c0b72dddb4ff1d07471ea71cd0ee10eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.2brushstrokes.com/

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 211a3235-79ca-42f1-84c7-3f6869d58205
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1538
server: cloudflare
x-trace: 2BCE5DCA893A07C745EBADE08FF5A10ECAD4C682A5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCo0Xu%2BVtZtmVr1j%2F6G%2FbHAObWkP3URlPiO9JqdEyeLJKUhOplMxJ7vLV6xsmeertpUI%2FIRIouQD42zm%2Fz2cH04VQwhBn%2BlwvbizpKpC0Lbth0gNBeEMztcEWriACTPxzgQoRqJj0XwLpIMHQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.2brushstrokes.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 689bfc29ef845bf5-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 165ms
148ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.2brushstrokes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 689bfc28dfe2d6e1-FRA
access-control-allow-origin: https://www.2brushstrokes.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 56c5d726-7405-41ca-bbaa-f20eb901f153
x-trace: 2BA6CEF12B558E134D1255ACF718E8352E3147DBF1000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1UnEsJ3WeWzhBtEV4vUC5rusDMmVR5OzDTpqX9ll57WpvFOEF7757SA%2FHlW3avKFlBphWGbNRSQMqjwKoeNDCmzX3lYhS8LS%2Bm%2BJSZpXsLfuWXXF1xmf7Q6oBvn72dAieTveFcLZ7fGhnlwHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 apps-api.js Show response
components.mywebsitebuilder.com/extern/apps-api/ Frame 2B19 21 KB
21 KB 20ms
19ms Script
text/javascript 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/extern/apps-api/apps-api.js
Requested by: Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e8ac29a7ad2786a8791d23898841e482546bf3a369e8d43f63a62f1540de492c

Request headers

Referer: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1630808495253&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:11:45 GMT
age: 590
x-guploader-uploadid: ADPycdu9YjJOD3TlY4bBLy86A1WQd_KN269gIhvFLX9ewfhRjnfyMIUzyN-bVyTiwNOZIY4KPAllkz3_aHtMDJP39gHXg_FusQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 21187
last-modified: Mon, 18 Mar 2019 09:51:06 GMT
server: UploadServer
etag: "96a4d02bd1de25520d08d3d583416fb7"
x-goog-hash: crc32c=nbTZ7A==, md5=lqTQK9HeJVINCNPVg0Fvtw==
x-goog-generation: 1552902666941504
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 21187
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 05 Sep 2021 03:11:45 GMT

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ Frame 2B19 120 KB
36 KB 3530ms
178ms Script
text/javascript 204.141.43.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget

Requested by

Host: hs-4764964.t.hubspotstarter-iy.net
URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

d74156d61acb0d0a1d8b61610d162ec0f896bccbb18776dea6ed12fd8e763e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://components.mywebsitebuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
Date: Sun, 05 Sep 2021 02:21:38 GMT
Content-Encoding: gzip
Server: ZGS
ETag: W/-1563841513
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Sun, 05 Sep 2021 02:26:38 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
519 B 146ms
122ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1

Requested by

Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: fca1caef-8280-4c06-bb97-0bee4120a4af
x-trace: 2BDDA91777CA1C004033BAB8ECCA9B61D89BD8BCA0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 689bfc2a3f16c2c2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H2 200 19d5471e9abb478db08b937a51deb5b6 Show response
app.hubspot.com/conversations-visitor/4764964/threads/utk/ Frame BAF2 44 KB
17 KB 160ms
141ms Document
text/html 2606:4700::6813:9b53

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4764964/threads/utk/19d5471e9abb478db08b937a51deb5b6?uuid=31c9d0f007044e53a54ba77d3afe07c4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=19d5471e9abb478db08b937a51deb5b6&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

