mrpaintandpuff.com Open in urlscan Pro
173.236.196.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mg16.signpost.com/c/eJxVkD1PxDAMhn9NO1aJ89khwwE6iYGVtUpTtxddk1ZJDrh_T8rBgGR5eKzntezJMCmVpa03QICSHoAKIJx3tGP61DP5pJ...
Effective URL:
https://mrpaintandpuff.com/
Submission: On September 22 via manual (September 22nd 2021, 11:58:08 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 41 HTTP transactions. The main IP is 173.236.196.171, located in United States and belongs to DREAMHOST-AS, US. The main domain is mrpaintandpuff.com.
TLS certificate: Issued by R3 on August 27th 2021. Valid for: 3 months.

This is the only time mrpaintandpuff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.209.17.154 3.209.17.154	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.197.43.204 54.197.43.204	14618 (AMAZON-AES) (AMAZON-AES)
1 15	173.236.196.171 173.236.196.171	26347 (DREAMHOST-AS) (DREAMHOST-AS)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:710... 2a02:26f0:7100:189::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
41	15

1 3.209.17.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-17-154.compute-1.amazonaws.com

email.mg16.signpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.43.204 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-43-204.compute-1.amazonaws.com

my.signpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 173.236.196.171 (United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: ps628362.dreamhostps.com

mrpaintandpuff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:189::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mrpaintandpuff.com 1 redirects mrpaintandpuff.com	938 KB
8	google.com apis.google.com accounts.google.com www.google.com	134 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	94 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	30 KB
2	gstatic.com fonts.gstatic.com ssl.gstatic.com	32 KB
2	signpost.com 2 redirects email.mg16.signpost.com my.signpost.com	569 B
1	facebook.com www.facebook.com	2 KB
1	pinterest.com assets.pinterest.com	1 KB
1	jquery.com code.jquery.com	6 KB
41	10

	Domain	Requested by
15	mrpaintandpuff.com	1 redirects mrpaintandpuff.com
6	apis.google.com	mrpaintandpuff.com apis.google.com accounts.google.com
4	platform.twitter.com	mrpaintandpuff.com platform.twitter.com
4	fonts.googleapis.com	mrpaintandpuff.com
3	maxcdn.bootstrapcdn.com	mrpaintandpuff.com
2	syndication.twitter.com	platform.twitter.com
1	ssl.gstatic.com	accounts.google.com
1	www.google.com	apis.google.com
1	accounts.google.com	apis.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.facebook.com	mrpaintandpuff.com
1	assets.pinterest.com	mrpaintandpuff.com
1	code.jquery.com	mrpaintandpuff.com
1	ajax.googleapis.com	mrpaintandpuff.com
1	my.signpost.com	1 redirects
1	email.mg16.signpost.com	1 redirects
41	16

This site contains links to these domains. Also see Links.

Domain
plus.google.com
www.facebook.com
twitter.com
instagram.com
pinterest.com
mastersitedesign.com

Subject Issuer	Validity	Valid
www.mrpaintandpuff.com R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://mrpaintandpuff.com/
Frame ID: E532F3E04C55649952A2391B8A26ED44
Requests: 31 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://mrpaintandpuff.com//%3E&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21
Frame ID: 4D5B085FCE51D2DA9B34DDE5AA5C898C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrpaintandpuff.com
Frame ID: D69B16017A508EF36AF8B4C4DF590E3F
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 381785F3E4256284F6D5629DB2814BC8
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 379B5D598C32E20187FE8BCD9DFC91D0
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: DCDE87FE21DDF57BD717A4E064E4A054
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr Paint and Puff - Paint Puff and Have a Great Time!

Page URL History Show full URLs

http://email.mg16.signpost.com/c/eJxVkD1PxDAMhn9NO1aJ89khwwE6iYGVtUpTtxddk1ZJDrh_T8rBgGR5eKzntezJMCmVpa03QI... HTTP 302
https://my.signpost.com/external_link_click?url=http%3A%2F%2Fmrpaintandpuff.com&link_target=website&... HTTP 302
http://mrpaintandpuff.com/ HTTP 302
https://mrpaintandpuff.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]*accounts\.google\.com/o/oauth2

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

1385 kB
Transfer

2175 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://plus.google.com/116039854960738444509

Search URL Search Domain Scan URL

URL: https://www.facebook.com/JoyfulExpressions2015?fref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/@expressions2015

Search URL Search Domain Scan URL

URL: https://instagram.com/joyfulexpressions2015

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=http://mrpaintandpuff.com/&media=https%3A%2F%2Fpinterestplugin.com%2Fpincount%2Fimg%2Fget-pinterest-pin-count.png&description=https://mrpaintandpuff.com/

