urlscan.io logo urlscan.io
SecurityTrails logo

www.2brushstrokes.com Open in urlscan Pro
66.235.200.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJq...
Effective URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70Y...
Submission Tags: falconsandbox
Submission: On June 04 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 55 HTTP transactions. The main IP is 66.235.200.28, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.2brushstrokes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2021. Valid for: a year.
This is the only time www.2brushstrokes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 66.235.200.28 13335 (CLOUDFLAR...)
1 2606:2800:133... 15133 (EDGECAST)
6 35.190.14.35 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 52.239.140.10 8075 (MICROSOFT...)
4 13.92.180.208 8075 (MICROSOFT...)
2 136.143.191.67 2639 (ZOHO-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 7 2606:4700::68... 13335 (CLOUDFLAR...)
2 185.20.209.147 41913 (COMPUTERL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.114.110 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 162.247.242.18 23467 (NEWRELIC-...)
55 24
2    2606:4700::6812:5d7 (United States)

ASN13335 (CLOUDFLARENET, US)
hs-4764964.t.hubspotstarter-iy.net
8    66.235.200.28 (United States)

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com
www.2brushstrokes.com
1    2606:2800:133:f17:19e8:2356:251b:2a9 (United States)

ASN15133 (EDGECAST, US)
149b4.wpc.azureedge.net
6    35.190.14.35 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 35.14.190.35.bc.googleusercontent.com
components.mywebsitebuilder.com
3    2a00:1450:4001:811::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6813:a40a (United States)

ASN13335 (CLOUDFLARENET, US)
localize.uat.mywebsitebuilder.com
3    52.239.140.10 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wzuk.blob.core.windows.net
4    13.92.180.208 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
in-us-east-event-hubs.servicebus.windows.net
2    136.143.191.67 (United States)

ASN2639 (ZOHO-AS, US)
salesiq.zoho.com
1    2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
7    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
forms.hubspot.com
app.hubspot.com
2    185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
css.zohocdn.com
js.zohocdn.com
1    2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
5    2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)
avatars.hubspot.net
cdn2.hubspot.net
3    162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
Domain Requested by
8 www.2brushstrokes.com 1 redirects hs-4764964.t.hubspotstarter-iy.net
www.2brushstrokes.com
6 components.mywebsitebuilder.com www.2brushstrokes.com
components.mywebsitebuilder.com
5 static.hsappstatic.net app.hubspot.com
4 api.hubspot.com 1 redirects js.usemessages.com
static.hsappstatic.net
4 in-us-east-event-hubs.servicebus.windows.net 149b4.wpc.azureedge.net
3 bam.nr-data.net app.hubspot.com
3 wzuk.blob.core.windows.net www.2brushstrokes.com
3 storage.googleapis.com www.2brushstrokes.com
2 track.hubspot.com
2 salesiq.zoho.com hs-4764964.t.hubspotstarter-iy.net
salesiq.zoho.com
2 hs-4764964.t.hubspotstarter-iy.net 1 redirects
1 cdn2.hubspot.net
1 avatars.hubspot.net app.hubspot.com
1 js-agent.newrelic.com app.hubspot.com
1 app.hubspot.com js.usemessages.com
1 forms.hubspot.com js.hsleadflows.net
1 forms.hsforms.com
1 js.zohocdn.com salesiq.zoho.com
1 css.zohocdn.com salesiq.zoho.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 localize.uat.mywebsitebuilder.com 149b4.wpc.azureedge.net
1 js.hs-scripts.com www.2brushstrokes.com
1 149b4.wpc.azureedge.net www.2brushstrokes.com
55 27

This site contains no links.

Subject Issuer Validity Valid
hubspotstarter-iy.net
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
www.2brushstrokes.com
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
*.mywebsitebuilder.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-25 -
2021-09-26		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
mywebsitebuilder.com
Cloudflare Inc ECC CA-3		 2021-05-31 -
2022-05-30		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-06-02 -
2022-06-02		 a year crt.sh
servicebus.windows.net
Microsoft Azure TLS Issuing CA 02		 2021-04-19 -
2022-04-14		 a year crt.sh
*.zoho.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-14 -
2022-05-14		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.zohocdn.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2020-07-05 -
2021-07-05		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-21 -
2022-04-10		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Frame ID: 7B3C94EB005CA3D0F2499D02613E2C85
Requests: 33 HTTP requests in this frame

Frame: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Frame ID: 783D9DC39C4E5B18AAFC9E8FCE156952
Requests: 8 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: AE4A776A331B1C1C84BBC15251217EFA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Sm... Page URL
  2. https://hs-4764964.t.hubspotstarter-iy.net/events/public/v1/track/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4... HTTP 307
    http://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L... HTTP 301
    https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

55
Requests

100 %
HTTPS

65 %
IPv6

20
Domains

27
Subdomains

24
IPs

4
Countries

3723 kB
Transfer

5340 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11 Page URL
  2. https://hs-4764964.t.hubspotstarter-iy.net/events/public/v1/track/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11?_ud=6b48fb8e-5867-4a83-9829-387b2e494674&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    http://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460 HTTP 301
    https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://api.hubspot.com/userpreferences/v1/avatar/61f4c3824596ae814769bb0037bb7cca/100 HTTP 307
  • https://avatars.hubspot.net/default-100

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQW...
hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece62a981228663bb64230b30bc56746fe489a145a25ae0a1b2e1bc998c40c0c

Request headers

:method
GET
:authority
hs-4764964.t.hubspotstarter-iy.net
:scheme
https
:path
/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:23 GMT
content-type
text/html;charset=utf-8
x-robots-tag
none
referrer-policy
no-referrer
vary
Accept-Encoding
x-hubspot-correlation-id
b1be0642-4d82-4643-9611-daf442e7e493
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-request-id
0a7a5ff90f000006318280b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65a402a1bffb0631-FRA
content-encoding
br
Primary Request /
www.2brushstrokes.com/
Redirect Chain
  • https://hs-4764964.t.hubspotstarter-iy.net/events/public/v1/track/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW5...
  • http://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_...
  • https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&...
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Requested by
Host: hs-4764964.t.hubspotstarter-iy.net
URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
af8dbb575d3d3afcbcb058a156f6cdd368728cc2483bfca0bfbb531978fffda9

Request headers

:method
GET
:authority
www.2brushstrokes.com
:scheme
https
:path
/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11

Response headers

date
Fri, 04 Jun 2021 20:46:24 GMT
content-type
text/html
cf-ray
65a402a84fac3329-CDG
last-modified
Tue, 25 Aug 2020 16:28:05 GMT
vary
Accept-Encoding
cf-cache-status
MISS
cf-request-id
0a7a5ffd2f000033294725c000000001
content-md5
L32R+HGSVhuYB8+8yGC1dA==
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ms-blob-type
BlockBlob
x-ms-creation-time
Mon, 30 Dec 2019 09:02:36 GMT
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
6ffe834c-e01e-00ce-1882-5911a3000000
x-ms-server-encrypted
true
x-ms-version
2018-03-28
x-worker-version
1.0.0
server
cloudflare
content-encoding
br

Redirect headers

Date
Fri, 04 Jun 2021 20:46:23 GMT
Content-Length
0
Connection
keep-alive
Location
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
cf-request-id
0a7a5ffc600000cdb31d02a000000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
65a402a6fde6cdb3-CDG
t.js
149b4.wpc.azureedge.net/80149B4/insights/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:f17:19e8:2356:251b:2a9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA5) /
Resource Hash
a015ca1e691b49e6b2ace57963ae217787f08b5b0a838f818a25e524d6a92164

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:27 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
last-modified
Mon, 10 May 2021 08:22:38 GMT
server
ECAcc (frc/8EA5)
age
2204629
etag
-1741585332
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-headers
Origin, Content-Type, Accept, Authorization
content-length
6620
expires
Sat, 04 Jun 2022 20:46:28 GMT
viewer.css
components.mywebsitebuilder.com/g-202007071407399460/viewer-gator/ 		144 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/g-202007071407399460/viewer-gator/viewer.css
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54c49c13b9577aa5b4794e64f0745b4df11481cf20a19e7920624f6d122718e0

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 22:49:40 GMT
content-encoding
gzip
age
338208
x-guploader-uploadid
ABg5-UxO3KhemRbcEwXAuO2x_lBHnHMkjwdNi69gqCNZHTgmyHPDz3fvLskdSZXuRYMkl8tAF1YSfsO5QDu81dmEaWww1HEIpw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
21762
last-modified
Tue, 07 Jul 2020 14:52:51 GMT
server
UploadServer
etag
"17d86ee49251547465af634815788d57"
vary
Accept-Encoding
x-goog-hash
crc32c=/rM1Hw==, md5=F9hu5JJRVHRlr2NIFXiNVw==
x-goog-generation
1594133571430937
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
21762
accept-ranges
bytes
content-type
text/css
expires
Tue, 31 May 2022 22:49:40 GMT
viewer.js
components.mywebsitebuilder.com/g-202007071407399460/viewer/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/g-202007071407399460/viewer/viewer.js
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10eb63f9533bc9f2d8ba9799a95ce9b722624f46d4d537278711017b7dcad93e

