powertopaint.derekwicks.com Open in urlscan Pro
69.90.221.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://powertopaint.derekwicks.com/
Effective URL:
https://powertopaint.derekwicks.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 22 via api (September 22nd 2023, 11:10:52 pm UTC) from DE — Scanned from CA

Summary HTTP 61 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 12 domains to perform 61 HTTP transactions. The main IP is 69.90.221.76, located in Oakville, Canada and belongs to COGECO-PEER1, CA. The main domain is powertopaint.derekwicks.com.
TLS certificate: Issued by R3 on July 23rd 2023. Valid for: 3 months.

This is the only time powertopaint.derekwicks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	69.90.221.76 69.90.221.76	13768 (COGECO-PEER1) (COGECO-PEER1)
9	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
7	3.161.213.72 3.161.213.72	16509 (AMAZON-02) (AMAZON-02)
1	142.250.31.97 142.250.31.97	15169 (GOOGLE) (GOOGLE)
3	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
1	104.108.119.68 104.108.119.68	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.18.36.21 104.18.36.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.16.103 142.251.16.103	15169 (GOOGLE) (GOOGLE)
1	142.251.16.101 142.251.16.101	15169 (GOOGLE) (GOOGLE)
1	31.13.80.52 31.13.80.52	32934 (FACEBOOK) (FACEBOOK)
2	146.75.38.109 146.75.38.109	54113 (FASTLY) (FASTLY)
1	142.251.167.95 142.251.167.95	15169 (GOOGLE) (GOOGLE)
1	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
3	151.101.192.217 151.101.192.217	54113 (FASTLY) (FASTLY)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
61	18

22 69.90.221.76 (Oakville, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)
PTR: hp318.servername.online

powertopaint.derekwicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.161.213.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-72.yul62.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.119.68 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-119-68.deploy.static.akamaitechnologies.com

mc.us13.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.21 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.vhx.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.80.52 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: instagram-p3-shv-01-yyz1.fbcdn.net

api.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.38.109 (Sweden)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	derekwicks.com 1 redirects powertopaint.derekwicks.com	1 MB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 maps.googleapis.com — Cisco Umbrella Rank: 778	210 KB
7	gstatic.com fonts.gstatic.com maps.gstatic.com www.gstatic.com	162 KB
7	mailchimp.com downloads.mailchimp.com — Cisco Umbrella Rank: 18900	105 KB
6	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 6037 i.vimeocdn.com — Cisco Umbrella Rank: 5706 fresnel.vimeocdn.com — Cisco Umbrella Rank: 5771	247 KB
3	vhx.tv embed.vhx.tv — Cisco Umbrella Rank: 180035	324 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 3088	6 KB
1	instagram.com api.instagram.com — Cisco Umbrella Rank: 53272
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	262 B
1	google.com www.google.com — Cisco Umbrella Rank: 11	2 KB
1	list-manage.com mc.us13.list-manage.com — Cisco Umbrella Rank: 220064	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	84 KB
61	12

	Domain	Requested by
22	powertopaint.derekwicks.com	1 redirects powertopaint.derekwicks.com
9	maps.googleapis.com	www.google.com maps.googleapis.com
7	downloads.mailchimp.com	powertopaint.derekwicks.com downloads.mailchimp.com
3	i.vimeocdn.com
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	embed.vhx.tv	powertopaint.derekwicks.com embed.vhx.tv
3	fonts.gstatic.com	fonts.googleapis.com
2	player.vimeo.com	embed.vhx.tv f.vimeocdn.com
2	f.vimeocdn.com	embed.vhx.tv
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	maps.gstatic.com	www.google.com
1	api.instagram.com	powertopaint.derekwicks.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.google.com	powertopaint.derekwicks.com
1	mc.us13.list-manage.com	downloads.mailchimp.com
1	www.googletagmanager.com	powertopaint.derekwicks.com
1	fonts.googleapis.com	powertopaint.derekwicks.com
61	17

This site contains links to these domains. Also see Links.