Search URL Search Domain Scan URL

URL: http://mastersitedesign.com/
Title: Jason Leibow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mg16.signpost.com/c/eJxVkD1PxDAMhn9NO1aJ89khwwE6iYGVtUpTtxddk1ZJDrh_T8rBgGR5eKzntezJMCmVpa03QICSHoAKIJx3tGP61DP5pJkALZ971XASFiq77Je4b7l0bgvtxUgC2rFeCEv5XE2uEWuGGBW43jpoM8YJ0-tkKFGMa90Da1dzKWXPDTs1cK4V7v9iK8GvginadVh9vA5u9e7asPMtrQ17OdwGxCGLQ68tpN36WGyc9ts8PzLkj1psWrBU6xPH7Av-8bzdksPKA-Zsl4M_0FDu-8ExWL8eFGMZamAYZh8XTHuqi-p8rIcqZ6meLXWSacXZREdKHMwSAC1TehJaizaZOdnoLj5j_WEebbdsH20xb4_Fvw96x5T9Fg3rADryDZ5RgWc HTTP 302
https://my.signpost.com/external_link_click?url=http%3A%2F%2Fmrpaintandpuff.com&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=b8ee7ca18fa1c638743d1b10c2f622ea378d5885 HTTP 302
http://mrpaintandpuff.com/ HTTP 302
https://mrpaintandpuff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mrpaintandpuff.com/
Redirect Chain

http://email.mg16.signpost.com/c/eJxVkD1PxDAMhn9NO1aJ89khwwE6iYGVtUpTtxddk1ZJDrh_T8rBgGR5eKzntezJMCmVpa03QICSHoAKIJx3tGP61DP5pJkALZ971XASFiq77Je4b7l0bgvtxUgC2rFeCEv5XE2uEWuGGBW43jpoM8YJ0-tkKFGMa90D...
https://my.signpost.com/external_link_click?url=http%3A%2F%2Fmrpaintandpuff.com&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=b8ee7ca18fa1c638743d1b10c2f622ea378d5885
http://mrpaintandpuff.com/
https://mrpaintandpuff.com/

13 KB
5 KB

330ms
111ms

Document
text/html

173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

19dca0ebb315b5398bde5816c4b950c67550f25f62a138a9e227a60641b31867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mrpaintandpuff.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
content-length: 4342
content-type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 22 Sep 2021 23:58:00 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Upgrade: h2
Connection: Upgrade, Keep-Alive
Location: https://mrpaintandpuff.com/
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
19 KB 59ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 15907500
cdn-cachedat: 2021-03-11 11:58:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3d524b5fe65810fd2f7c6ab649066bdb
cf-ray: 692f7a97be9a4345-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 18 KB
3 KB 56ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap-theme.min.css

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 13563048
cdn-cachedat: 2021-04-16 20:54:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 31a76a82acb5790e8582834b11e432b4
cf-ray: 692f7a97be9c4345-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 57ms
14ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 718
age: 15907500
cdn-cachedat: 2021-03-11 11:57:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 47da2e0fe39bc7f2dd19bd586e641a31
cf-ray: 692f7a97be9d4345-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 362 B
777 B 39ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Damion

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:22:27 GMT
server: ESF
date: Wed, 22 Sep 2021 23:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 23:58:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 400 B
394 B 40ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Shadows+Into+Light

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb6ed8d5db77d62d0f9bf59e204d49eada193018d8f79fb6a1a8f8936393b5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:30:02 GMT
server: ESF
date: Wed, 22 Sep 2021 23:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 23:58:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
504 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Narrow

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0eeb3de92e25d3c986feb0a7f5c5fe638e947b29c8247e4c3cc62009d7ed8f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:33:44 GMT
server: ESF
date: Wed, 22 Sep 2021 23:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 23:58:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 1000 B
486 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Qwigley

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

521541b54ce9c42fae348c657d2e22fdc1a65f0aa34bddd3e1935cce1bf5285e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:58:00 GMT
server: ESF
date: Wed, 22 Sep 2021 23:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 23:58:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 06:46:30 GMT
x-content-type-options: nosniff
age: 321090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 06:46:30 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 31 KB
6 KB 67ms
10ms Stylesheet
text/css 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css
Requested by: Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-7d2e"
vary: Accept-Encoding
x-hw: 1632355080.dop207.fr8.t,1632355080.cds207.fr8.hn,1632355080.cds002.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6050