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 11:39:02 GMT
age
292046
x-guploader-uploadid
ABg5-UxBbRWdEaqEUqhsskTZt4E2Il5hRfZTi3zk1wn00O5X2jPuq9QXDYVzcqDVovFcJumAQXmJH4WtJpt93YUhjjI
x-goog-storage-class
STANDARD
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
last-modified
Tue, 07 Jul 2020 14:52:50 GMT
server
UploadServer
etag
W/"39162515ed70ff76bd7c98c197a1a80e"
vary
Accept-Encoding
x-goog-hash
crc32c=iym8aw==, md5=ORYlFe1w/3a9fJjBl6GoDg==
x-goog-generation
1594133570840976
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
533573
accept-ranges
bytes
content-type
application/javascript
warning
214 UploadServer gunzipped
expires
Wed, 01 Jun 2022 11:39:02 GMT
8c6f3b9c98fa4168b7c061991601e6a7.js
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/8c6f3b9c98fa4168b7c061991601e6a7.js?1598372884
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3cb3718e482bd4b3f2b31b8c7b6e44b7085ef17a830fbfe5e68a97619ce5ff92

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:28 GMT
x-guploader-uploadid
ABg5-UywLDVXoFwD_itOu2nC7atB1WuIMGZLlcFeGGvfiIin-fr8uRH3w5Rir7DvLG2N-scmQr6VKLFJ9m_uJuX50f4XtxaaGw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23832
last-modified
Tue, 25 Aug 2020 16:27:59 GMT
server
UploadServer
etag
"528e80f6ceaa970bc192a864a71c4e29"
x-goog-hash
crc32c=D0MMQA==, md5=Uo6A9s6qlwvBkqhkpxxOKQ==
x-goog-generation
1598372879530552
cache-control
public, max-age=3600
x-goog-stored-content-length
23832
accept-ranges
bytes
content-type
application/json
expires
Fri, 04 Jun 2021 21:46:28 GMT
0f3ec490bf5545f994a3a7d98fca5398.js
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 		56 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/0f3ec490bf5545f994a3a7d98fca5398.js?1598372884
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b89b3f71b3a76e9c6ff2eb4a8f8c4da933d7d554f4c60b6011850a4a9af79f53

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:28 GMT
x-guploader-uploadid
ABg5-UyqBTTrA0pbLDBqqTs2EQb4SNRWpAlHln7RliegunwiqplqIm3q3ZIgv-Ed0ykQuG2H31iH807lKfyKCioh8NUfbNKOjQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57094
last-modified
Tue, 28 Jul 2020 18:47:14 GMT
server
UploadServer
etag
"9a05ae6ffdc4323f43f10d510c668873"
x-goog-hash
crc32c=lnNYhQ==, md5=mgWub/3EMj9D8Q1RDGaIcw==
x-goog-generation
1595962034760268
cache-control
public, max-age=3600
x-goog-stored-content-length
57094
accept-ranges
bytes
content-type
application/json
expires
Fri, 04 Jun 2021 21:46:28 GMT
95404429fef54d9a982e4b78d3e2718a.js
storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/ 		81 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/gator-users/user-504776/sites/503010/5b27c3a1e004fM6fFZST/95404429fef54d9a982e4b78d3e2718a.js?1598372884
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e2a6bedeaa5fa6be7a6d36fdf494790004252781df48c2fe7b1b21a18653fa9f

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:28 GMT
x-guploader-uploadid
ABg5-UydpTAKfc1HMnLsnEiid25BzjluTwWAk-1CHKxswndWQbuzCQag34MT2AuISX1TMyXsR-CXoCVg4iUl97hI6MUSUn5hDQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82706
last-modified
Tue, 25 Aug 2020 16:27:45 GMT
server
UploadServer
etag
"01a19dc56f028bd3542cb14a266085db"
x-goog-hash
crc32c=GLK3aw==, md5=AaGdxW8Ci9NULLFKJmCF2w==
x-goog-generation
1598372865079345
cache-control
public, max-age=3600
x-goog-stored-content-length
82706
accept-ranges
bytes
content-type
application/json
expires
Fri, 04 Jun 2021 21:46:28 GMT
4764964.js
js.hs-scripts.com/ 		2 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4764964.js
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
781d2d818d4589f2f8097d5868e1a96550f02faacb0e898bdc27be07adf99f4e

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
fd9fbda5-b0b9-47b9-a9ff-174a1f37b4b0
cf-request-id
0a7a600e7300004d8af7210000000001
server
cloudflare
x-trace
2BA33D9B9800F974EFBFE98082A6ECC60963FE74B2000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.2brushstrokes.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
65a402c3e9fc4d8a-FRA
expires
Fri, 04 Jun 2021 20:47:28 GMT
/
localize.uat.mywebsitebuilder.com/ 		25 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://localize.uat.mywebsitebuilder.com/
Requested by
Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a40a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d377b80f1d9bc65f049361ebb7c212f1ce58d6f8196e108a6ca8eae4cab6ade8

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
access-control-allow-origin
*
cf-ray
65a402c18cef2b22-FRA
cf-request-id
0a7a600cf700002b2256134000000001
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ee4ea65db6fe9c920d6844298f9ac16152841c7813f02c5d8c7da29f49b60a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
embed-html.html
components.mywebsitebuilder.com/extern/embed-html/ Frame 783D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/g-202007071407399460/viewer/viewer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
242523b55015d3d64e15a62829a6ea75c3415f5a65a6916f7cf8608dd13bea09

Request headers

:method
GET
:authority
components.mywebsitebuilder.com
:scheme
https
:path
/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2brushstrokes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2brushstrokes.com/

Response headers

x-guploader-uploadid
ABg5-UxEmX7O0i34YZFR0qb_N-_spi7iRIVDww3lA1gK2e9WvjIdkgJlVrn6zGgXz03pPtjAUwc5BoiK54VwuHtmZC6PNU7RxQ
expires
Fri, 04 Jun 2021 21:12:50 GMT
date
Fri, 04 Jun 2021 20:12:50 GMT
last-modified
Mon, 18 Mar 2019 10:01:46 GMT
etag
"d764867dd92feb4a5db43b1421dae81e"
x-goog-generation
1552903306346559
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2212
content-type
text/html
x-goog-hash
crc32c=u8oTFg== md5=12SGfdkv60pdtDsUIdroHg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
2212
access-control-allow-origin
*
access-control-expose-headers
Content-Type
server
UploadServer
age
2018
cache-control
public, max-age=3600
alt-svc
clear
1aJZYUlSkk6puu4aOD3swQ.woff
wzuk.blob.core.windows.net/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wzuk.blob.core.windows.net/assets/fonts/1aJZYUlSkk6puu4aOD3swQ.woff
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Fri, 04 Jun 2021 20:46:27 GMT
x-ms-copy-progress
21704/21704
x-ms-copy-source
https://webzaitest.blob.core.windows.net/assets/fonts/1aJZYUlSkk6puu4aOD3swQ.woff
x-ms-copy-status
success
Content-Length
21704
x-ms-lease-state
available
x-ms-lease-status
unlocked
Accept-Ranges
bytes
Last-Modified
Mon, 28 Jul 2014 14:52:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D1788AAFC21BEE"
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
6d5c1ac5-d01e-00ca-3882-59b49b000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control
public, max-age=31536000
x-ms-version
2013-08-15
x-ms-copy-id
741e6713-78d4-49e4-a8cf-5c8744a5c1bc
x-ms-copy-completion-time
Mon, 28 Jul 2014 14:52:28 GMT
I7CsSHRfZ0GB3AlD-DX-CQ.woff
wzuk.blob.core.windows.net/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wzuk.blob.core.windows.net/assets/fonts/I7CsSHRfZ0GB3AlD-DX-CQ.woff
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2f06077fe3d50522c14a3e84f5b24dd5b00e1513a2b371f4a9c4735c334872df