Domain
dcw-art-academy.vhx.tv
www.derekwicks.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.pinterest.ca
www.linkedin.com

Subject Issuer	Validity	Valid
*.powertopaint.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
downloads.mailchimp.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-12` - `2024-09-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-09-30`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-01-15` - `2024-02-16`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-09-08` - `2023-12-07`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://powertopaint.derekwicks.com/
Frame ID: F2374C75B61F7541B25B956C7A8B254A
Requests: 32 HTTP requests in this frame

Frame: https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1
Frame ID: CC447C0C687D3559AC625BA5319EBDD8
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11352.878406513546!2d-79.6683355!3d44.6538648!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xb841e941f890be57!2sDerek+C.+Wicks+-+Wild+Realms+Publishing+Inc.!5e0!3m2!1sen!2sca!4v1461794313316
Frame ID: E5B4AD853E918633FD45596976FCB7B8
Requests: 12 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/common.css
Frame ID: F5109E00830BCBA205437ACB172445B4
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/common.css
Frame ID: DAD20DE54D400A680B78732DF02FE7B6
Requests: 2 HTTP requests in this frame

Frame: https://player.vimeo.com/static/proxy.html
Frame ID: 087C8B501FA183BE817BCB9A27AF0FC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Derek C. Wicks Art Academy - Acrylic Art Lessons and Tutorials

Page URL History Show full URLs

http://powertopaint.derekwicks.com/ HTTP 301
https://powertopaint.derekwicks.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

18
IPs

5
Countries

2287 kB
Transfer

6174 kB
Size

7
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://dcw-art-academy.vhx.tv/
Title: Art Academy

Search URL Search Domain Scan URL

URL: https://www.derekwicks.com/
Title: derekwicks.com

Search URL Search Domain Scan URL

URL: https://www.derekwicks.com/reproductions-derek-wicks.html
Title: Shop Art

Search URL Search Domain Scan URL

URL: https://www.derekwicks.com/derek-wicks-contact-info.html
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.derekwicks.com/derek-wicks-newsletter.html
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/first-flurry

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/emerging-colour

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/under-a-watchful-eye

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/evening-perambulation

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/perfect-perch

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/morning-on-the-athabasca

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/valley-of-the-raven

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/snow-gazer

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/reflections

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/kindred-nuzzle

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/a-place-in-the-pines

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/serenity-s-rhythm

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/water-textures

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/common-loon

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/bighorn-ridge

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/photoshop-for-artists

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/dynamic-photography

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/sparkle-and-flow

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/after-the-rain

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/sichuan-cafe

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/king-of-the-hill

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/downy-drawing

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/rock-and-a-hard-place

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/winter-filigree

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/scout-valley-perspective

Search URL Search Domain Scan URL

URL: https://dcw-art-academy.vhx.tv/products/rock-textures

Search URL Search Domain Scan URL

URL: https://www.derekwicks.com/biography-derek-wicks.html
Title: "click here"

Search URL Search Domain Scan URL

URL: https://www.facebook.com/derekcwicks

Search URL Search Domain Scan URL

URL: https://twitter.com/derekcwicks

Search URL Search Domain Scan URL

URL: https://www.instagram.com/derekcwicks/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCLiM38QbbcvHbFd7Cm7aSSg

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/derekfineart/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/derek-wicks-89148537/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://powertopaint.derekwicks.com/ HTTP 301
https://powertopaint.derekwicks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
powertopaint.derekwicks.com/
Redirect Chain

http://powertopaint.derekwicks.com/
https://powertopaint.derekwicks.com/

38 KB
10 KB

82ms
27ms

Document
text/html

69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: faf33b16103c648e15a80e4c70744dbe32f3f6d1c895ffa39a7c9b14d8f9c473