GET
H2 200 jquery.bxslider.js Show response
mrpaintandpuff.com/_admin/_scripts//bxslider/ 48 KB
12 KB 106ms
104ms Script
application/javascript 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/_admin/_scripts//bxslider/jquery.bxslider.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

6e204becdc27273eae727ecbcafb8feb0b414372802114083c827507cb1cb8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_admin/_scripts//bxslider/jquery.bxslider.js
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 22:33:45 GMT
server: Apache
etag: "c0e8-597cec61295ce-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-length: 12021
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:00 GMT

GET
H2 200 jquery.bxslider.css
mrpaintandpuff.com/_admin/_scripts/bxslider/ 4 KB
1 KB 103ms
102ms Stylesheet
text/css 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/_admin/_scripts/bxslider/jquery.bxslider.css

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

582e89d861a2b537c5ec7903d779611537475d7169ab401a6df99f9596c48504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_admin/_scripts/bxslider/jquery.bxslider.css
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 22:33:44 GMT
server: Apache
etag: "edc-597cec5f9be85-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-length: 1196
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:00 GMT

GET
H2 200 responsiveslides.min.js Show response
mrpaintandpuff.com/ 70 KB
10 KB 107ms
106ms Script
application/javascript 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/responsiveslides.min.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

a02af5b973878f1dc329040569016fb32797f160f8d5f93d678b8b30313a72ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /responsiveslides.min.js
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 21:41:08 GMT
server: Apache
etag: "118d6-597ce09e6c84f-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-length: 10156
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:00 GMT

GET
H2 200 logo.png
mrpaintandpuff.com/_images/ 57 KB
57 KB 102ms
101ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/logo.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

f13d139353dc5f2fba7f43939b49e8999ab1ae171db0279791134db4e8e6154e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/logo.png
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Sep 2019 12:01:50 GMT
server: Apache
etag: "e293-5928222c08780"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 58003
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 pic3.jpg
mrpaintandpuff.com/_images/ 132 KB
133 KB 105ms
105ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/pic3.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

dd50a52500f7590384de99b8258fb51d0106f4c259a74687ffacbda5e47148c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/pic3.jpg
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:46:42 GMT
server: Apache
etag: "21018-5bbd30c469880"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 135192
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 pic1.jpg
mrpaintandpuff.com/_images/ 125 KB
126 KB 290ms
288ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/pic1.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

c7d2eeaaf2da9d986668bb2e1f1af9ade36ef61e8494b1b5966a8f265b818815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/pic1.jpg
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:44:48 GMT
server: Apache
etag: "1f3b3-5bbd3057b1800"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 127923
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 pic2.jpg
mrpaintandpuff.com/_images/ 117 KB
118 KB 291ms
289ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/pic2.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

578da321db0b08ede37f3101da06694f3d57be8591d481266da4465614ec6dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/pic2.jpg
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:46:01 GMT
server: Apache
etag: "1d33b-5bbd309d4fc40"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 119611
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 payments.jpg
mrpaintandpuff.com/_images/ 29 KB
29 KB 291ms
290ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/payments.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

54c13cc01d5f33e802ab11d4d7a17917aa051f188fd4e8dd14a7bf27214da163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/payments.jpg
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Apr 2018 07:50:31 GMT
server: Apache
etag: "7218-5693d6d57d613"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 29208
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 icon-google.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 291ms
289ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-google.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

1121fb5f395c9d26677024705df48a6bb63df905b6fae23f0acf187c106f219f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-google.png
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:16 GMT
server: Apache
etag: "ff2-5614dc6a89261"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 4082
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 icon-fb.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 291ms
290ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-fb.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

08d4f4ff82b14cb8732a208260b833efeb3faa01de569c9917a5842ca933eedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-fb.png
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:16 GMT
server: Apache
etag: "f73-5614dc6a42d61"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 3955
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 icon-twitter.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 291ms
290ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-twitter.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

99f970d74c149375adadd4466d9e48df836280a590a0369a7a1b11fdd941ad75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-twitter.png
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:18 GMT
server: Apache
etag: "f83-5614dc6ba8421"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 3971
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 icon-instagram.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 288ms
288ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-instagram.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

1deaf10f616ff640278b6d99cfc69c83b8f64759d9b4c5e59e24f6c61c23ee8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-instagram.png
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:17 GMT
server: Apache
etag: "fe4-5614dc6ad35e1"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 4068
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 pin_it_button.png
assets.pinterest.com/images/pidgets/ 909 B
1 KB 213ms
7ms Image
image/png 2a02:26f0:7100:189::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/pidgets/pin_it_button.png
Requested by: Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:189::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn: akamai
etag: "cf5ce2d2dcfa060f6032b0af60d45aa2"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=85075
accept-ranges: bytes
content-length: 909
access-control-expose-headers: X-CDN