Request headers

Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Fri, 04 Jun 2021 20:46:28 GMT
x-ms-copy-progress
22004/22004
x-ms-copy-source
https://webzaitest.blob.core.windows.net/assets/fonts/I7CsSHRfZ0GB3AlD-DX-CQ.woff
x-ms-copy-status
success
Content-Length
22004
x-ms-lease-state
available
x-ms-lease-status
unlocked
Accept-Ranges
bytes
Last-Modified
Mon, 28 Jul 2014 14:53:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D1788AC856392E"
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
a7fd5dee-501e-0058-3e82-59232d000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control
public, max-age=31536000
x-ms-version
2013-08-15
x-ms-copy-id
3aadb96e-f104-4fe1-8e98-13a164028fc4
x-ms-copy-completion-time
Mon, 28 Jul 2014 14:53:09 GMT
zrpWq297sEeRsdU269eKIw.woff
wzuk.blob.core.windows.net/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wzuk.blob.core.windows.net/assets/fonts/zrpWq297sEeRsdU269eKIw.woff
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.10 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b206afe82a1c9176a352276634580f2eac291be9c2c5c3a4d2f4b58b174b55f

Request headers

Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Fri, 04 Jun 2021 20:46:27 GMT
x-ms-copy-progress
21512/21512
x-ms-copy-source
https://webzaitest.blob.core.windows.net/assets/fonts/zrpWq297sEeRsdU269eKIw.woff
x-ms-copy-status
success
Content-Length
21512
x-ms-lease-state
available
x-ms-lease-status
unlocked
Accept-Ranges
bytes
Last-Modified
Mon, 28 Jul 2014 14:56:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D1788B34F4026E"
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
9bc93e5b-e01e-004a-0382-591731000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-copy-id,x-ms-copy-source,x-ms-copy-status,x-ms-copy-progress,x-ms-copy-completion-time
Cache-Control
public, max-age=31536000
x-ms-version
2013-08-15
x-ms-copy-id
8e2fbce3-71aa-4c2b-a7df-1bf3ed2b1e01
x-ms-copy-completion-time
Mon, 28 Jul 2014 14:56:12 GMT
/
www.2brushstrokes.com/x/cdn/ 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/BTDDYOAbc0-ezSF5ZTSTnQ.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
556f05f07d01f2944d414b9bfbb3fdd0fd0bef5413e1a9b88238829e93bd8e8d

Request headers

:path
/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/BTDDYOAbc0-ezSF5ZTSTnQ.jpg
pragma
no-cache
cookie
app_ses_key=80ADB339-1DD5-2D0D-F696-CF71CA602E43/none; app_key=892AD3FE-28CD-F4E0-453C-AF4988B413A3/1622839588060
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.2brushstrokes.com
referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
cf-cache-status
MISS
x-guploader-uploadid
ABg5-Uzzjy89c7mMzJy4V_Bv6nzGm4N2SAfv8EaLdxuob9F08S66krQqDiglTdnQwSbOqOkJoEzGaK_Mc-PX8zXJfvlbUOnBSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
image/jpeg
cf-request-id
0a7a600f76000033292fb09000000001
last-modified
Thu, 08 Mar 2018 14:21:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Uf7/qg== md5=k6Q0hxK6Jb+SkXEm1r1+tw==
x-image-proxy-version
1.24
x-goog-generation
1520518889486766
cache-control
public, max-age=31536000
x-goog-stored-content-length
384980
cf-ray
65a402c58e623329-CDG
expires
Sat, 04 Jun 2022 20:46:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b47aa96929e3ZKnbu4f/Orange-2BS-Logo_d800.png
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
539c323c54874cc3ca45733f7e2ef26631eff05d65d883b8f5c92debc1623336

Request headers

:path
/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b47aa96929e3ZKnbu4f/Orange-2BS-Logo_d800.png
pragma
no-cache
cookie
app_ses_key=80ADB339-1DD5-2D0D-F696-CF71CA602E43/none; app_key=892AD3FE-28CD-F4E0-453C-AF4988B413A3/1622839588060
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.2brushstrokes.com
referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
cf-cache-status
MISS
x-guploader-uploadid
ABg5-UxxU4yKz5MoRxUQ7VsqgeEEC19ubOhUPCYGqd1ersoIyn36ryyfejfUA2RqP-pqnZUW5oQh19o4PW1QlSTKBOJiHBq-BQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
42506
cf-request-id
0a7a600f7300003329e62ec000000001
last-modified
Thu, 12 Jul 2018 19:23:04 GMT
server
cloudflare
etag
"69506b66f8f3f7514954bf3ff3321dd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=P0atGw== md5=aVBrZvjz91FJVL8/8zId0Q==
x-image-proxy-version
1.24
x-goog-generation
1531423384701096
cache-control
public, max-age=31536000
x-goog-stored-content-length
42506
accept-ranges
bytes
cf-ray
65a402c58e6d3329-CDG
expires
Sat, 04 Jun 2022 20:46:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c30633c6f6kr7FGTv/Mission-Stmt.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
3737c4790f4392dc2f2d4e0d7e1b789e190eb5fbc8f777e1025de2edbab7bc3b

Request headers

:path
/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c30633c6f6kr7FGTv/Mission-Stmt.jpg
pragma
no-cache
cookie
app_ses_key=80ADB339-1DD5-2D0D-F696-CF71CA602E43/none; app_key=892AD3FE-28CD-F4E0-453C-AF4988B413A3/1622839588060
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.2brushstrokes.com
referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
cf-cache-status
MISS
x-guploader-uploadid
ABg5-Uy6uteZxHuUioGfY6eAkh04M_tIgsHA14Vmb5REHyag91kH9_rXJbPKkDHMoYpIVWKiRwheg5JQUsecCUkMxt6vIiZZjg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
9104
cf-request-id
0a7a600f7300003329e598a000000001
last-modified
Thu, 21 Jun 2018 23:10:27 GMT
server
cloudflare
etag
"8582a75cd2a1fe94e1b8bd381d888b14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=B/C/Zw== md5=hYKnXNKh/pThuL04HYiLFA==
x-image-proxy-version
1.24
x-goog-generation
1529622627489763
cache-control
public, max-age=31536000
x-goog-stored-content-length
9104
accept-ranges
bytes
cf-ray
65a402c58e723329-CDG
expires
Sat, 04 Jun 2022 20:46:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c315fd906e7ngJdp7/Process_improvement2.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
40673c7d64f1132c7535a729549db01b15caf95482754f17eba796eec4f10c4f

Request headers

:path
/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c315fd906e7ngJdp7/Process_improvement2.jpg
pragma
no-cache
cookie
app_ses_key=80ADB339-1DD5-2D0D-F696-CF71CA602E43/none; app_key=892AD3FE-28CD-F4E0-453C-AF4988B413A3/1622839588060
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.2brushstrokes.com
referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
cf-cache-status
MISS
x-guploader-uploadid
ABg5-UybZVh2EMAlgi71aLZ5yuD0XkFc78vEyzJnqN_kDB3xqLyG6hQSXrjyGQ1hPEYLps9FMKkDapwL-v4t8mZj7gU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
14961
cf-request-id
0a7a600f740000332901861000000001
last-modified
Thu, 21 Jun 2018 23:14:40 GMT
server
cloudflare
etag
"5942ae313384b4d64a333045685fac4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=K0ej8A== md5=WUKuMTOEtNZKMzBFaF+sTA==
x-image-proxy-version
1.24
x-goog-generation
1529622880072094
cache-control
public, max-age=31536000
x-goog-stored-content-length
14961
accept-ranges
bytes
cf-ray
65a402c58e743329-CDG
expires
Sat, 04 Jun 2022 20:46:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c32e0e4fa2jRC9Xrc/human-bot-handshake_d400.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
372c0041fc964def0aec95ae17c6f03a3e5e5ccfe5969952c6de7e5c0f7cc34b

Request headers

:path
/x/cdn/?https://storage.googleapis.com/gator-users/user-504776/images/5b2c32e0e4fa2jRC9Xrc/human-bot-handshake_d400.jpg
pragma
no-cache
cookie
app_ses_key=80ADB339-1DD5-2D0D-F696-CF71CA602E43/none; app_key=892AD3FE-28CD-F4E0-453C-AF4988B413A3/1622839588060
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.2brushstrokes.com
referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
cf-cache-status
MISS
x-guploader-uploadid
ABg5-UzG5jezvSocMrRniLhJOpzth1IeEm3-wmH2ac3FanpK16yA0rAGlqfUIpB35abzzmt4SP0uYqTl5Ak2kMzzMgD6Bku3AQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
12846
cf-request-id
0a7a600f740000332951be5000000001
last-modified
Thu, 21 Jun 2018 23:21:05 GMT
server
cloudflare
etag
"9ba7f58b0b670c0dd84c2da4caf6874b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=n3Y0yw== md5=m6f1iwtnDA3YTC2kyvaHSw==
x-image-proxy-version
1.24
x-goog-generation
1529623265736412
cache-control
public, max-age=31536000
x-goog-stored-content-length
12846
accept-ranges
bytes
cf-ray
65a402c58e763329-CDG
expires
Sat, 04 Jun 2022 20:46:28 GMT
/
www.2brushstrokes.com/x/cdn/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2brushstrokes.com/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/0tRP5zHdwkCY6OWnKW8beg.jpg
Requested by
Host: www.2brushstrokes.com
URL: https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
e02f0d48e69425e5b002bd6ecd5f83fb6cc2e16166abe99bb8883c3caefff00a

