mrpaintandpuff.com Open in urlscan Pro
173.236.196.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mg16.signpost.com/c/eJxVkLFuwyAQhp_GHq0DDNgDQ5TGUoeuXS0MZwfFYAtI27x9cdMOlU43fKfvP-m3igkhNamdokAJASqAQA-iIc35fOkBhp...
Effective URL:
https://mrpaintandpuff.com/
Submission: On October 26 via manual (October 26th 2021, 10:11:44 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 173.236.196.171, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is mrpaintandpuff.com.
TLS certificate: Issued by R3 on October 21st 2021. Valid for: 3 months.

This is the only time mrpaintandpuff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.42.137.243 52.42.137.243	16509 (AMAZON-02) (AMAZON-02)
1 1	54.208.37.110 54.208.37.110	14618 (AMAZON-AES) (AMAZON-AES)
1 15	173.236.196.171 173.236.196.171	26347 (DREAMHOST-AS) (DREAMHOST-AS)
3	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
1	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.101.132.84 151.101.132.84	54113 (FASTLY) (FASTLY)
1	31.13.64.35 31.13.64.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
6	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	142.250.185.77 142.250.185.77	15169 (GOOGLE) (GOOGLE)
1	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
41	15

1 52.42.137.243 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-137-243.us-west-2.compute.amazonaws.com

email.mg16.signpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.37.110 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-37-110.compute-1.amazonaws.com

my.signpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 173.236.196.171 (Brea, United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: ps628362.dreamhostps.com

mrpaintandpuff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.207 (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.132.84 (Madrid, Spain)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.64.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-amt2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.77 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mrpaintandpuff.com 1 redirects mrpaintandpuff.com	938 KB
8	google.com apis.google.com accounts.google.com www.google.com	134 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	94 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	30 KB
2	gstatic.com fonts.gstatic.com ssl.gstatic.com	32 KB
2	signpost.com 2 redirects email.mg16.signpost.com my.signpost.com	592 B
1	facebook.com www.facebook.com	3 KB
1	pinterest.com assets.pinterest.com	1 KB
1	jquery.com code.jquery.com	6 KB
41	10

	Domain	Requested by
15	mrpaintandpuff.com	1 redirects mrpaintandpuff.com
6	apis.google.com	mrpaintandpuff.com apis.google.com accounts.google.com
4	platform.twitter.com	mrpaintandpuff.com platform.twitter.com
4	fonts.googleapis.com	mrpaintandpuff.com
3	maxcdn.bootstrapcdn.com	mrpaintandpuff.com
2	syndication.twitter.com	platform.twitter.com mrpaintandpuff.com
1	ssl.gstatic.com	accounts.google.com
1	www.google.com	apis.google.com
1	accounts.google.com	apis.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.facebook.com	mrpaintandpuff.com
1	assets.pinterest.com	mrpaintandpuff.com
1	code.jquery.com	mrpaintandpuff.com
1	ajax.googleapis.com	mrpaintandpuff.com
1	my.signpost.com	1 redirects
1	email.mg16.signpost.com	1 redirects
41	16

This site contains links to these domains. Also see Links.

Domain
plus.google.com
www.facebook.com
twitter.com
instagram.com
pinterest.com
mastersitedesign.com

Subject Issuer	Validity	Valid
www.mrpaintandpuff.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://mrpaintandpuff.com/
Frame ID: DD4688294912D12D743C38C93841740A
Requests: 31 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://mrpaintandpuff.com//%3E&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21
Frame ID: E0530410A700AEE38820FDAB4E1EF0EB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fmrpaintandpuff.com
Frame ID: ABB71023590D5EB5B08DE5525498AEA0
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 9BC475ABA0E8C00D491E5E7FCB1AD8D7
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 632F125B3233A1A75751D8F2FC822827
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 02119EDF6A0B1272724B2C0D018C4DB9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr Paint and Puff - Paint Puff and Have a Great Time!