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4D5B 0
2 KB 80ms
41ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://mrpaintandpuff.com//%3E&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https://mrpaintandpuff.com//%3E&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrpaintandpuff.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: ltkWAdDmM9dDAb+WN+n0Z7B7vtVs/kPnii/oxPfzs6kG5O/A3RJI2FUytW+Tfo0HuZoXXm2i1qebqmCn+TEbxA==
content-length: 0
date: Wed, 22 Sep 2021 23:58:01 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 bg11.jpg
mrpaintandpuff.com/_images/ 428 KB
431 KB 287ms
287ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/bg11.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

ac04fae173db6588a65e47a2340c25f5c0ad83bc3c1d8f47180af87169e30d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/bg11.jpg
pragma: no-cache
cookie: PHPSESSID=bc79cb55fd5f758068098172ff8305a2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:34:37 GMT
server: Apache
etag: "6af85-5bbd2e10ff940"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 438149
x-xss-protection: 1; mode=block
expires: Fri, 22 Oct 2021 23:58:01 GMT

GET
H2 200 1cXzaU3UGJb5tGoCiVtmig.woff2
fonts.gstatic.com/s/qwigley/v11/ 27 KB
27 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/qwigley/v11/1cXzaU3UGJb5tGoCiVtmig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Qwigley

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8476f8ea685dce8ab1e22cd11816008381def2783f1f49b56367879b95ded2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mrpaintandpuff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:47:44 GMT
x-content-type-options: nosniff
age: 187817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27556
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:36:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:47:44 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 229ms
64ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O3muke3fpa/sf3qFHivaew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "c34d224d0ee061f3752d1f91e397a052"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-O3muke3fpa/sf3qFHivaew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 22 Sep 2021 23:58:01 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 172ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 23:58:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/668D)
Age: 1141
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame D69B 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrpaintandpuff.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrpaintandpuff.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 784706
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Sep 2021 23:58:01 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D69B 232 B
432 B 202ms
175ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a0a99aa15cde4cee06c8c8ae9035cd4d9487bcdb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrpaintandpuff.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:00 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 23:58:01 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e6726e6c84be3fe2faae3c8cdaf55303524135e5a960d439b5f5de33c86cd1dd
content-length: 166

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 147 KB
51 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51514
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 21 Sep 2022 20:09:06 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 96 KB
33 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33901
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 22 Sep 2022 16:19:59 GMT

GET
H2 404 fastbutton Show response
apis.google.com/u/0/se/0/_/+1/ Frame 3817 2 KB
2 KB 10ms
9ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by: Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrpaintandpuff.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=Gct4SYVTeQ7z0xKIiPkrMWXMD3dxDb2oRTWVorNd5Z5vTnyYvrk4h8Aq58exwVaFZ6BUwZXu_GH0Zaur3ebda0G1oLm47pqvwkmckcLpayshqR_gZwm3TmXQqEYB6kWJwJxx3ExjAvopxtA_e-OAdukEMHETHl8DqUqnqL_Gf7Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1585
date: Wed, 22 Sep 2021 23:58:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 379B 566 B
879 B 57ms
21ms Document
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

255f65f5cfd1f6aaf60010de49f7e69f528482ab627d1c9060332200bf1bba1c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KNUa6SLybkr575VTrscg4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrpaintandpuff.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=Gct4SYVTeQ7z0xKIiPkrMWXMD3dxDb2oRTWVorNd5Z5vTnyYvrk4h8Aq58exwVaFZ6BUwZXu_GH0Zaur3ebda0G1oLm47pqvwkmckcLpayshqR_gZwm3TmXQqEYB6kWJwJxx3ExjAvopxtA_e-OAdukEMHETHl8DqUqnqL_Gf7Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 22 Sep 2021 23:58:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-KNUa6SLybkr575VTrscg4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 3817 3 KB
4 KB 36ms
15ms Image
image/png 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Sep 2021 23:58:01 GMT

GET
H2 200 2607672972-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 379B 10 KB
5 KB 49ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2607672972-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 09:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4308
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 20:12:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Thu, 22 Sep 2022 09:37:12 GMT

GET
H2 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 379B 13 KB
5 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fNVv+Io0h+ZYir74TzrWIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "9c5a8574bdf283ce8259de0154ce003e"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-fNVv+Io0h+ZYir74TzrWIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Wed, 22 Sep 2021 23:58:01 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 379B 50 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18128
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 22 Sep 2022 16:19:55 GMT