Request headers

:path
/x/cdn/?https://storage.googleapis.com/gator-users/user-500001/images/0tRP5zHdwkCY6OWnKW8beg.jpg
pragma
no-cache
cookie
app_ses_key=80ADB339-1DD5-2D0D-F696-CF71CA602E43/none; app_key=892AD3FE-28CD-F4E0-453C-AF4988B413A3/1622839588060
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.2brushstrokes.com
referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
cf-cache-status
MISS
x-guploader-uploadid
ABg5-Uy2iRct1i5G5LJG6Q5rkG7SWQ071pHsS2DqHJtQ11sRs57ph25x-GiL8uES2uvpirHZB9Vy6FDtnbnuTkUdhaP6eCuRSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
image/jpeg
cf-request-id
0a7a600f740000332921ae9000000001
last-modified
Thu, 08 Mar 2018 14:20:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=BR+V8g== md5=6tdPH4PerTUI9ArtGlSBdw==
x-image-proxy-version
1.24
x-goog-generation
1520518859536839
cache-control
public, max-age=31536000
x-goog-stored-content-length
294397
cf-ray
65a402c58e783329-CDG
expires
Sat, 04 Jun 2022 20:46:28 GMT
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Protocol
HTTP/1.1
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type
Origin
https://www.2brushstrokes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin
https://www.2brushstrokes.com
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Headers
access-control-allow-origin,authorization,content-type
Strict-Transport-Security
max-age=31536000
Date
Fri, 04 Jun 2021 20:46:28 GMT
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Protocol
HTTP/1.1
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type
Origin
https://www.2brushstrokes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin
https://www.2brushstrokes.com
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
Access-Control-Allow-Headers
access-control-allow-origin,authorization,content-type
Strict-Transport-Security
max-age=31536000
Date
Fri, 04 Jun 2021 20:46:28 GMT
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Requested by
Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2brushstrokes.com/
Authorization
SharedAccessSignature sr=https%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1%2Fpublishers%2Fa7eb7df2-c03b-4196-9fc0-88f2fac0e84b%2Fmessages&sig=PEbmppUpdp9CgVtanfE%2BtNJhx%2BM8BhGR7ue0Vhle8wY%3D&se=1622843188.721&skn=Send
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.2brushstrokes.com
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Date
Fri, 04 Jun 2021 20:46:28 GMT
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
messages
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/publishers/a7eb7df2-c03b-4196-9fc0-88f2fac0e84b/messages?timeout=10
Requested by
Host: 149b4.wpc.azureedge.net
URL: https://149b4.wpc.azureedge.net/80149B4/insights/t.js?brand=Gator&v=g-202007071407399460
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2brushstrokes.com/
Authorization
SharedAccessSignature sr=https%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1%2Fpublishers%2Fa7eb7df2-c03b-4196-9fc0-88f2fac0e84b%2Fmessages&sig=pb2BXUI0tYqM6m2IPKesg%2FvfBWrRB%2FFOf5VMAXSGyIk%3D&se=1622843188.723&skn=Send
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.2brushstrokes.com
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Date
Fri, 04 Jun 2021 20:46:28 GMT
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
apps-api.js
components.mywebsitebuilder.com/extern/apps-api/ Frame 783D 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/extern/apps-api/apps-api.js
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e8ac29a7ad2786a8791d23898841e482546bf3a369e8d43f63a62f1540de492c

Request headers

Referer
https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 19:56:17 GMT
age
3011
x-guploader-uploadid
ABg5-UxUQ6-VYG2cVcCvztaLJChzAxKqvy5CSKKQRODr5Mr85zUxTBR0dgmSs_UbA7pHpvOue_Ol-KAVv05giArbj6klebbzdA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
21187
last-modified
Mon, 18 Mar 2019 09:51:06 GMT
server
UploadServer
etag
"96a4d02bd1de25520d08d3d583416fb7"
x-goog-hash
crc32c=nbTZ7A==, md5=lqTQK9HeJVINCNPVg0Fvtw==
x-goog-generation
1552902666941504
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
21187
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 04 Jun 2021 20:56:17 GMT
embed-html.html
components.mywebsitebuilder.com/extern/embed-html/ Frame 783D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
242523b55015d3d64e15a62829a6ea75c3415f5a65a6916f7cf8608dd13bea09

Request headers

:method
GET
:authority
components.mywebsitebuilder.com
:scheme
https
:path
/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D

Response headers

x-guploader-uploadid
ABg5-UxEmX7O0i34YZFR0qb_N-_spi7iRIVDww3lA1gK2e9WvjIdkgJlVrn6zGgXz03pPtjAUwc5BoiK54VwuHtmZC6PNU7RxQ
expires
Fri, 04 Jun 2021 21:12:50 GMT
date
Fri, 04 Jun 2021 20:12:50 GMT
last-modified
Mon, 18 Mar 2019 10:01:46 GMT
etag
"d764867dd92feb4a5db43b1421dae81e"
x-goog-generation
1552903306346559
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2212
content-type
text/html
x-goog-hash
crc32c=u8oTFg== md5=12SGfdkv60pdtDsUIdroHg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
2212
access-control-allow-origin
*
access-control-expose-headers
Content-Type
server
UploadServer
age
2018
cache-control
public, max-age=3600
alt-svc
clear
apps-api.js
components.mywebsitebuilder.com/extern/apps-api/ Frame 783D 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/extern/apps-api/apps-api.js
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e8ac29a7ad2786a8791d23898841e482546bf3a369e8d43f63a62f1540de492c

Request headers

Referer
https://components.mywebsitebuilder.com/extern/embed-html/embed-html.html?wzId=id1531791282686&wzInstanceId=id1531791282686&wzAppId=embed_html_app&wzAppV=1&wzApiType=app&wzDeviceType=desktop&wzMode=view&wzSessionId=1622839588514&wzEncodeParams=eyJ3ekN1cnJlbnRVcmwiOiJodHRwczovL3d3dy4yYnJ1c2hzdHJva2VzLmNvbS8%2FdXRtX3NvdXJjZT1oc19lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jb250ZW50PTc0MDI0NDYwJl9oc2VuYz1wMkFOcXR6LThMN0VnVzAzWUw0YUpuNXpMV0k3MFlFX19UUU1NaEFveGdOeDRZN0NLRVNBSnVKQVdDbGQ5cTQ4RE5pX25UalJLZndLa0ltQVFyQkpha2pyU3F2LW9uNEplTk1BJl9oc21pPTc0MDI0NDYwIiwid3pTaXplIjp7IndpZHRoIjo0MDAsImhlaWdodCI6NDAwfX0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 19:56:17 GMT
age
3011
x-guploader-uploadid
ABg5-UxUQ6-VYG2cVcCvztaLJChzAxKqvy5CSKKQRODr5Mr85zUxTBR0dgmSs_UbA7pHpvOue_Ol-KAVv05giArbj6klebbzdA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
21187
last-modified
Mon, 18 Mar 2019 09:51:06 GMT
server
UploadServer
etag
"96a4d02bd1de25520d08d3d583416fb7"
x-goog-hash
crc32c=nbTZ7A==, md5=lqTQK9HeJVINCNPVg0Fvtw==
x-goog-generation
1552902666941504
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
21187
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 04 Jun 2021 20:56:17 GMT
widget
salesiq.zoho.com/ Frame 783D 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salesiq.zoho.com/widget
Requested by
Host: hs-4764964.t.hubspotstarter-iy.net
URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
a70f7b6869b541950657edd993005bcdd5036d180299409193001d7bbbfba38f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://components.mywebsitebuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Fri, 04 Jun 2021 20:46:29 GMT
Content-Encoding
gzip
Server
ZGS
ETag
W/-1048161659
vary
accept-encoding
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000
Expires
Fri, 04 Jun 2021 20:51:29 GMT
conversations-embed.js
js.usemessages.com/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd92ecc87b6f2ed90dd548ba471c8f99507c8118633e3bdbcb5982429c70cc7

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:28 GMT
via
1.1 ddeb8679359f033dad405557c487bfdd.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
303
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8903/bundles/project.js&cfRay=65a3fb5c2ea34ed9-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0a7a60107500002b4d993c8000000001
last-modified
Wed, 02 Jun 2021 03:45:52 UTC
server
cloudflare
etag
W/"8b232ba8752127aefe4a51935b608ee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Ts6q1w2ggAjJnDkBbAYAbN.1NTlh0g.7
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
65a402c728562b4d-FRA
x-amz-cf-id
luA5XpSqTVB_ZViLlXDsY_H3Ql8X8rTJNsJWvPaRF9ZdnpKCBX4u1A==
x-hs-target-asset
conversations-embed/static-1.8903/bundles/project.js
leadflows.js
js.hsleadflows.net/ 		471 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5ad8f6aab7933888e789f5b9eed29f6064a9a256fe35c384c8da0b648d3dc