087c88398f0e5879a9e3a5fa7f96e965e342a68d0ec2654f92afcf79f6c319a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: app.hubspot.com
:scheme: https
:path: /conversations-visitor/4764964/threads/utk/19d5471e9abb478db08b937a51deb5b6?uuid=31c9d0f007044e53a54ba77d3afe07c4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=19d5471e9abb478db08b937a51deb5b6&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.2brushstrokes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.2brushstrokes.com/

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
content-type: text/html; charset=utf-8
cf-ray: 689bfc2b9f925b9e-FRA
age: 1853
cache-control: max-age=600
etag: W/"9743dcecc73cc13fe4c332341bf40535"
last-modified: Wed, 01 Sep 2021 08:42:30 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 156336391961f724345f6534c674b6eb.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src 'unsafe-inline' 'self' www.hubspot.com js.hs-analytics.net js.hsforms.net js.hsleadflows.net *.hsappstatic.net js.hs-banner.com *.hs-scripts.com js.hubspotfeedback.com *.usemessages.com js.hubspot.com js.hsadspixel.net js.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com *.fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com s.yimg.jp www.redditstatic.com 'unsafe-eval' *; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.11628/html/index.html&cfRay=689bfc2b9f925b9e&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4764964%2Fthreads%2Futk%2F19d5471e9abb478db08b937a51deb5b6%3Fuuid%3D31c9d0f007044e53a54ba77d3afe07c4%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3D2brushstrokes.com%26inApp53%3Dfalse%26messagesUtk%3D19d5471e9abb478db08b937a51deb5b6%26url%3Dhttps%253A%252F%252Fwww.2brushstrokes.com%252F%253Futm_source%253Dhs_email%2526utm_medium%253Demail%2526utm_content%253D74024460%2526_hsenc%253Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%2526_hsmi%253D74024460%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.2brushstrokes.com%2F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: Uc4a8TSx_LGFOkMmEP77bXw2hAgOwFIOxo0xwL881mP38y0wHh7vAQ==
x-amz-cf-pop: IAD89-C3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: xHG0z1jcRsYYj5Qh0v7XvJJ2eLYAUSOJ
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-worker-debug-mode: false
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.156/ Frame BAF2 44 KB
16 KB 33ms
17ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.156/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/19d5471e9abb478db08b937a51deb5b6?uuid=31c9d0f007044e53a54ba77d3afe07c4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=19d5471e9abb478db08b937a51deb5b6&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2028642
x-amz-server-side-encryption: AES256
cf-ray: 689bfc2c987042db-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 12 Aug 2021 03:52:03 GMT
server: cloudflare
etag: W/"92f1fce5bc1b104818f7bb3259fa0317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BfrGrgXkrytVnTE%2FzM3QF%2FZaX9tI6izsjVl2X28Ka4f4NNd0QEpL%2Br4rOMq1SVNo0omimJ2eb24Lk6EPvYDpALsJJcMm%2BhKUILTmq9J7K%2Fy9enVfOJ09oEULK%2Fxc4SLJ7w60Jx2MnQ1jyH72dVPRCmN4ec%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: jswq3j2Kf9rTWaLEvxg.3d09mCkFqVly
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: gshpPGhkH8ue9XPwKJ_UCZ5L-IFxbcezfboIatjmr3RFMBVoLgVjfg==
expires: Mon, 05 Sep 2022 02:21:36 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/ Frame BAF2 20 KB
5 KB 36ms
16ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
via: 1.1 fc6dca2df1221c0bec817610bc20e505.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2265504
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 03 Mar 2021 21:09:00 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiQ20I06VLdLQrMmYA6wizq8bbXpzZHnAAopkMSxNwLs%2Bvw53aalxy2wU3ajx0v0st5TVFIrEfJ4WImUxDrAZ8wVnEQg4H2n9VGZ6vIS%2Fdw4qKA3cmwx5O8LRJ%2BW%2FLcKBwgDjL0TV55dYNJcMjT2MuuuDEE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1rBCyHs_YjjDB1.HOpykpqteK2m6W_oL
cache-control: public, max-age=31536000
x-amz-cf-pop: MUC50-C1
cf-ray: 689bfc2c988d4e19-FRA
x-amz-cf-id: ty8MEdjgGU_CHYbNJ3VAGai79DmhaUdHc0j1TA7E5ppRiixT4jKtqg==
expires: Mon, 05 Sep 2022 02:21:36 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.159/ Frame BAF2 286 KB
91 KB 31ms
14ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.159/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f570aa8099b421a835ca8e3e153cff61ca3b05937958a47eb45a96b7ddfd8af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
via: 1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1358021
x-amz-server-side-encryption: AES256
cf-ray: 689bfc2c987242db-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 19 Aug 2021 22:34:09 GMT
server: cloudflare
etag: W/"896686ea09daf248a1f0cfa61a373ece"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BwtYDVkvR6WOn3SG%2BLiFooWOIG2B2DCTtbVnw6cFCyKXImGrsoslT01Upg73bglreC%2Bd0Zrjz58hMX4TqOMT%2FbEtW8fZm7FsQ7EA8%2FJKxXLv6eU6eqhvum996rVQb%2FHoWj4VA4WYXgTbOzYABEvAWzCxRU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1boAYbo9NdFzxAb0hXKyRXJxEYKg3qrQ
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: skARRjlEtQ0VlXlKrfV_XSdyOv_cOlvXfKMQQwzQ-dJhHeUa5jNWGg==
expires: Mon, 05 Sep 2022 02:21:36 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11628/bundles/ Frame BAF2 472 KB
126 KB 32ms
16ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11628/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d184428e5d8b5bb6aab900b181fc8c14e10c329e93016ca4e7f2696e60d0079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279541
x-amz-server-side-encryption: AES256
cf-ray: 689bfc2c987342db-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 01 Sep 2021 20:21:00 GMT
server: cloudflare
etag: W/"4def1bfdacdaee457c130fed3849ae84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMiUr63iqihN2MauQj91E0YR%2BtJOR8BAnxMXIzHMxVwy26FDykI1KAZirmcXKOy0QG5Z%2FQB2uN7TVc3J5KIex%2B%2BwDt8MyLFr8i%2F6O0RcA9VodRA2vtlXk5WsP8k7tce0eU1iBCoeGRagEXa%2BGnZzjEvUx9M%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: iJ112jEg5Ona14EZD8B_MzOloUDL1H7v
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: MudKFkgYpUhhngODiCbzIMD9TNMvMNhdgqgGyIldvxBZhAizL-a2Zg==
expires: Mon, 05 Sep 2022 02:21:36 GMT