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: gzip
content-length: 10378
content-type: text/html
date: Fri, 22 Sep 2023 23:10:45 GMT
expires: Sun, 22 Oct 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 17:00:28 GMT
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

Cache-Control: max-age=2592000
Connection: Keep-Alive
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 22 Sep 2023 23:10:45 GMT
Expires: Sun, 22 Oct 2023 23:10:45 GMT
Keep-Alive: timeout=2, max=100
Location: https://powertopaint.derekwicks.com/
Server: Apache

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 125ms
48ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMartel:400,700,900

Requested by

Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

0d7e380be9b379c2a64a21a547146dd11212eaececceb19f73110e1d4e804e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 23:10:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 23:10:45 GMT

GET
H2 200 bootstrap.css
powertopaint.derekwicks.com/css/ 153 KB
31 KB 30ms
28ms Stylesheet
text/css 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://powertopaint.derekwicks.com/css/bootstrap.css
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: fb4063e04ae36bbd0c9a76b42f803f65211c53a823e88cc13fa4f81a73e1a976

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 16:57:03 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 style.css
powertopaint.derekwicks.com/css/ 623 KB
108 KB 47ms
46ms Stylesheet
text/css 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://powertopaint.derekwicks.com/css/style.css
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: b13163d1a56618275e9de4bcb931a4777046aab4ba1f13b8615cfeff2fd5c1c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 16:57:04 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 218 KB
67 KB 93ms
31ms Script
application/javascript 3.161.213.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-72.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d700c54d46e00d74c55071b2ac778183aa6f096d9d674ddccf10074edf4fef83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 12:42:10 GMT
Content-Encoding: br
Via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
Last-Modified: Thu, 21 Sep 2023 21:12:15 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 37716
ETag: W/"20fdd71a9233ea247d3fa8f3b3fa7a1a"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: brl26VxqA-vIOp9WYXTzUWP0j1T4j25hzHXMRnCjfoYkzNax2-TdmQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 141ms
63ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X87QM1JGR9

Requested by

Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

29a91dbabfbafabcaf7a708345ef9608fa1b403af6e3b5b030f53c6c0f314458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 23:10:45 GMT

GET
H2 200 brand-201x34.gif
powertopaint.derekwicks.com/images/ 3 KB
3 KB 27ms
25ms Image
image/gif 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/brand-201x34.gif
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 1a11fa8787860ac000cdfdece221ab6be763632fd6abf82bddbc3810df182fdb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Wed, 29 Jun 2022 17:00:20 GMT
server: Apache
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3407
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 large-logo-derek-wicks.png
powertopaint.derekwicks.com/images/ 8 KB
8 KB 28ms
26ms Image
image/png 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/large-logo-derek-wicks.png
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 185f039043c82325526d128a69240ae92e2f2348175780970a988b8d14be19d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Wed, 29 Jun 2022 17:00:20 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7832
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 kindred-nuzzle-small.jpg
powertopaint.derekwicks.com/images/small/ 29 KB
29 KB 56ms
54ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/kindred-nuzzle-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 465b9836df23f6af90a3cacb6615c3aa5aec12f7e47db2e6874141903c156971

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 16:19:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29492
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 derek-shot.jpg
powertopaint.derekwicks.com/images/small/ 18 KB
18 KB 60ms
59ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/derek-shot.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: c10aa5fcbe0e7540afabf03f9d18496fa288e47b146fce8f7f6b89553da6abed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 16:19:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18369
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 core.min.js Show response
powertopaint.derekwicks.com/js/ 642 KB
246 KB 70ms
68ms Script
application/javascript 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://powertopaint.derekwicks.com/js/core.min.js
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: b81aaaefb82dba825a126106b378cfaee7942b0d7f53eb387402184ec86e0337