Request headers

Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
via
1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1019/bundle/main/lead-flows-release.js&cfRay=65a402c718f1e00b-IAD
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0a7a60106d0000e00b33986000000001
cf-ray
65a402c718f1e00b-FRA
last-modified
Mon, 10 May 2021 01:50:02 UTC
server
cloudflare
etag
W/"a0422ceeab86db6e0c81719033b4bab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
vzNq8gdJKWGHBPoJ4NIykDa1nlgXs_sz
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
content-type
application/javascript; charset=utf-8
x-amz-cf-id
O_DyVhzNsDXoxg9EhFE2QQatNFew7rKvzBVPbzPSwwWZmiOSbZUfOg==
x-hs-target-asset
lead-flows-js/static-1.1019/bundle/main/lead-flows-release.js
4764964.js
js.hs-analytics.net/analytics/1622839500000/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1622839500000/4764964.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4de632e5d2c007896a3a1d66048654fe1f65b00db2b0366692ec146078aea1

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
EFAM0CZN2RYX64JF
x-amz-server-side-encryption
AES256
cf-ray
65a402c71abd4eeb-FRA
x-amz-id-2
bhGNe9jWkQihXQgX4zVk1etWd9feb3A6ljCHUFFB4XizSzBNrOnQh5CqI6kdhsdpxX4co4Ckx6g=
last-modified
Wed, 12 May 2021 19:42:23 GMT
server
cloudflare
etag
W/"9e8a9785d6b3ecd1ed58306319648104"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
0a7a60107100004eeb7125b000000001
content-type
text/javascript
expires
Fri, 04 Jun 2021 20:51:29 GMT
4764964.js
js.hs-banner.com/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/4764964.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745b6b1dfd86e5b212a605aa200126c881262fd1c8211b18c7816776eafaaad6

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
EFAMHAAWNYZBS0MN
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
FqqtusWHTb79j3kesvI6fXKBSpSueZUsFWgwfwpwxmY2c0ZH4HvbqJrgtyuGcIC5Jhmv1oMTcms=
timing-allow-origin
*
last-modified
Thu, 27 May 2021 17:06:24 GMT
server
cloudflare
etag
W/"f865a2828c8ba84fa1e74562fbb660d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
S1wxttd1O0A5JEYMLGrVrFkS_ggDQB8E
access-control-allow-origin
https://www.2brushstrokes.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
0a7a60106e00004dc411bbd000000001
cf-ray
65a402c719744dc4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 04 Jun 2021 20:51:29 GMT
collectedforms.js
js.hscollectedforms.net/ 		81 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4764964.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b63fd36f5c48af5e612b6719d6b77f1e4f4087dd69ffa426c2f966b775a82b

Request headers

Origin
https://www.2brushstrokes.com
Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
via
1.1 91541e88a15c80bced2ffb950f407c1e.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.240/bundles/project.js&cfRay=65a402c71e602b71-FRA
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0a7a60106e00002b71199a4000000001
cf-ray
65a402c71e602b71-FRA
last-modified
Thu, 27 May 2021 01:34:00 UTC
server
cloudflare
etag
W/"dfcae8e7cf0147090ea4a46ff8c7701b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
x.VJFnzOmOi1EqMYga2YUL0gSamB_uYQ
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
content-type
application/javascript; charset=utf-8
x-amz-cf-id
3_9NY_VjNguvmKQP699cj1D3qNltrNLxinwrDK1lYR59fwjEw2-9-w==
x-hs-target-asset
collected-forms-embed-js/static-1.240/bundles/project.js
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4764964&conversations-embed=static-1.8903&mobile=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&traceId=004af1bb611f4c229717abe4f5a750f3
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
772d2325b9ec9e97814a08ff81def838a810a6a3af9f7388f17868031c4ea8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://www.2brushstrokes.com/?utm_source=hs_email&utm_medium=email&utm_content=74024460&_hsenc=p2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA&_hsmi=74024460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2brushstrokes.com/

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
95b66b17-0357-4780-8fac-4f0f6f26488f
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1516
cf-request-id
0a7a60115000004ab5d02dd000000001
server
cloudflare
x-trace
2BD31622F128218B13620335E94E4EAF18E5DAA6B8000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QQM04z8QMDw%2F%2F4BzrJR2029wQNXQC%2B%2B4HaLwPdDspQ4%2Ff6q7utPVtp96nQvLuZajm2XwBfSi3rAHNxqzdtcYkhXRV27qmDHcx3Ne%2Fk1jAPbxEFCVjDRRyz4HUMwXEC7AF5%2BqW1SLGds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.2brushstrokes.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
65a402c878974ab5-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4764964&conversations-embed=static-1.8903&mobile=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&traceId=004af1bb611f4c229717abe4f5a750f3
Protocol
H2
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://www.2brushstrokes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-type
text/plain; charset=utf-8
content-length
18
cf-ray
65a402c78c8a4a8c-FRA
access-control-allow-origin
https://www.2brushstrokes.com
allow
HEAD,GET,OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cf-cache-status
DYNAMIC
access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id
0a7a6010b200004a8cebba0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id
9e5933d9-c9fd-495a-acea-0074db2fb87e
x-trace
2B161841B3E5CB092D644172B08B9DDC4C83D98F26000000000000000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eZ6tyuSHrpBN%2FFfICF%2F93jMQF8IV9DG1fhwUg%2F8kZFdEx8XZ3%2BN8hXQoXAN1ZuaXg%2Fu5Wpa4zjIKjdSM4rv2vXS2cPGULIeJySC9BNKmVsOi0GovIs23aV7mvkIBXalcpvoN7g%2BgZNM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
getembeddetails.ls
salesiq.zoho.com/ Frame 783D 		40 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://salesiq.zoho.com/getembeddetails.ls?widgetcode=1919bfb5ec3d2af153b77d7a83a361f8bc92eb7975718a49bc46e6142538045a6b90d019bd4854fe957717da2cd3df72&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Fcomponents.mywebsitebuilder.com&pagetitle=
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
c5ddb81b2702fda349cb2f35aa519d0f85412bffea5d1e071cb66c69335c6acb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://components.mywebsitebuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 04 Jun 2021 20:46:29 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin
Server
ZGS
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://components.mywebsitebuilder.com
Connection
keep-alive
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Credentials
true
vary
accept-encoding
X-XSS-Protection
1
floatbutton_1e431f67445c676ff10f7da303950987_.css
css.zohocdn.com/salesiq/https/styles/ Frame 783D 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.zohocdn.com/salesiq/https/styles/floatbutton_1e431f67445c676ff10f7da303950987_.css
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
Software
ZGS /
Resource Hash
1e0a37200a8200d80ca5e58c96aa8b1725d3da67a16938f3155b371fc6abafcb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://components.mywebsitebuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/css;charset=UTF-8
x-cache
HIT
last-modified
Wed, 02 Jun 2021 13:21:57 GMT
vary
Accept-Encoding
content-length
18287
x-xss-protection
1
nb-request-id
4f11c7a2344d42fe37042e118ac7de0f
server
ZGS
etag
"a7ac8c3ef58f107cf7434ef676579168"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
floatbutton_4f46a98b90d3204c9a51e4d759e527d8_.js
js.zohocdn.com/salesiq/https/js/ Frame 783D 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohocdn.com/salesiq/https/js/floatbutton_4f46a98b90d3204c9a51e4d759e527d8_.js
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
Software
ZGS /
Resource Hash
708d269702025d6df88eceaa9d5b8f17c85e199cf9838e75d7f15f8af6a4d151
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://components.mywebsitebuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
x-cache
HIT
last-modified
Wed, 12 May 2021 11:16:55 GMT
vary
Accept-Encoding
content-length
11857
x-xss-protection
1
nb-request-id
9b0486c5f07d98a1f0a1c76164345f0d
server
ZGS
etag
"6b8f4874fbeae7e56d55b1b93bc92723"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=5184000, immutable
accept-ranges
bytes
timing-allow-origin
*
__ptq.gif
track.hubspot.com/ 		45 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4764964&pu=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&t=Home&cts=1622839589732&vi=d2ab7b40dc36238dc78f2517c3b985e6&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
59f693f9-7d82-4974-a098-9f1d26500591
cf-ray
65a402cbeb961786-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0a7a6013730000178658a40000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9AYcX8iK%2B0GI4R%2B58%2BzhHYAJxlre1mq7Pd3EnEZIpe%2Bsqlhw%2FmFw4wiLXabfxSD11oQHJUfS5Hn%2BQur7URhdd5Pv6ZrnGQBbdWx0u%2Bsqy%2BZAkTzr66XkVoS32vPus%2FGC1mcn4g2%2FilwDMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
b6b0b5c0-d4e6-489c-b00c-f3dd231ab19f
x-trace
2B8E35A612ACD19F0E07C240DD72F2BBC80DCB4F4C000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
65a402cbfd344e9d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
35
cf-request-id
0a7a60137c00004e9d18b99000000001
json
forms.hubspot.com/lead-flows-config/v1/config/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4764964&utk=d2ab7b40dc36238dc78f2517c3b985e6&__hstc=203433231.d2ab7b40dc36238dc78f2517c3b985e6.1622839589729.1622839589729.1622839589729.1&__hssc=203433231.1.1622839589729&currentUrl=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1e94e7d492f4f280a321eabee6498afa6e9ab1e69ddc99eadd12f205c2a5d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
3720ab54-fd87-4c19-afaf-3e5342dd04b6
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a60139300004a8ceeb29000000001
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wew5aCUzt2c0xRqCQ%2F0C4FhmvXB7Yf8nc%2FvQVRSS1ZsTts4sBeKAGnCfPwECFM6Wm8074h2%2BgOtp%2Bf6ZUBgSP2snP75hgp3PcEwwR1%2F6RJM4NbMYwFYqnWhPV%2F%2FJfz8R1QGRc6YoEdUVaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.2brushstrokes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
65a402cc18004a8c-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
004af1bb611f4c229717abe4f5a750f3
app.hubspot.com/conversations-visitor/4764964/threads/utk/ Frame AE4A 		44 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8f5f445e32edd983337a5f61a444d1e8713e548abe1534baf9dfec19612001
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.hubspot.com
:scheme
https
:path
/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2brushstrokes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2brushstrokes.com/