GET
H3-29 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11588/ Frame BAF2 776 B
1 KB 56ms
39ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11588/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11628/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2162f4d347a4c7bda9bf2bc422b99c9ee7fb88408adcef7b838eef576657a204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 817154
x-amz-server-side-encryption: AES256
cf-ray: 689bfc2d5ae15c38-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 24 Aug 2021 22:49:14 GMT
server: cloudflare
etag: W/"8aa3118412fa615570042e709d56be2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0RJnsldBYah6tdrpReBwiqpzqjhLtiISg3b6mAP1yKoIrNQqTtVxV6hSXibprCk34e%2B0mP9J4lXOqAzmakV1ku2DH%2F%2BVdZNheRBwauMY8SDvv6lWmUwTCo1I6K6R9dP1EMJbbsj%2Bjnz4eNjZxYDqZiASM0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: k_4gCjNqpI5_.RSBNptrcSO4qg_ZO6DB
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: ZZE2qRbHyKj0HMVCKxUDUInIGv_txwDBbapJj64mq9nkMLyqznuAOA==
expires: Mon, 05 Sep 2022 02:21:36 GMT

GET
H2

200

default-100
avatars.hubspot.net/ Frame BAF2
Redirect Chain

https://api.hubspot.com/userpreferences/v1/avatar/61f4c3824596ae814769bb0037bb7cca/100
https://avatars.hubspot.net/default-100