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 16:58:46 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 script.js Show response
powertopaint.derekwicks.com/js/ 49 KB
17 KB 62ms
59ms Script
application/javascript 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://powertopaint.derekwicks.com/js/script.js
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: bc84ecb94e68c1ad4dabf59fe183e4db6a5d4daba9678e46200d2d50211efb1b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 16:58:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17077
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 18 KB
19 KB 114ms
39ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMartel:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powertopaint.derekwicks.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:01:49 GMT
x-content-type-options: nosniff
age: 536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18860
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:03:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 23:01:49 GMT

GET
H2 200 form-settings Show response
mc.us13.list-manage.com/subscribe/ 13 KB
8 KB 329ms
230ms Script
application/json 104.108.119.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us13.list-manage.com/subscribe/form-settings?u=253b4862defd18f086295347c&id=ff551b954e&f_id=undefined&u=253b4862defd18f086295347c&id=ff551b954e&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.119.68 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-119-68.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 4b79e3e26335ca4a95ca52352c86207987454ccf6fd770d40fcef706a31f923e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ua-compatible: IE=edge,chrome=1
x-edgeconnect-origin-mex-latency: 142
date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: gzip
referrer-policy: same-origin
server: openresty
x-edgeconnect-midmile-rtt: 2
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=290
content-length: 6448
expires: Fri, 22 Sep 2023 23:15:36 GMT

GET
H2 200 124992 Show response
embed.vhx.tv/subscriptions/ Frame CC44 3 KB
2 KB 324ms
267ms Document
text/html 104.18.36.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1

Requested by

Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.36.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f26d5d5356f5b02d5c8a231ff5d2cfa3f29c72c66d6a4b2e20a4ec85ef9922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://powertopaint.derekwicks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 0
cache-control: public, no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80ae392049363905-YYZ
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 22 Sep 2023 23:10:46 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
server: cloudflare
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-geo-country-code
x-rack-cache: miss
x-served-by: cache-yyz4527-YYZ
x-timer: S1695424246.817583,VS0,VE228
x-xss-protection: 1; mode=block

GET
H2 200 embed Show response
www.google.com/maps/ Frame E5B4 4 KB
2 KB 320ms
247ms Document
text/html 142.251.16.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11352.878406513546!2d-79.6683355!3d44.6538648!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xb841e941f890be57!2sDerek+C.+Wicks+-+Wild+Realms+Publishing+Inc.!5e0!3m2!1sen!2sca!4v1461794313316

Requested by

Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f103.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

71a4f6ef0ceb74c5cadcfd72a57179322aecdf05bd8444d302473443cdb9975d

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-i-RGocELwgliT6SXAw-Dmw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powertopaint.derekwicks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1355
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-i-RGocELwgliT6SXAw-Dmw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 22 Sep 2023 23:10:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bg-construct-image.jpg
powertopaint.derekwicks.com/images/ 232 KB
232 KB 25ms
25ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/bg-construct-image.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 34db0c2af2967433f020e4fc7be0dce3591c3704ed6a3cda03fddd411fb2c006

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Wed, 29 Jun 2022 17:00:20 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 237783
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 57ms
56ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMartel:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powertopaint.derekwicks.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:34:24 GMT
x-content-type-options: nosniff
age: 16581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 18:34:24 GMT

GET
H2 200 PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ 19 KB
19 KB 69ms
68ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMartel:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powertopaint.derekwicks.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:39:01 GMT
x-content-type-options: nosniff
age: 23504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19012
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:00:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 16:39:01 GMT

GET
H2 200 materialdesignicons-webfont.woff2
powertopaint.derekwicks.com/fonts/ 78 KB
78 KB 29ms
29ms Font
font/woff2 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://powertopaint.derekwicks.com/fonts/materialdesignicons-webfont.woff2?v=1.4.57
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1