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
content-type
text/html; charset=utf-8
cf-ray
65a402cc5c641786-FRA
age
1099
cache-control
max-age=600
etag
W/"6b36664400809fe1168423e8cc129da4"
last-modified
Wed, 02 Jun 2021 03:45:52 UTC
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
access-control-allow-credentials
false
cf-request-id
0a7a6013b50000178643afb000000001
content-security-policy-report-only
script-src 'unsafe-inline' 'self' www.hubspot.com js.hs-analytics.net js.hsforms.net js.hsleadflows.net *.hsappstatic.net js.hs-banner.com *.hs-scripts.com js.hubspotfeedback.com js.usemessages.com js.hubspot.com js.hsadspixel.net js.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net www.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com www.fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com s.yimg.jp www.redditstatic.com 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.11359/html/index.html&cfRay=65a402cc5c641786&referrer=https%3A%2F%2Fwww.2brushstrokes.com%2F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id
hnKj5D3BVLa15OBc9L8Jftk_ePYyOSoB4YprJm8FkEVSWIAQQj7gxg==
x-amz-cf-pop
IAD89-C3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
EUfMNbLnGKtsWEAAFH09UHZ7A4On5M5z
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
server
cloudflare
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
__ptq.gif
track.hubspot.com/ 		45 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=16&fi=66dfd3db-54a7-4845-a958-3473d43a5f43&lfi=362784&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4764964&pu=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&t=Home&cts=1622839589955&vi=d2ab7b40dc36238dc78f2517c3b985e6&nc=true&u=203433231.d2ab7b40dc36238dc78f2517c3b985e6.1622839589729.1622839589729.1622839589729.1&b=203433231.1.1622839589729&cc=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
2afd6278-b36f-4128-a489-3a3576e91447
cf-ray
65a402cd4a874e26-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0a7a60144a00004e2647980000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FLeH4USkTrvOE8uJpH%2Fk9Ey4tA2RgYrxzBqr6TvdMQFFWrcSbjvklQKCJMzWAo%2BUeIixbfXRtyaV1KNAfiDl%2FgNkiGYR9XYFaJRZz%2BjLlrpp39nlAo1zjz3dp3pxWFQXJ3l3pMa9MIwpZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
bundle.production.js
static.hsappstatic.net/head-dlb/static-1.133/ Frame AE4A 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/head-dlb/static-1.133/bundle.production.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcb720730ec6667a8eb5cc8922104bcd038a26f8ad3f2b97c39da1f8b1d248c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://app.hubspot.com
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:30 GMT
via
1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
822705
x-amz-server-side-encryption
AES256
cf-ray
65a402cd9cb11f29-FRA
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a60148500001f299e2f8000000001
last-modified
Tue, 27 Apr 2021 20:06:49 GMT
server
cloudflare
etag
W/"130a0aa46b085d7193be5bff1b06839c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HhaLp8z%2ByIier%2BTyACQubav%2B%2FGD9M1RHSpcYgkF0kj8B4aqU11c4BJWtv7IazpbLzwff0iAz%2FX82WuFxmlBvyGnF9G8EhqwQYp47dmWPKIFANi0kT%2B3FFFCckWOtBkOb%2FGPdFVDmnr2RCCkCchGx"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
GjpMz4KgmP.84GcQIO6xeWpzcLZFXo8X
access-control-allow-origin
https://app.hubspot.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
0nfcUdMV8bVScdjaQp1C6_sopWmNwFtViK1pX_2yk-6O-ToSORBx4A==
expires
Sat, 04 Jun 2022 20:46:30 GMT
visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/ Frame AE4A 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/visitor.css
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:30 GMT
via
1.1 fc6dca2df1221c0bec817610bc20e505.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1554201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a601479000063c5649fa000000001
last-modified
Wed, 03 Mar 2021 21:09:00 GMT
server
cloudflare
etag
W/"370a89ea102d7b437eb549729472631f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0LvrCVZpMcY2BrWirR3BKhiXjlpY0I5CkOqZAouxr6eMnj5Z9dm%2BQ%2FlXH1TbfrX9rkziGQ6NOcp7WImOJKvToOjyClYpgEAqxKGLE%2FqwwOhMw2bJ3eCw9Jq%2BrJPbZsNgMlHUlhT8LgGGDKghej56"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1rBCyHs_YjjDB1.HOpykpqteK2m6W_oL
cache-control
public, max-age=31536000
x-amz-cf-pop
MUC50-C1
cf-ray
65a402cd8d3963c5-FRA
x-amz-cf-id
ty8MEdjgGU_CHYbNJ3VAGai79DmhaUdHc0j1TA7E5ppRiixT4jKtqg==
expires
Sat, 04 Jun 2022 20:46:30 GMT
bundle.production.js
static.hsappstatic.net/hubspot-dlb/static-1.129/ Frame AE4A 		285 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/hubspot-dlb/static-1.129/bundle.production.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://app.hubspot.com
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:30 GMT
via
1.1 843560942e8c8e57a33193254e0a9de6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1554342
x-amz-server-side-encryption
AES256
cf-ray
65a402cd9cb61f29-FRA
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a60148c00001f291f271000000001
last-modified
Thu, 25 Feb 2021 03:06:13 GMT
server
cloudflare
etag
W/"4b0d6c4998d1c189b73bf24559a044d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BP%2B%2FukayadXSkAzlGW9CuB1YvENmTt%2BQEIvB%2BzGp03%2BcaoyjDUUU7Y4XpJCvShUw6vGBRNzgzDvX1%2F81atCczx9LB%2BqG2aVCtpvOzGvZNsIL83bx%2FSn0mtAe7j4NsMVrw20RuR26JeYi%2B%2Fe8hOV3"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
tIgtiGaJ4EHx5PaVJ4NwnE5IaF3j9gQD
access-control-allow-origin
https://app.hubspot.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
ZDyZ8RQWk-PL3Fd5LlNKJ5ZVEH0_vNHhazeGC5Tv3uf519KhPXZOhg==
expires
Sat, 04 Jun 2022 20:46:30 GMT
visitor.js
static.hsappstatic.net/conversations-visitor-ui/static-1.11359/bundles/ Frame AE4A 		468 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.11359/bundles/visitor.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57de733c29e42747b81b82e4480ce229d6423a3f8d3839dabff81b81ba491088
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://app.hubspot.com
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:30 GMT
via
1.1 d6bff47a79bb5fa9800d9ee4b2b92146.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
190832
x-amz-server-side-encryption
AES256
cf-ray
65a402cd9cd01f29-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a60148d00001f29298dc000000001
last-modified
Wed, 02 Jun 2021 15:27:42 GMT
server
cloudflare
etag
W/"69854d4fcb6a35f4efafc6e8239971b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LICSjaixY1I3Af50quE2oiseR3tBIRj9jXs84uALuR%2BU4lZyUfOSG%2BAdcAKTMNu61qGXYHbvoHT5KS8iSQZ9O3CEsgcgDomMZ1zw7Kl%2BpDVHjhU4LnvrS0iYnsKb3Cs3i3szWUdsbgHeaiPrhCy%2F"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
0_Af617m.rwrW0o6sRwyQWM7qkQc2uIH
access-control-allow-origin
https://app.hubspot.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CDG3-C2
content-type
application/javascript
x-amz-cf-id
tJKTAajfjmin4RQizqUTsUXlbWW-AYF3w2Xbe2cW5EfBRDeTjAVSpw==
expires
Sat, 04 Jun 2022 20:46:30 GMT
i18n-data-data-locales-en-us.js
static.hsappstatic.net/conversations-visitor-ui/static-1.11275/ Frame AE4A 		778 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.11275/i18n-data-data-locales-en-us.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7835a7a3ced0b25b9bcc0caeaa041862878116020eb37faa0a031ad0fe60a0ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://app.hubspot.com
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:30 GMT
via
1.1 c0e5f870deac34f99f746174f65a2881.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1561712
x-amz-server-side-encryption
AES256
cf-ray
65a402ceb9614ea3-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a60153000004ea351abf000000001
last-modified
Mon, 17 May 2021 17:53:53 GMT
server
cloudflare
etag
W/"7757563c789b44ff168a7f2e64287bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BP%2BxQD31XsphXVFCAuVtLYEaUsOJT0u1fvWPZhkJUh8s6SGjm5qf4p8b9sNzaroZqpuVAh9ltlxVJ57cincM55Nh1J5yAtSBvslcL4n3IpXFTaF2mIkPIJ2CR9rtKYra3jCZIP%2BnfP0DqtOfT8pL"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
qFkBSHgfkOM6USmB.ekQIacOkSUyMJL5
access-control-allow-origin
https://app.hubspot.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CDG50-C2
content-type
application/javascript
x-amz-cf-id
sLwMEYoFVoPYlCabHHtaP_S1_RhmAseC_5aSjKGniXb3ZiVrEDO-XA==
expires
Sat, 04 Jun 2022 20:46:30 GMT
nr-spa-1198.min.js
js-agent.newrelic.com/ Frame AE4A 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1198.min.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a