Page URL History Show full URLs

http://email.mg16.signpost.com/c/eJxVkLFuwyAQhp_GHq0DDNgDQ5TGUoeuXS0MZwfFYAtI27x9cdMOlU43fKfvP-m3igkhNamdok... HTTP 302
https://my.signpost.com/external_link_click?url=http%3A%2F%2Fmrpaintandpuff.com&link_target=website&... HTTP 302
http://mrpaintandpuff.com/ HTTP 302
https://mrpaintandpuff.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]*accounts\.google\.com/o/oauth2

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

15
IPs

4
Countries

1386 kB
Transfer

2176 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://plus.google.com/116039854960738444509

Search URL Search Domain Scan URL

URL: https://www.facebook.com/JoyfulExpressions2015?fref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/@expressions2015

Search URL Search Domain Scan URL

URL: https://instagram.com/joyfulexpressions2015

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=http://mrpaintandpuff.com/&media=https%3A%2F%2Fpinterestplugin.com%2Fpincount%2Fimg%2Fget-pinterest-pin-count.png&description=https://mrpaintandpuff.com/

Search URL Search Domain Scan URL

URL: http://mastersitedesign.com/
Title: Jason Leibow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mg16.signpost.com/c/eJxVkLFuwyAQhp_GHq0DDNgDQ5TGUoeuXS0MZwfFYAtI27x9cdMOlU43fKfvP-m3igkhNamdokAJASqAQA-iIc35fOkBhpZxfhJwkVULfiGiSW4J-5ZyYzZfXxUHOnVgJ20YktkyKXU7Md4DbzvU3NQJg8X4ahWBjhLKGYd6Vdec91SxU0WHMv7xL7YQ_MoYg17H1YXbaFZnbhUb7nGt2MvhViWoyPzQy_Jx1y5kHex-n-dnhvhRs44L5mJ94pRcxj-etns0WLjHlPRy8Cca82M_OHrt1oNiyGMJ9OPswoJxj-VRuffGtLKzjCNlfU8tdNy2knFhqJynTvYcZ7SU1lHNUQdzdQlLh2nSzbJ91Fm9PR__FvSOMbktKNZQ2sA3fASB4w HTTP 302
https://my.signpost.com/external_link_click?url=http%3A%2F%2Fmrpaintandpuff.com&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=9cc478d35e23992d085d47356c27fb8795efed22 HTTP 302
http://mrpaintandpuff.com/ HTTP 302
https://mrpaintandpuff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mrpaintandpuff.com/
Redirect Chain

http://email.mg16.signpost.com/c/eJxVkLFuwyAQhp_GHq0DDNgDQ5TGUoeuXS0MZwfFYAtI27x9cdMOlU43fKfvP-m3igkhNamdokAJASqAQA-iIc35fOkBhpZxfhJwkVULfiGiSW4J-5ZyYzZfXxUHOnVgJ20YktkyKXU7Md4DbzvU3NQJg8X4ahWBjhLK...
https://my.signpost.com/external_link_click?url=http%3A%2F%2Fmrpaintandpuff.com&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=9cc478d35e23992d085d47356c27fb8795efed22
http://mrpaintandpuff.com/
https://mrpaintandpuff.com/

13 KB
5 KB

402ms
163ms

Document
text/html

173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

19dca0ebb315b5398bde5816c4b950c67550f25f62a138a9e227a60641b31867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mrpaintandpuff.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
content-length: 4342
content-type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 26 Oct 2021 22:11:35 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Upgrade: h2
Connection: Upgrade, Keep-Alive
Location: https://mrpaintandpuff.com/
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
19 KB 41ms
18ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718
age: 16158830
cdn-cachedat: 2021-03-10 20:27:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a08fc9f081c3786e141b6d4d94ee246b
cf-ray: 6a4705783c9b7162-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 18 KB
3 KB 38ms
15ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap-theme.min.css

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 488045
cdn-cachedat: 2021-04-16 20:54:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 31a76a82acb5790e8582834b11e432b4
cf-ray: 6a4705783c9c7162-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 39ms
16ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 718
age: 16158622
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9dbe708aa60e94574847fa526c876bfd
cf-ray: 6a4705783c9e7162-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 362 B
366 B 79ms
30ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Damion