GET
H/1.1 200
OK button.5d16ecc02fbaf599a24dfb57ab239320.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 23:58:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:39 GMT
Server: ECS (frb/668D)
Age: 784706
Etag: "6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html Show response
platform.twitter.com/widgets/ Frame DCDE 32 KB
12 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrpaintandpuff.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 784706
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Sep 2021 23:58:01 GMT
Etag: "909c8b457796b3e08dbae7ea22074354+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:46 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668D)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12257

GET
DATA 200
OK truncated
/ Frame DCDE 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
352 B 167ms
167ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmrpaintandpuff.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1632355081634%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 22 Sep 2021 23:58:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e6726e6c84be3fe2faae3c8cdaf55303524135e5a960d439b5f5de33c86cd1dd
x-transaction: e8621bdc5ff973d7
expires: Tue, 31 Mar 1981 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mrpaintandpuff.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bc79cb55fd5f758068098172ff8305a2
			.google.com/	1970-01-20 01:49:26	Name: NID Value: 511=Gct4SYVTeQ7z0xKIiPkrMWXMD3dxDb2oRTWVorNd5Z5vTnyYvrk4h8Aq58exwVaFZ6BUwZXu_GH0Zaur3ebda0G1oLm47pqvwkmckcLpayshqR_gZwm3TmXQqEYB6kWJwJxx3ExjAvopxtA_e-OAdukEMHETHl8DqUqnqL_Gf7Y

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1632355081270&_gfid=I0_1632355081270&parent=https%3A%2F%2Fmrpaintandpuff.com&pfname=&rpctoken=33186478 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
apis.google.com
assets.pinterest.com
code.jquery.com
email.mg16.signpost.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mrpaintandpuff.com
my.signpost.com
platform.twitter.com
ssl.gstatic.com
syndication.twitter.com
www.facebook.com
www.google.com
104.244.42.72
173.236.196.171
2001:4de0:ac18::1:a:2b
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:acf
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200d
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a02:26f0:7100:189::1931
2a03:2880:f11c:8083:face:b00c:0:25de
3.209.17.154
54.197.43.204
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639
08d4f4ff82b14cb8732a208260b833efeb3faa01de569c9917a5842ca933eedf
0a8476f8ea685dce8ab1e22cd11816008381def2783f1f49b56367879b95ded2
0eeb3de92e25d3c986feb0a7f5c5fe638e947b29c8247e4c3cc62009d7ed8f5d
1121fb5f395c9d26677024705df48a6bb63df905b6fae23f0acf187c106f219f
19dca0ebb315b5398bde5816c4b950c67550f25f62a138a9e227a60641b31867
1deaf10f616ff640278b6d99cfc69c83b8f64759d9b4c5e59e24f6c61c23ee8f
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
255f65f5cfd1f6aaf60010de49f7e69f528482ab627d1c9060332200bf1bba1c
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
521541b54ce9c42fae348c657d2e22fdc1a65f0aa34bddd3e1935cce1bf5285e
54c13cc01d5f33e802ab11d4d7a17917aa051f188fd4e8dd14a7bf27214da163
578da321db0b08ede37f3101da06694f3d57be8591d481266da4465614ec6dd6
582e89d861a2b537c5ec7903d779611537475d7169ab401a6df99f9596c48504
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6e204becdc27273eae727ecbcafb8feb0b414372802114083c827507cb1cb8ef
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
99f970d74c149375adadd4466d9e48df836280a590a0369a7a1b11fdd941ad75
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1
a02af5b973878f1dc329040569016fb32797f160f8d5f93d678b8b30313a72ed
ac04fae173db6588a65e47a2340c25f5c0ad83bc3c1d8f47180af87169e30d40
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7d2eeaaf2da9d986668bb2e1f1af9ade36ef61e8494b1b5966a8f265b818815
cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dd50a52500f7590384de99b8258fb51d0106f4c259a74687ffacbda5e47148c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f13d139353dc5f2fba7f43939b49e8999ab1ae171db0279791134db4e8e6154e
f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259
f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e
fb6ed8d5db77d62d0f9bf59e204d49eada193018d8f79fb6a1a8f8936393b5fc

mrpaintandpuff.com Open in urlscan Pro 173.236.196.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

75 %IPv6

10 Domains

16 Subdomains

15 IPs

3 Countries

1385 kBTransfer

2175 kBSize

2 Cookies

6 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mrpaintandpuff.com Open in urlscan Pro
173.236.196.171 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

1385 kB
Transfer

2175 kB
Size

2
Cookies

41 HTTP transactions
1 data transactions