448 B
1 KB

55ms
13ms

Image
image/webp

2606:4700::6811:f0cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/default-100
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/19d5471e9abb478db08b937a51deb5b6?uuid=31c9d0f007044e53a54ba77d3afe07c4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=19d5471e9abb478db08b937a51deb5b6&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11761
x-amz-server-side-encryption: AES256
cf-ray: 689bfc2f0b702b95-FRA
content-length: 448
x-amz-id-2: 8793hh6Zc3TZsSpYFHwmf297izNMXT7q15SzQwzS0vJhbXTadSIK8IqT4znF2EAVpq5wvI8QtMQ=
last-modified: Fri, 18 Sep 2020 15:59:13 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768632/atime:1484768827/md5:dd769facdb720bc65224b1db30749aeb/ctime:1484768635
etag: "dd769facdb720bc65224b1db30749aeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Sq9Txzfe9%2B78I3rkZUj5cuFpOwf%2F1Q5eVBaWaAbOCxTjErpNCMlnWNB9jKlm9%2BY8Kcebrxat42Gf63PAjdpNNIwZTTQWl4u1lnjSnXvVM92eW9zIyYDKU6t%2BlkbMzvcujJ%2BzvAdfkwGMAIJWEUrUqs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: VJBDNZGH04PA4D96
cf-polished: origFmt=png, origSize=798
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Sun, 05 Sep 2021 02:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: 0babefc7-a668-4f7e-98c4-e91900d6bff6
x-trace: 2B5E0080EE9A29FD5DEBD43D343F4B9560F07ECED1000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4yDVgECYdI6IOyhy6POU%2FoNiw74QEBAgNAqmZptbJo%2FpRPNfli22cqMPJ%2FqnLh4oNU97VkKfW4b3mm%2FAAKfjxDOsnMkK64%2B5IBLecoawywEO9XmttBSp%2B907gV87a91JHpfu9kqAlULCZmVQg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/default-100
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 689bfc2df9ba05f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 204 rhumb
api.hubspot.com/cartographer/v1/ Frame BAF2 0
1 KB 123ms
120ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11628

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11628/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 05 Sep 2021 02:21:36 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9fbafa44-adbe-4304-8fdc-21e274b51545
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6a%2BS3HPVFxpfP4tWQGQVOIUIRqs4pkDSjJRLhua33UfaaL3OBKEfovJbR64an71s9%2FiR%2FuocUmuRSEFMDv6oD%2B3Yr%2B9Mbkz64%2F%2F0KNdows1Tr4g%2FbgkOFxs%2BybpfxJey3aOvAkDBxZhla7U%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 689bfc2df9b905f5-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H/1.1 200 getembeddetails.ls Show response
salesiq.zoho.com/ Frame 2B19 14 KB
6 KB 197ms
197ms XHR
application/json 204.141.43.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/getembeddetails.ls?widgetcode=1919bfb5ec3d2af153b77d7a83a361f8bc92eb7975718a49bc46e6142538045a6b90d019bd4854fe957717da2cd3df72&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Fcomponents.mywebsitebuilder.com&pagetitle=

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

e7f331da5d7c1f1fe01d6f16fc2b4859ce4bdf0dfc7f971b6b3ed89684056466

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://components.mywebsitebuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 05 Sep 2021 02:21:39 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: ZGS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://components.mywebsitebuilder.com
Connection: keep-alive
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Credentials: true
vary: accept-encoding
X-XSS-Protection: 1

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
535 B 37ms
36ms Image
image/gif 2606:4700::6813:9b53