Request headers

Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"498f8d87fcfe5e90fda6a3ae4c47c6b0"
x-amz-request-id
WBJBK5ABXRHGEMFB
x-cache
HIT
content-length
14594
x-amz-id-2
ZBCU6XMtvk+ijJr2ycH+G+0SohE0hIxM0j38HFqnXKfIgoQ+AjRjgGLe5tGUECaw9Icj7IYk+no=
x-served-by
cache-hhn4036-HHN
last-modified
Fri, 29 Jan 2021 19:19:10 GMT
server
AmazonS3
x-timer
S1622839590.257816,VS0,VE0
date
Fri, 04 Jun 2021 20:46:30 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
827
default-100
avatars.hubspot.net/ Frame AE4A
Redirect Chain
  • https://api.hubspot.com/userpreferences/v1/avatar/61f4c3824596ae814769bb0037bb7cca/100
  • https://avatars.hubspot.net/default-100
448 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.hubspot.net/default-100
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9

Request headers

Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
11298
x-amz-server-side-encryption
AES256
cf-ray
65a402d27d524a8b-FRA
content-length
448
x-amz-id-2
J46Z5kyahhxoeBLGSfxYrSw+uE+7cXmZp0uIZE1FE+kZ3SGxOxBtyjojncWk2fhbNvsvD2kBkZk=
last-modified
Fri, 18 Sep 2020 15:59:13 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768632/atime:1484768827/md5:dd769facdb720bc65224b1db30749aeb/ctime:1484768635
etag
"dd769facdb720bc65224b1db30749aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3j42YMSJzXqmcFX9uBrb1ul4zavS%2BmJ5uUfreivYrlEKeHP8JPKs3imBBNf%2BREUOpj9qimd0ajqR5YfolsVFAwFBGan67mnLwhw8e8Kt1JB7qmBUY7ovy8RsLApS49FByZXRTg1EzWIKukT%2B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
3DGJ2SWG18ZHJHAT
cf-polished
origFmt=png, origSize=798
cf-request-id
0a7a60178b00004a8bea8f0000000001
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri

Redirect headers

date
Fri, 04 Jun 2021 20:46:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
88bf555f-080f-4079-a011-744eac65ad86
x-trace
2B82C868E6E3D21A8DBED26EA340747A92251A784D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Uxq%2B88qigePd77w7nl20ItMatAi%2B5Ny2akzX53lh54XgfttUlwV51VBZAxJ1ZkFTbVHpmnxtwqgj6P4QmhA8PSzEEFf%2FUwayTfnVOK0Cc1HXW%2BmW4%2FSB7bW1Oj5g7b%2FupzmX8TjzpAg%3D"}],"group":"cf-nel","max_age":604800}
location
https://avatars.hubspot.net/default-100
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
65a402cf3ff84e26-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a60158500004e263a34e000000001
rhumb
api.hubspot.com/cartographer/v1/ Frame AE4A 		0
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11359
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11359/bundles/visitor.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 04 Jun 2021 20:46:30 GMT
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
614caea9-5198-4c0e-aae7-ce53f7ba3226
access-control-max-age
604800
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a7a60158a00004e2640049000000001
timing-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZmRLE36jWADIDJdeV2bvP9abQCmQxFHFXP6uoEwkMDviPnqxqc9HoKo4lhmFBwUtcXUswFluYRGNYVkJrE6WhOvwXIs4e5bTi%2BfoIgxy05K%2FEeZR1tNYYiIQIwXWNSm%2F52%2BkebBjZRc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.hubspot.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
cf-ray
65a402cf48084e26-FRA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
f9d051f404
bam.nr-data.net/1/ Frame AE4A 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=494&ck=1&ref=https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3&be=267&fe=426&dc=373&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1622839589814,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:2,%22rp%22:173,%22rpe%22:180,%22dl%22:176,%22di%22:373,%22ds%22:373,%22de%22:373,%22dc%22:426,%22l%22:426,%22le%22:426%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36%22,%22supportsPromiseRejectionEvent%22:true,%22deviceMemory%22:8,%22cpuCores%22:16,%22downloadSpeedMbps%22:10,%22effectiveConnectionType%22:%224g%22,%22networkLatencyMs%22:0,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:4764964,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.11359%22,%22template%22:%22html/visitor-index.html.jade%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.6352%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
f9d051f404
bam.nr-data.net/events/1/ Frame AE4A 		24 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=928&ck=1&ref=https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://app.hubspot.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif
Orange%202BS%20Logo-1.png
cdn2.hubspot.net/hubfs/4764964/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.hubspot.net/hubfs/4764964/Orange%202BS%20Logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89aa6357c17a293ec242ff774d3176fe0c8770152319b47bc5a5a0bda9c5d02d

Request headers

Referer
https://www.2brushstrokes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 20:46:31 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-6112813798,P-4764964,FLS-ALL
x-amz-cf-pop
FRA50-C1
edge-cache-tag
F-6112813798,P-4764964,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
T52291171RSD65CE
cf-request-id
0a7a60182800004a8b212de000000001
accept-ranges
bytes
last-modified
Mon, 27 Aug 2018 20:04:20 GMT
server
cloudflare
etag
"2d4f1256943f8ce2760d297bd560e4a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yc7LT0GSjsUcppBGKMiwKJASgqX3Tb0%2B3%2FbYstTbzlfftW0ajcqLIBcU1s9gqPB6kzhEJgElOKh9IT7Dk2FHjUIR%2Fnd3gfn%2FUhkMXl2x%2FURvdYLVoMNa4l0X3DDIUaBfxMH%2BLLoKRSFC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-amz-id-2
9lbFQhqnS6pf3gHaLTVgj3u5rhAvdxbDouhjGVZf1bUxM5PyXWIZFS3GuAf7sxPuZYPlZCylRV8=
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
BkpZq8nyFZ3bU0PuYTg0Ps1f8.5wRFhV
content-length
61385
cf-ray
65a402d37f714a8b-FRA
x-amz-cf-id
7a6_LTLXGxbL7GtU3CHQAD6bEV_L9Izy0YCan6tKXqqoSyFOUrnHbQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
f9d051f404
bam.nr-data.net/events/1/ Frame AE4A 		24 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=10494&ck=1&ref=https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4764964/threads/utk/004af1bb611f4c229717abe4f5a750f3?uuid=4eaa377be23c4b788984ef95d5faddbf&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=2brushstrokes.com&inApp53=false&messagesUtk=004af1bb611f4c229717abe4f5a750f3&url=https%3A%2F%2Fwww.2brushstrokes.com%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D74024460%26_hsenc%3Dp2ANqtz-8L7EgW03YL4aJn5zLWI70YE__TQMMhAoxgNx4Y7CKESAJuJAWCld9q48DNi_nTjRKfwKkImAQrBJakjrSqv-on4JeNMA%26_hsmi%3D74024460&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://app.hubspot.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| _gaq undefined| ga object| _fc function| getInsights object| require object| PageData object| Global object| SiteInformation object| Settings object| EventHubHistory object| AMInsights function| safeExecution undefined| $ undefined| jQuery undefined| TraceKit undefined| Raygun object| _wzErrorHandler object| html5 object| JSONPController object| WzPublicIcons function| $f function| Froogaloop function| onYouTubeIframeAPIReady function| onGoogleMapAPIReady object| jQuery1112042866744737556406 object| VideoDataSourceEnum object| GalleryDataSourceEnum object| PhotosDataSourceEnum object| ReviewsEnum object| EventsDataSourceEnum object| MusicDataSourceEnum object| NewsDataSourceEnum object| _wz_ object| Viewer object| SiteStructure object| PagesStructures object| MasterPagesStructures object| SiteFilesMap object| DynamicPageContent object| DBSiteMetaData object| TemporaryImages object| _hsp boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded function| bindToWindowOnError function| defineProperties object| globalRoot undefined| hns object| leadflows object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| _hspb_loaded object| __hsCollectedFormsDebug boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran boolean| LEAD_FLOW_DOCUMENT_READY_RAN