Request headers

Referer: https://powertopaint.derekwicks.com/css/style.css
Origin: https://powertopaint.derekwicks.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: br
last-modified: Wed, 29 Jun 2022 16:57:52 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79761
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 fontawesome-webfont.woff2
powertopaint.derekwicks.com/fonts/ 75 KB
75 KB 26ms
26ms Font
font/woff2 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://powertopaint.derekwicks.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://powertopaint.derekwicks.com/css/style.css
Origin: https://powertopaint.derekwicks.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
content-encoding: br
last-modified: Wed, 29 Jun 2022 16:57:49 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 77165
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 first-flurry-small.jpg
powertopaint.derekwicks.com/images/small/ 39 KB
39 KB 35ms
30ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/first-flurry-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 9d70cbc86fd64555f721861634a44f91dc9b48c31e931a5ddd16835eca97f7b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Mon, 31 Oct 2022 15:28:54 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 39686
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 emerging-colour-small.jpg
powertopaint.derekwicks.com/images/small/ 55 KB
55 KB 35ms
29ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/emerging-colour-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 71bc30518e9054dcd07e4139ccb94c8d8f95ac05ed44d39ae568d87e7de32493

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Wed, 10 Aug 2022 13:26:24 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 56265
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 under-watchful-eye-small.jpg
powertopaint.derekwicks.com/images/small/ 31 KB
31 KB 33ms
28ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/under-watchful-eye-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 0dae30f662cf96793b83013e561b728a713df928ad027fe765da897d507f9853

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 16:19:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32201
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 evening-perambulation-small.jpg
powertopaint.derekwicks.com/images/small/ 17 KB
17 KB 34ms
28ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/evening-perambulation-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 0f536e6c39d1dc15452d340935e5c61b19241aaba3d2536e2984d7f0fdf0fe5f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 16:19:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17683
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 reflections-small.jpg
powertopaint.derekwicks.com/images/small/ 18 KB
18 KB 33ms
27ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/reflections-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 68b7633ebef180f095f4274946f341e43643fae34a11b10bb2b40306fcd1853e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Mon, 31 Oct 2022 15:28:54 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18459
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 a-place-in-the-pines-small.jpg
powertopaint.derekwicks.com/images/small/ 27 KB
27 KB 33ms
28ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/a-place-in-the-pines-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 8c8b7a07a1f7cd18035a9af5dfeb17038bc941c03f39cb865c610baa2f66ca7a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 16:19:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27593
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 sparkle-flow-small.jpg
powertopaint.derekwicks.com/images/small/ 37 KB
37 KB 35ms
30ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/sparkle-flow-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: 35c3d0975f6dc1fa2379cb2e7f8f9ac82b24ef10645cacd6c563df3fc170f3c7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Mon, 31 Oct 2022 15:28:54 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 37882
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 after-the-rain-small.jpg
powertopaint.derekwicks.com/images/small/ 24 KB
24 KB 34ms
29ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/after-the-rain-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: af691cfe0bd3b29e74b93d1cbd7ec911bb5cc77d548ef84c7dac02d6c7a6847f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 16:19:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24915
expires: Sun, 22 Oct 2023 23:10:45 GMT

GET
H2 200 sichuan-cafe-small.jpg
powertopaint.derekwicks.com/images/small/ 33 KB
33 KB 32ms
27ms Image
image/jpeg 69.90.221.76
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powertopaint.derekwicks.com/images/small/sichuan-cafe-small.jpg
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.90.221.76 Oakville, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp318.servername.online
Software: Apache /
Resource Hash: d229934d596f30708bed583a6727c78a5bab2904fa3e315ecb05bd4681189921