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 21:54:05 GMT
server: ESF
date: Tue, 26 Oct 2021 22:11:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 26 Oct 2021 22:11:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 400 B
1 KB 78ms
29ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Shadows+Into+Light

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

fb6ed8d5db77d62d0f9bf59e204d49eada193018d8f79fb6a1a8f8936393b5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:22:55 GMT
server: ESF
date: Tue, 26 Oct 2021 22:11:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 26 Oct 2021 22:11:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
506 B 79ms
30ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Narrow

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

0eeb3de92e25d3c986feb0a7f5c5fe638e947b29c8247e4c3cc62009d7ed8f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:58:03 GMT
server: ESF
date: Tue, 26 Oct 2021 22:11:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 26 Oct 2021 22:11:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 1000 B
488 B 78ms
29ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Qwigley

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

521541b54ce9c42fae348c657d2e22fdc1a65f0aa34bddd3e1935cce1bf5285e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 22:11:36 GMT
server: ESF
date: Tue, 26 Oct 2021 22:11:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 26 Oct 2021 22:11:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 54ms
17ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 19:00:26 GMT
x-content-type-options: nosniff
age: 270670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 23 Oct 2022 19:00:26 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 31 KB
6 KB 57ms
16ms Stylesheet
text/css 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css
Requested by: Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-7d2e"
vary: Accept-Encoding
x-hw: 1635286296.dop029.am5.t,1635286296.cds209.am5.hn,1635286296.cds008.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6050

GET
H2 200 jquery.bxslider.js Show response
mrpaintandpuff.com/_admin/_scripts//bxslider/ 48 KB
12 KB 116ms
115ms Script
application/javascript 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/_admin/_scripts//bxslider/jquery.bxslider.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

6e204becdc27273eae727ecbcafb8feb0b414372802114083c827507cb1cb8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_admin/_scripts//bxslider/jquery.bxslider.js
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 22:33:45 GMT
server: Apache
etag: "c0e8-597cec61295ce-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-length: 12021
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 jquery.bxslider.css
mrpaintandpuff.com/_admin/_scripts/bxslider/ 4 KB
1 KB 113ms
113ms Stylesheet
text/css 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/_admin/_scripts/bxslider/jquery.bxslider.css

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

582e89d861a2b537c5ec7903d779611537475d7169ab401a6df99f9596c48504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_admin/_scripts/bxslider/jquery.bxslider.css
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 22:33:44 GMT
server: Apache
etag: "edc-597cec5f9be85-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-length: 1196
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 responsiveslides.min.js Show response
mrpaintandpuff.com/ 70 KB
10 KB 115ms
114ms Script
application/javascript 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mrpaintandpuff.com/responsiveslides.min.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

a02af5b973878f1dc329040569016fb32797f160f8d5f93d678b8b30313a72ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /responsiveslides.min.js
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 21:41:08 GMT
server: Apache
etag: "118d6-597ce09e6c84f-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-length: 10156
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 logo.png
mrpaintandpuff.com/_images/ 57 KB
57 KB 111ms
111ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/logo.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

f13d139353dc5f2fba7f43939b49e8999ab1ae171db0279791134db4e8e6154e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/logo.png
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Sep 2019 12:01:50 GMT
server: Apache
etag: "e293-5928222c08780"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 58003
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 pic3.jpg
mrpaintandpuff.com/_images/ 132 KB
133 KB 219ms
219ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/pic3.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

dd50a52500f7590384de99b8258fb51d0106f4c259a74687ffacbda5e47148c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/pic3.jpg
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:46:42 GMT
server: Apache
etag: "21018-5bbd30c469880"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 135192
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 pic1.jpg
mrpaintandpuff.com/_images/ 125 KB
126 KB 327ms
326ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/pic1.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

c7d2eeaaf2da9d986668bb2e1f1af9ade36ef61e8494b1b5966a8f265b818815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/pic1.jpg
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:44:48 GMT
server: Apache
etag: "1f3b3-5bbd3057b1800"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 127923
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 pic2.jpg
mrpaintandpuff.com/_images/ 117 KB
118 KB 328ms
327ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/pic2.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