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=651832833&v=1.1&a=4764964&pu=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&t=Home&cts=1630808499182&vi=59bae54d89236bf6de7a88213ce12958&nc=true&u=203433231.59bae54d89236bf6de7a88213ce12958.1630808499177.1630808499177.1630808499177.1&b=203433231.1.1630808499177&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7b8c9e90-c28d-4f75-8a8c-2560a539034c
cf-ray: 689bfc3feae15b9e-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQRh1B1o54xPwUgGqbxmprOPdYG7XPh3Vya9YpJ5VMbwV5B3TepWs0Vpr%2B91H7gWqVEK8fs08Y6TxMaW%2BdIw%2FVUZAYb77FLWQXjgezj2pT38xuqqDc9is%2B67P5yTODlhtTfGyfFDQImMyNUAcTkx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 4 KB
2 KB 155ms
153ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4764964&utk=59bae54d89236bf6de7a88213ce12958&__hstc=203433231.59bae54d89236bf6de7a88213ce12958.1630808499177.1630808499177.1630808499177.1&__hssc=203433231.1.1630808499177&currentUrl=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9493d0af20ff1a6dd692852cf809303402a221f3b1cdb261e5d79238acc09fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4f5d6087-c482-474f-a728-ec0352d0498b
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIdJpLUZI3MCL4%2B7qrQPMA2QJVx3z2imRpv3iSW95DO3wYA1xWHEFdg5bp22P3HsSttRz2Im4JJCvIVxeRddfoT9Oicgj8iBcH4gm%2BmjUK5575md1DYgc3V60V9AJJJFKBkUumE7FwVsdyoAxYx%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.2brushstrokes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 689bfc407ec8d6e1-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 floatbutton_a8201a0e11797bfa36d430157abf1d6f_.css
css.zohocdn.com/salesiq/styles/ Frame 2B19 107 KB
22 KB 1208ms
58ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/floatbutton_a8201a0e11797bfa36d430157abf1d6f_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

a7e56ab00c58b15a1eef62e5e288b77896718ff945e0597673e36cd996a5cd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://components.mywebsitebuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Wed, 11 Aug 2021 08:59:33 GMT
vary: Accept-Encoding
content-length: 21903
x-xss-protection: 1
nb-request-id: cf78d017f8b3cece1cebb21179485506
server: ZGS
etag: "c56785cb974899f92c22f31025f1bff0"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-7f437ce02bb94969af025fb2572881b6
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton_ec2b62d1293ba6641cf5f363e78516b3_.js Show response
js.zohocdn.com/salesiq/js/ Frame 2B19 56 KB
14 KB 1196ms
47ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/floatbutton_ec2b62d1293ba6641cf5f363e78516b3_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

a89c1162a8c0e2fb7409b4a1122e1c6a522d979737cfa7862507cf771a7e27f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://components.mywebsitebuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Mon, 30 Aug 2021 11:29:34 GMT
vary: Accept-Encoding
content-length: 14039
x-xss-protection: 1
nb-request-id: 0a31b4faacd576a4dd78f97f92e67ea1
server: ZGS
etag: "3ca5aa26035d949e0f70b529a20d83be"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-ba90ae2306394a9ba2975a017f82ea82
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 __ptq.gif
track.hubspot.com/ 45 B
736 B 33ms
32ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=66dfd3db-54a7-4845-a958-3473d43a5f43&lfi=362784&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=651832833&v=1.1&a=4764964&pu=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&t=Home&cts=1630808499436&vi=59bae54d89236bf6de7a88213ce12958&nc=true&u=203433231.59bae54d89236bf6de7a88213ce12958.1630808499177.1630808499177.1630808499177.1&b=203433231.1.1630808499177&cc=15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 02:21:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 70a1aeeb-7673-4660-911d-0f4f43989c69
cf-ray: 689bfc418dca05f5-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BujTiaqig%2Fm8uzyJ2eut6VqE4xC0uCva0JxNEvR%2FjZnoyM6BzpQm886y0ia8hZMsA2vGK%2BtX28QqMppZigziCBgU5xg1IOurgZdIbiejE306xHjOKqfZ6PVyLzN3F1VEvLnklpdISJtDqARnSiuE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 Orange%202BS%20Logo-1.png
cdn2.hubspot.net/hubfs/4764964/ 60 KB
61 KB 1225ms
1224ms Image
image/png 2606:4700::6811:f0cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4764964/Orange%202BS%20Logo-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89aa6357c17a293ec242ff774d3176fe0c8770152319b47bc5a5a0bda9c5d02d