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:45 GMT
last-modified: Tue, 07 Feb 2023 16:19:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34077
expires: Sun, 22 Oct 2023 23:10:45 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
262 B 114ms
42ms Ping
text/plain 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X87QM1JGR9&gtm=45je39k0&_p=1195825156&cid=1464289457.1695424246&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695424245&sct=1&seg=0&dl=https%3A%2F%2Fpowertopaint.derekwicks.com%2F&dt=Derek%20C.%20Wicks%20Art%20Academy%20-%20Acrylic%20Art%20Lessons%20and%20Tutorials&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X87QM1JGR9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 23:10:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://powertopaint.derekwicks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 recent
api.instagram.com/v1/users/3435195626/media/ 0
0 130ms
71ms Script
text/html 31.13.80.52
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://api.instagram.com/v1/users/3435195626/media/recent?access_token=5526956400.ba4c844.c832b2a554764bc8a1c66c39e99687d7&count=1&callback=instafeedCache00e251cd10a0e1c7.parse&callback=jQuery22409467158687297004_1695424245742&_=1695424245743
Requested by: Host: powertopaint.derekwicks.com
URL: https://powertopaint.derekwicks.com/js/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.13.80.52 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS: instagram-p3-shv-01-yyz1.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame E5B4 176 KB
61 KB 74ms
73ms Script
text/javascript 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11352.878406513546!2d-79.6683355!3d44.6538648!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xb841e941f890be57!2sDerek+C.+Wicks+-+Wild+Realms+Publishing+Inc.!5e0!3m2!1sen!2sca!4v1461794313316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

3321035865eac51abf74cd3e2c128a08865b19f7c43eeb999b31b47ae5c53b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62229
x-xss-protection: 0

GET
H2 200 player.css
f.vimeocdn.com/p/4.24.20/css/ Frame CC44 209 KB
21 KB 106ms
34ms Stylesheet
text/css 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.24.20/css/player.css
Requested by: Host: embed.vhx.tv
URL: https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 , Sweden, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cce807823d19d0932d56043354739cbbb46431486647f796403fc7e1d96f2dbb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200039-IAD
date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: br
via: 1.1 varnish
age: 47154
x-timer: S1695424246.165341,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21714
x-cache-hits: 2

GET
H2 200 vimeo_player.css
embed.vhx.tv/css/ Frame CC44 7 KB
2 KB 30ms
30ms Stylesheet
text/css 104.18.36.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.vhx.tv/css/vimeo_player.css

Requested by

Host: embed.vhx.tv
URL: https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.36.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6eb0aa923ec22dd463c157759de762ed2354cf111cf02b13d7cd035898466a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 vegur, 1.1 varnish
age: 2044
x-geo-country-code
x-cache: HIT
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
content-length: 1900
x-served-by: cache-yyz4554-YYZ
x-content-digest: 863efff8d0392d712c0d717ac6101cc213ff0804
last-modified: Tue, 08 Aug 2023 16:09:40 GMT
server: cloudflare
x-timer: S1695424246.094718,VS0,VE0
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 80ae39220b973905-YYZ
x-rack-cache: fresh
x-cache-hits: 12

GET
H2 200 player.js Show response
f.vimeocdn.com/p/4.24.20/js/ Frame CC44 905 KB
211 KB 124ms
52ms Script
application/javascript 146.75.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.24.20/js/player.js
Requested by: Host: embed.vhx.tv
URL: https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.38.109 , Sweden, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1f775c10e1e6d78a86704e4bb30608b739cbc7f9756a363d4a14a386536c8057

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200039-IAD
date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: br
via: 1.1 varnish
age: 56362
x-timer: S1695424246.165387,VS0,VE2
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 215795
x-cache-hits: 1

GET
H2 200 main-2.14.3-a2c679c554ea25d3e2b1.js Show response
embed.vhx.tv/dist/ Frame CC44 1 MB
319 KB 34ms
34ms Script
application/javascript 104.18.36.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.vhx.tv/dist/main-2.14.3-a2c679c554ea25d3e2b1.js

Requested by

Host: embed.vhx.tv
URL: https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.36.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75da8fb469e577b9e17458cb8f0e7a689f0e46415674db686e7047ad7ffc66cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.vhx.tv/subscriptions/124992?buy_btn=1&show_price=1&title=1&sharing=1&color=5f5f61&vimeo=1
Origin: https://embed.vhx.tv
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 vegur, 1.1 varnish
age: 3298
x-geo-country-code
x-cache: HIT
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
content-length: 326422
x-served-by: cache-yyz4527-YYZ
x-content-digest: e13e55c4f844c50eb3457d26907ffbe89a5d9fc3
last-modified: Tue, 08 Aug 2023 16:20:49 GMT
server: cloudflare
x-timer: S1695424246.095627,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 80ae39220b993905-YYZ
x-rack-cache: fresh
x-cache-hits: 1