578da321db0b08ede37f3101da06694f3d57be8591d481266da4465614ec6dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/pic2.jpg
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:46:01 GMT
server: Apache
etag: "1d33b-5bbd309d4fc40"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 119611
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 payments.jpg
mrpaintandpuff.com/_images/ 29 KB
29 KB 328ms
326ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/payments.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

54c13cc01d5f33e802ab11d4d7a17917aa051f188fd4e8dd14a7bf27214da163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/payments.jpg
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Apr 2018 07:50:31 GMT
server: Apache
etag: "7218-5693d6d57d613"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 29208
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 icon-google.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 328ms
327ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-google.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

1121fb5f395c9d26677024705df48a6bb63df905b6fae23f0acf187c106f219f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-google.png
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:16 GMT
server: Apache
etag: "ff2-5614dc6a89261"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 4082
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 icon-fb.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 328ms
327ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-fb.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

08d4f4ff82b14cb8732a208260b833efeb3faa01de569c9917a5842ca933eedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-fb.png
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:16 GMT
server: Apache
etag: "f73-5614dc6a42d61"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 3955
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 icon-twitter.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 328ms
327ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-twitter.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

99f970d74c149375adadd4466d9e48df836280a590a0369a7a1b11fdd941ad75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-twitter.png
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:18 GMT
server: Apache
etag: "f83-5614dc6ba8421"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 3971
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 icon-instagram.png
mrpaintandpuff.com/_images/ 4 KB
4 KB 327ms
326ms Image
image/png 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/icon-instagram.png

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

1deaf10f616ff640278b6d99cfc69c83b8f64759d9b4c5e59e24f6c61c23ee8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/icon-instagram.png
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:59:17 GMT
server: Apache
etag: "fe4-5614dc6ad35e1"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent,Accept-Encoding
content-length: 4068
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 pin_it_button.png
assets.pinterest.com/images/pidgets/ 909 B
1 KB 123ms
32ms Image
image/png 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/pidgets/pin_it_button.png
Requested by: Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-cdn: fastly
etag: "cf5ce2d2dcfa060f6032b0af60d45aa2"
vary: Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=86400
access-control-max-age: 86400
content-length: 909

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame E053 0
3 KB 78ms
50ms Document
text/html 31.13.64.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://mrpaintandpuff.com//%3E&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.64.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-amt2.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https://mrpaintandpuff.com//%3E&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrpaintandpuff.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: hDA4RrOJKkLklWe6mjLZwZwNuh8k/DySxsQ1OTrSk6nQ9mMCCn8KGOVUDZqPkY8/MLdCbzT4CZB5TLaG/aAdEA==
content-length: 0
date: Tue, 26 Oct 2021 22:11:36 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 bg11.jpg
mrpaintandpuff.com/_images/ 428 KB
431 KB 323ms
323ms Image
image/jpeg 173.236.196.171
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mrpaintandpuff.com/_images/bg11.jpg

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.236.196.171 Brea, United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

ps628362.dreamhostps.com

Software

Apache /

Resource Hash

ac04fae173db6588a65e47a2340c25f5c0ad83bc3c1d8f47180af87169e30d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_images/bg11.jpg
pragma: no-cache
cookie: PHPSESSID=69d00d618ea5b5bce4947816542e68ec
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mrpaintandpuff.com
referer: https://mrpaintandpuff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 06:34:37 GMT
server: Apache
etag: "6af85-5bbd2e10ff940"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: User-Agent
content-length: 438149
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 22:11:36 GMT

GET
H2 200 1cXzaU3UGJb5tGoCiVtmig.woff2
fonts.gstatic.com/s/qwigley/v11/ 27 KB
28 KB 73ms
22ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/qwigley/v11/1cXzaU3UGJb5tGoCiVtmig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Qwigley