Request headers

Referer: https://www.2brushstrokes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Sun, 05 Sep 2021 02:21:41 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6112813798,P-4764964,FLS-ALL
x-amz-cf-pop: FRA2-C1
edge-cache-tag: F-6112813798,P-4764964,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 450SBDEXM915KYQF
x-amz-id-2: P/odLCid3z7CwMDi9ytQexF2wphytfia5gREpXTggDI93y+oPOPN0PXSTbcTEC6ngp2ThfwEl68=
accept-ranges: bytes
last-modified: Mon, 27 Aug 2018 20:04:20 GMT
server: cloudflare
etag: "2d4f1256943f8ce2760d297bd560e4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw3ZtmfNWsd%2FO0fH91DxasJDJhMiArdG0VqLzhnCYUmA6G%2Ba2FZTQdDRe2QbQjXXHEhypX4rP4YEIvKRspl7VKTJ93YbbghqS98VFM69Cd04Xlk71%2BVkLVDkCOy3286I2R%2BGNxZ7FZJWYZk2qQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: BkpZq8nyFZ3bU0PuYTg0Ps1f8.5wRFhV
content-length: 61385
cf-ray: 689bfc47ba1f2b95-FRA
x-amz-cf-id: T8G80C39M7Nj14ZZD-Ycn9_NSSz9RxcbGoC15snPTLsll43AM3zP-Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2brushstrokes.com/	1970-01-19 21:00:10	Name: __hssc Value: 203433231.1.1630808499177
.2brushstrokes.com/	1970-01-20 06:21:44	Name: hubspotutk Value: 59bae54d89236bf6de7a88213ce12958
.2brushstrokes.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.2brushstrokes.com/	1970-01-20 06:21:44	Name: __hstc Value: 203433231.59bae54d89236bf6de7a88213ce12958.1630808499177.1630808499177.1630808499177.1
.2brushstrokes.com/	1970-01-20 06:21:44	Name: messagesUtk Value: 19d5471e9abb478db08b937a51deb5b6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/W7Jl07F796MNlW46DWZV5gqhCb0/W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11(Line 13) Message: toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149b4.wpc.azureedge.net
api.hubspot.com
app.hubspot.com
avatars.hubspot.net
cdn2.hubspot.net
components.mywebsitebuilder.com
css.zohocdn.com
forms.hsforms.com
forms.hubspot.com
hs-4764964.t.hubspotstarter-iy.net
in-us-east-event-hubs.servicebus.windows.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
js.zohocdn.com
localize.uat.mywebsitebuilder.com
salesiq.zoho.com
static.hsappstatic.net
storage.googleapis.com
track.hubspot.com
www.2brushstrokes.com
wzuk.blob.core.windows.net
13.92.180.208
185.20.209.147
204.141.43.67
2606:2800:133:f17:19e8:2356:251b:2a9
2606:4700::6810:5505
2606:4700::6811:44b0
2606:4700::6811:81ab
2606:4700::6811:9d2
2606:4700::6811:d3cc
2606:4700::6811:e9cc
2606:4700::6811:efcc
2606:4700::6811:f0cc
2606:4700::6812:15bf
2606:4700::6812:5d7
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700::6813:a40a
2a00:1450:4001:810::2010
35.190.14.35
52.239.140.10
66.235.200.28
087c88398f0e5879a9e3a5fa7f96e965e342a68d0ec2654f92afcf79f6c319a7
10eb63f9533bc9f2d8ba9799a95ce9b722624f46d4d537278711017b7dcad93e
1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783
2162f4d347a4c7bda9bf2bc422b99c9ee7fb88408adcef7b838eef576657a204
23ee4ea65db6fe9c920d6844298f9ac16152841c7813f02c5d8c7da29f49b60a