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/ 103 KB
29 KB 26ms
26ms Script
application/javascript 3.161.213.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-72.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66aa0419a7cfe9b917ee7247ece9c0fe351886647224efbc24f039e20c5a1920

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 00:31:22 GMT
Content-Encoding: br
Via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 31 Jul 2023 21:24:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 81565
ETag: W/"00d9a9699dc9a16acba7db6ea535c460"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: gF6e2ItOrKbOGmkIonUvpWwnVgCLgZ5rEX38RPrE_gFS8zBh0oQIlA==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/ Frame F510 9 KB
3 KB 25ms
24ms Stylesheet
text/css 3.161.213.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-72.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13c515e6a320d8e243904c0fac04cc8963b1372b057513bde25fe4f583f13ddf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 00:31:22 GMT
Content-Encoding: br
Via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 31 Jul 2023 21:24:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 81565
ETag: W/"da643ac8282b93782a826fac43cf2139"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: BrKUYgUiNSZ7Eu1koOXBZ50G4hXOT0nx0L4JiBv6brZh3_tguCsXoA==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/ Frame F510 1005 B
905 B 50ms
24ms Stylesheet
text/css 3.161.213.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-72.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 00:31:26 GMT
Content-Encoding: br
Via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 31 Jul 2023 21:24:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 81561
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: bv0M6qhFAcZstTcWw0ytMTVvnlqRomiuJffo8aCV1Uf6RHihN1K3YQ==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/ Frame DAD2 9 KB
3 KB 61ms
24ms Stylesheet
text/css 3.161.213.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-72.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13c515e6a320d8e243904c0fac04cc8963b1372b057513bde25fe4f583f13ddf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 00:31:22 GMT
Content-Encoding: br
Via: 1.1 82411d437ee2d2355a407b78473e6156.cloudfront.net (CloudFront)
Last-Modified: Mon, 31 Jul 2023 21:24:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 81565
ETag: W/"da643ac8282b93782a826fac43cf2139"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: d8KReFZjooAiDGsgwdhJipdmNXGRYyfI_w3Pylmq1anKMUkx0yny0Q==

GET
H/1.1 200
OK layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/ Frame DAD2 1 KB
936 B 64ms
24ms Stylesheet
text/css 3.161.213.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/layout-2.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-72.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 11:15:03 GMT
Content-Encoding: br
Via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 31 Jul 2023 21:24:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 42944
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: lIguXX5s9Aj8SzwK0p3Fv9LuoYRhfEYPgcdXsQWLFOmq8aBuoyA5zg==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/ 3 KB
1 KB 71ms
24ms Stylesheet
text/css 3.161.213.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/a9a1f47eecd6d697765b294f4891a9a43a6b85d9/modal.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-72.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://powertopaint.derekwicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 03:10:49 GMT
Content-Encoding: br
Via: 1.1 905aa3bc80ce385e5945d99189fc1eac.cloudfront.net (CloudFront)
Last-Modified: Mon, 31 Jul 2023 21:24:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 71998
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: yn3QkvaOkGgsIqUUrZQ-NrYt_cTXcKvTa31BCcyu4ZaBDw-xeUijqw==

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame E5B4 3 B
46 B 135ms
64ms XHR
application/json 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/54/6/ Frame E5B4 232 KB
62 KB 108ms
36ms Script
text/javascript 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/54/6/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

sffe /

Resource Hash

b9f0312e6b8299e97a3a68365e4a20a1fdaf8fd6245bbf5081e79788a5969c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62582
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 20:03:40 GMT