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

0a8476f8ea685dce8ab1e22cd11816008381def2783f1f49b56367879b95ded2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mrpaintandpuff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:16:52 GMT
x-content-type-options: nosniff
age: 503684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27556
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:36:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 02:16:52 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 140ms
90ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w0quGQCfG6l67DhIKIcRkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-w0quGQCfG6l67DhIKIcRkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Tue, 26 Oct 2021 22:11:36 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 29ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 22:11:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/67A8)
Age: 307
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame ABB7 319 KB
103 KB 7ms
7ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fmrpaintandpuff.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrpaintandpuff.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432583
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Oct 2021 22:11:36 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6731)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame ABB7 232 B
447 B 131ms
116ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e3ab7fd0d15d11cf2d4a878ad7be34cab8fe64c0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fmrpaintandpuff.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 22:11:36 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 1bbac1fa1faf7e714224f0667d07df479816df6861b3414e4227000640894ed9
content-length: 166

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 147 KB
51 KB 20ms
20ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51558
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Fri, 21 Oct 2022 09:03:17 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 96 KB
33 KB 40ms
40ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 03:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33943
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sat, 22 Oct 2022 03:04:32 GMT

GET
H2 404 fastbutton Show response
apis.google.com/u/0/se/0/_/+1/ Frame 9BC4 2 KB
2 KB 44ms
44ms Document
text/html 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by: Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f14.1e100.net
Software: /
Resource Hash: ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrpaintandpuff.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=nw8DNto_aNYxF9xu87IChnrsVR1HluZylNpVnN6MXfPR3PfvsAxtyDHBtj-51Nxu_K--GEEjhuQZY_NUs2pgnj7HqCldbQn6F-FlhhHeWq7ECN0wyo7mN-gHuOcniOHZpwqx88p3b4u4m30iSSZ0zfSQsIFLOrWd7QcXxJAMvTE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1585
date: Tue, 26 Oct 2021 22:11:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 632F 566 B
826 B 93ms
41ms Document
text/html 142.250.185.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.77 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f13.1e100.net

Software

ESF /

Resource Hash

82445d21a9611bca4c6a72e2a26681022450b81d33910fff0b1168fe48ba71f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1p4uJB1udox0k/rrKrvNIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrpaintandpuff.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=nw8DNto_aNYxF9xu87IChnrsVR1HluZylNpVnN6MXfPR3PfvsAxtyDHBtj-51Nxu_K--GEEjhuQZY_NUs2pgnj7HqCldbQn6F-FlhhHeWq7ECN0wyo7mN-gHuOcniOHZpwqx88p3b4u4m30iSSZ0zfSQsIFLOrWd7QcXxJAMvTE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Oct 2021 22:11:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-1p4uJB1udox0k/rrKrvNIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 22:11:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:51 GMT
Server: ECS (frb/67A8)
Age: 432583
Etag: "e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 9BC4 3 KB
4 KB 57ms
22ms Image
image/png 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 26 Oct 2021 22:11:36 GMT

GET
H/1.1 200
OK tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html Show response
platform.twitter.com/widgets/ Frame 0211 32 KB
12 KB 6ms
6ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mrpaintandpuff.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432583
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Oct 2021 22:11:36 GMT
Etag: "89e8ce4106e3294685b0af818d97b80c+gzip"
Last-Modified: Mon, 18 Oct 2021 18:31:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67A8)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12235