242523b55015d3d64e15a62829a6ea75c3415f5a65a6916f7cf8608dd13bea09
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2f06077fe3d50522c14a3e84f5b24dd5b00e1513a2b371f4a9c4735c334872df
359c412a1a374b5b3686b59f9e61067a0366376d62cce71ac0fc1598b9fe4034
372c0041fc964def0aec95ae17c6f03a3e5e5ccfe5969952c6de7e5c0f7cc34b
3737c4790f4392dc2f2d4e0d7e1b789e190eb5fbc8f777e1025de2edbab7bc3b
3cb3718e482bd4b3f2b31b8c7b6e44b7085ef17a830fbfe5e68a97619ce5ff92
40673c7d64f1132c7535a729549db01b15caf95482754f17eba796eec4f10c4f
47b6dd847db200d94adc9ff8a0ec720f4f3118c261541da47f2af105414a7275
4b206afe82a1c9176a352276634580f2eac291be9c2c5c3a4d2f4b58b174b55f
4d184428e5d8b5bb6aab900b181fc8c14e10c329e93016ca4e7f2696e60d0079
50f5078b5bdec86cf1ecfc9c2f41aae80b049737691ddddac58ee3b273774fa4
539c323c54874cc3ca45733f7e2ef26631eff05d65d883b8f5c92debc1623336
54c49c13b9577aa5b4794e64f0745b4df11481cf20a19e7920624f6d122718e0
5a8a445e74ec408f0144a0cde2226f28b9efaf76e19875d79f0afd40ffca804f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
8298e2fab8531fb52ed21bf66d11bc1c0b72dddb4ff1d07471ea71cd0ee10eab
89aa6357c17a293ec242ff774d3176fe0c8770152319b47bc5a5a0bda9c5d02d
a015ca1e691b49e6b2ace57963ae217787f08b5b0a838f818a25e524d6a92164
a7e56ab00c58b15a1eef62e5e288b77896718ff945e0597673e36cd996a5cd1b
a89c1162a8c0e2fb7409b4a1122e1c6a522d979737cfa7862507cf771a7e27f2
af1341bf0fd4ad8645366232727aec126de06f4603e35e4de77f6bac287e7bf6
af8dbb575d3d3afcbcb058a156f6cdd368728cc2483bfca0bfbb531978fffda9
b6196d1a8e8fa513b322e93199d6307ce3cad3b2fdfee6ba26859d980c91f09d
b89b3f71b3a76e9c6ff2eb4a8f8c4da933d7d554f4c60b6011850a4a9af79f53
caea56378e539ae5dcad0604d85984a6118acc0dff058b580de396ab1a17f758
d5343b9a9c667a328bd11798a1d4950326c2e48189873d45b2d515c56aad2cd6
d74156d61acb0d0a1d8b61610d162ec0f896bccbb18776dea6ed12fd8e763e9b
d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9
d9493d0af20ff1a6dd692852cf809303402a221f3b1cdb261e5d79238acc09fe
db06960de8a5d0a6466c3dcb032f7a7db70c0b913bab76999e9faf035ad1c31f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2a6bedeaa5fa6be7a6d36fdf494790004252781df48c2fe7b1b21a18653fa9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f331da5d7c1f1fe01d6f16fc2b4859ce4bdf0dfc7f971b6b3ed89684056466
e8ac29a7ad2786a8791d23898841e482546bf3a369e8d43f63a62f1540de492c
f570aa8099b421a835ca8e3e153cff61ca3b05937958a47eb45a96b7ddfd8af1
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14

www.2brushstrokes.com Open in urlscan Pro 66.235.200.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

71 %IPv6

18 Domains

25 Subdomains

22 IPs

4 Countries

2132 kBTransfer

5220 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.2brushstrokes.com Open in urlscan Pro
66.235.200.28 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

71 %
IPv6

18
Domains

25
Subdomains

22
IPs

4
Countries

2132 kB
Transfer

5220 kB
Size

5
Cookies

51 HTTP transactions
1 data transactions