4 Cookies

Domain/Path Name / Value
.2brushstrokes.com/ Name: __hssc
Value: 203433231.1.1622839589729
.2brushstrokes.com/ Name: hubspotutk
Value: d2ab7b40dc36238dc78f2517c3b985e6
.2brushstrokes.com/ Name: __hssrc
Value: 1
.2brushstrokes.com/ Name: __hstc
Value: 203433231.d2ab7b40dc36238dc78f2517c3b985e6.1622839589729.1622839589729.1622839589729.1

1 Console Messages

Source Level URL
Text
console-api debug URL: https://hs-4764964.t.hubspotstarter-iy.net/e2t/c/*W7Jl07F796MNlW46DWZV5gqhCb0/*W43ZQ3F68YWpFW150L4l4C-PL70/5/f18dQhb0Smj28XJ9hPN7mX5rqHyjJqW8q5vng1pgM6FN3hHhbVVMsQMVp3s9r7s5LskW57mtXs54GpktW548q4356888GW4dQb0w2MTPSpW8W2c9W32CQ2lW8jxMNS1Vx3W4W3CPQ_B5D8zFFVjPrmg6W3RDgVHcWm97yDSbfW3X0g0y6bp1cMVbq5fx4TKc2lVQWbMK8ysZHYW5jB4QB3sp_m7N2j3NZsdZXbNW8QNDnv6Z4s3LVQdGdk1q5vcxW87n1lg3sM9YzW8fxN3m5v_m_4W1JLRtG4q__qkW86SmN-7ZnDxlW4L3kzT51_jQcW73R-cM96dt8bW6br4D01bBvW3W3_5XGk8PXPqRW3ygvH88c3fN-W5lnM8x2MzxkpW7MVnrr1Fnjq4W2KC-1M2M1VvtW4J35Sn2N3DbNW6nVWvb87vTTBW4V2M825L398bW21dXdx58S6m3W7fFwR28v4j-WW1MWhN-1MKdcVf8GpN-k11(Line 13)
Message:
toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149b4.wpc.azureedge.net
api.hubspot.com
app.hubspot.com
avatars.hubspot.net
bam.nr-data.net
cdn2.hubspot.net
components.mywebsitebuilder.com
css.zohocdn.com
forms.hsforms.com
forms.hubspot.com
hs-4764964.t.hubspotstarter-iy.net
in-us-east-event-hubs.servicebus.windows.net
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
js.zohocdn.com
localize.uat.mywebsitebuilder.com
salesiq.zoho.com
static.hsappstatic.net
storage.googleapis.com
track.hubspot.com
www.2brushstrokes.com
wzuk.blob.core.windows.net
13.92.180.208
136.143.191.67
151.101.114.110
162.247.242.18
185.20.209.147
2606:2800:133:f17:19e8:2356:251b:2a9
2606:4700::6810:5705
2606:4700::6811:47b0
2606:4700::6811:83ab
2606:4700::6811:9d2
2606:4700::6811:d5cc
2606:4700::6811:e6cc
2606:4700::6811:ebcc
2606:4700::6811:f1cc
2606:4700::6812:15bf
2606:4700::6812:5d7
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700::6813:a40a
2a00:1450:4001:811::2010
35.190.14.35
52.239.140.10
66.235.200.28
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10e5ad8f6aab7933888e789f5b9eed29f6064a9a256fe35c384c8da0b648d3dc
10eb63f9533bc9f2d8ba9799a95ce9b722624f46d4d537278711017b7dcad93e
1e0a37200a8200d80ca5e58c96aa8b1725d3da67a16938f3155b371fc6abafcb
23ee4ea65db6fe9c920d6844298f9ac16152841c7813f02c5d8c7da29f49b60a
242523b55015d3d64e15a62829a6ea75c3415f5a65a6916f7cf8608dd13bea09
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2f06077fe3d50522c14a3e84f5b24dd5b00e1513a2b371f4a9c4735c334872df
372c0041fc964def0aec95ae17c6f03a3e5e5ccfe5969952c6de7e5c0f7cc34b
3737c4790f4392dc2f2d4e0d7e1b789e190eb5fbc8f777e1025de2edbab7bc3b
3cb3718e482bd4b3f2b31b8c7b6e44b7085ef17a830fbfe5e68a97619ce5ff92
40673c7d64f1132c7535a729549db01b15caf95482754f17eba796eec4f10c4f
4b206afe82a1c9176a352276634580f2eac291be9c2c5c3a4d2f4b58b174b55f
539c323c54874cc3ca45733f7e2ef26631eff05d65d883b8f5c92debc1623336
54c49c13b9577aa5b4794e64f0745b4df11481cf20a19e7920624f6d122718e0
556f05f07d01f2944d414b9bfbb3fdd0fd0bef5413e1a9b88238829e93bd8e8d
57de733c29e42747b81b82e4480ce229d6423a3f8d3839dabff81b81ba491088
5cd92ecc87b6f2ed90dd548ba471c8f99507c8118633e3bdbcb5982429c70cc7
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
708d269702025d6df88eceaa9d5b8f17c85e199cf9838e75d7f15f8af6a4d151
745b6b1dfd86e5b212a605aa200126c881262fd1c8211b18c7816776eafaaad6
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
772d2325b9ec9e97814a08ff81def838a810a6a3af9f7388f17868031c4ea8c4
781d2d818d4589f2f8097d5868e1a96550f02faacb0e898bdc27be07adf99f4e
7835a7a3ced0b25b9bcc0caeaa041862878116020eb37faa0a031ad0fe60a0ff
85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e
89aa6357c17a293ec242ff774d3176fe0c8770152319b47bc5a5a0bda9c5d02d
8b1e94e7d492f4f280a321eabee6498afa6e9ab1e69ddc99eadd12f205c2a5d3
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a
94b63fd36f5c48af5e612b6719d6b77f1e4f4087dd69ffa426c2f966b775a82b
9fcb720730ec6667a8eb5cc8922104bcd038a26f8ad3f2b97c39da1f8b1d248c
a015ca1e691b49e6b2ace57963ae217787f08b5b0a838f818a25e524d6a92164
a70f7b6869b541950657edd993005bcdd5036d180299409193001d7bbbfba38f
af8dbb575d3d3afcbcb058a156f6cdd368728cc2483bfca0bfbb531978fffda9
b89b3f71b3a76e9c6ff2eb4a8f8c4da933d7d554f4c60b6011850a4a9af79f53
c5ddb81b2702fda349cb2f35aa519d0f85412bffea5d1e071cb66c69335c6acb
cf4de632e5d2c007896a3a1d66048654fe1f65b00db2b0366692ec146078aea1
d377b80f1d9bc65f049361ebb7c212f1ce58d6f8196e108a6ca8eae4cab6ade8
d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e02f0d48e69425e5b002bd6ecd5f83fb6cc2e16166abe99bb8883c3caefff00a
e2a6bedeaa5fa6be7a6d36fdf494790004252781df48c2fe7b1b21a18653fa9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ac29a7ad2786a8791d23898841e482546bf3a369e8d43f63a62f1540de492c
ece62a981228663bb64230b30bc56746fe489a145a25ae0a1b2e1bc998c40c0c
ef8f5f445e32edd983337a5f61a444d1e8713e548abe1534baf9dfec19612001