GET
DATA 200
OK truncated
/ Frame 0211 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 2759057950-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 632F 10 KB
5 KB 72ms
24ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2759057950-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmrpaintandpuff.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 04:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4293
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 00:07:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Sat, 22 Oct 2022 04:07:39 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 632F 13 KB
5 KB 45ms
44ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9yO6MgcRI2IwP4IYcHYItQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "998951b1d5405dad0418a425bf80cab9"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-9yO6MgcRI2IwP4IYcHYItQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Tue, 26 Oct 2021 22:11:36 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
334 B 123ms
123ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmrpaintandpuff.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1635286296911%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: mrpaintandpuff.com
URL: https://mrpaintandpuff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mrpaintandpuff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Tue, 26 Oct 2021 22:11:36 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1bbac1fa1faf7e714224f0667d07df479816df6861b3414e4227000640894ed9
x-transaction: bf6048944a9300ef
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 632F 50 KB
18 KB 22ms
21ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18151
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Fri, 21 Oct 2022 03:39:24 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mrpaintandpuff.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 69d00d618ea5b5bce4947816542e68ec
			.google.com/	1970-01-20 02:38:17	Name: NID Value: 511=nw8DNto_aNYxF9xu87IChnrsVR1HluZylNpVnN6MXfPR3PfvsAxtyDHBtj-51Nxu_K--GEEjhuQZY_NUs2pgnj7HqCldbQn6F-FlhhHeWq7ECN0wyo7mN-gHuOcniOHZpwqx88p3b4u4m30iSSZ0zfSQsIFLOrWd7QcXxJAMvTE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fmrpaintandpuff.com&url=https%3A%2F%2Fmrpaintandpuff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1635286296654&_gfid=I0_1635286296654&parent=https%3A%2F%2Fmrpaintandpuff.com&pfname=&rpctoken=38967868 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
apis.google.com
assets.pinterest.com
code.jquery.com
email.mg16.signpost.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mrpaintandpuff.com
my.signpost.com
platform.twitter.com
ssl.gstatic.com
syndication.twitter.com
www.facebook.com
www.google.com
104.18.10.207
104.244.42.200
142.250.185.106
142.250.185.142
142.250.185.163
142.250.185.77
142.250.186.99
151.101.132.84
173.236.196.171
216.58.212.132
216.58.212.170
31.13.64.35
52.42.137.243
54.208.37.110
69.16.175.42
93.184.220.66
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
08d4f4ff82b14cb8732a208260b833efeb3faa01de569c9917a5842ca933eedf
0a8476f8ea685dce8ab1e22cd11816008381def2783f1f49b56367879b95ded2
0eeb3de92e25d3c986feb0a7f5c5fe638e947b29c8247e4c3cc62009d7ed8f5d
1121fb5f395c9d26677024705df48a6bb63df905b6fae23f0acf187c106f219f
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
19dca0ebb315b5398bde5816c4b950c67550f25f62a138a9e227a60641b31867
1deaf10f616ff640278b6d99cfc69c83b8f64759d9b4c5e59e24f6c61c23ee8f
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
521541b54ce9c42fae348c657d2e22fdc1a65f0aa34bddd3e1935cce1bf5285e
54c13cc01d5f33e802ab11d4d7a17917aa051f188fd4e8dd14a7bf27214da163
578da321db0b08ede37f3101da06694f3d57be8591d481266da4465614ec6dd6
582e89d861a2b537c5ec7903d779611537475d7169ab401a6df99f9596c48504
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6e204becdc27273eae727ecbcafb8feb0b414372802114083c827507cb1cb8ef
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
82445d21a9611bca4c6a72e2a26681022450b81d33910fff0b1168fe48ba71f0
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
99f970d74c149375adadd4466d9e48df836280a590a0369a7a1b11fdd941ad75
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1
a02af5b973878f1dc329040569016fb32797f160f8d5f93d678b8b30313a72ed
ac04fae173db6588a65e47a2340c25f5c0ad83bc3c1d8f47180af87169e30d40
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7d2eeaaf2da9d986668bb2e1f1af9ade36ef61e8494b1b5966a8f265b818815
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dd50a52500f7590384de99b8258fb51d0106f4c259a74687ffacbda5e47148c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
f13d139353dc5f2fba7f43939b49e8999ab1ae171db0279791134db4e8e6154e
f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259
f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e
fb6ed8d5db77d62d0f9bf59e204d49eada193018d8f79fb6a1a8f8936393b5fc

mrpaintandpuff.com Open in urlscan Pro 173.236.196.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

0 %IPv6

10 Domains

16 Subdomains

15 IPs

4 Countries

1386 kBTransfer

2176 kBSize

2 Cookies

6 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mrpaintandpuff.com Open in urlscan Pro
173.236.196.171 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

15
IPs

4
Countries

1386 kB
Transfer

2176 kB
Size

2
Cookies

41 HTTP transactions
1 data transactions