GET
H/1.1 200
OK config Show response
player.vimeo.com/video/795901722/ Frame CC44 13 KB
4 KB 236ms
189ms Fetch
application/json 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vimeo.com/video/795901722/config?color=5f5f61&speed=1&token=eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2OTU0MjQyNDYsImV4cCI6MTY5NTQyNjk0NiwiY2xpcF9pZCI6Nzk1OTAxNzIyLCJkcm0iOmZhbHNlfQ.7jsbU0cCmH8OBUpUUo4RjVlNLByAm-mycgBRBdNoGfA&trick_play=1
Requested by: Host: embed.vhx.tv
URL: https://embed.vhx.tv/dist/main-2.14.3-a2c679c554ea25d3e2b1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25df1388ddbee2f30a4b5699aa3033093a8ff88db303a4919920073582c7d7b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 23:10:46 GMT
Via: 1.1 varnish
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
Connection: keep-alive
x-backend-server: player-backend-edge-entry
X-Served-By: cache-yyz4549-YYZ
x-player-backend: g
Server: cloudflare
X-Timer: S1695424246.401232,VS0,VE144
access-control-max-age: 86400
access-control-allow-methods: GET
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://embed.vhx.tv
Vary: Origin
access-control-allow-credentials: true
x-bapp-server
CF-RAY: 80ae3923d8a4ab3d-YYZ
access-control-allow-headers: Content-Type, x-requested-with
X-Cache-Hits: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/ Frame E5B4 253 KB
56 KB 36ms
35ms Script
text/javascript 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

sffe /

Resource Hash

b29b1817692148eb026c359732d2cc65c21a259050825754cecc42bc2f388ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 19:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56903
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Sep 2024 19:21:32 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/ Frame E5B4 154 KB
49 KB 46ms
46ms Script
text/javascript 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

sffe /

Resource Hash

5b7efd6d37de2602371b70c8017f9a533b66246b64bcab1317f6333b6ee6392d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 21:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49859
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Sep 2024 21:33:50 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/ Frame E5B4 70 KB
23 KB 54ms
54ms Script
text/javascript 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

sffe /

Resource Hash

e8db5084ffdb049ecc8d67bd45dc90e457d845470be67c0036f5c7b47dfaec48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 21:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23536
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Sep 2024 21:38:53 GMT

GET
H2 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/ Frame E5B4 3 KB
1 KB 44ms
43ms Script
text/javascript 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

sffe /

Resource Hash

3dea1fc2bb42675be172a791fa9e294d2b50461d447d3b6d6979ad043f8f8edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 18:52:11 GMT

GET
DATA 200
OK truncated
/ Frame E5B4 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame E5B4 9 KB
9 KB 66ms
66ms Image
image/png 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i1168809&2i1514342&2e1&3u14&4m2&1u280&2u280&5m5&1e0&5sen-CA&6sus&10b1&12b1&client=google-maps-embed&token=107001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

de4054591ccb0676ab36e5772efa858e7ab5ba2ea181b1e1e25b894ba999fc59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=28
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8741
x-xss-protection: 0
expires: Sat, 23 Sep 2023 23:10:46 GMT

GET
H2 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/ Frame E5B4 26 KB
9 KB 37ms
37ms Script
text/javascript 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

sffe /

Resource Hash

c8a951714d99bacc94f043465e2f60c97b83686c37035d4522aa6c51ba003ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 21:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8939
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Sep 2024 21:18:21 GMT

GET
H2 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/ Frame E5B4 3 KB
1 KB 38ms
38ms Script
text/javascript 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

sffe /

Resource Hash

7a0a8bd137d9ddc1eaafad68e42ad3544b0a4e7df6f42f5d236c499de94180d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 20:03:52 GMT

GET
H/1.1 200
OK proxy.html Show response
player.vimeo.com/static/ Frame 087C 3 KB
2 KB 82ms
37ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/static/proxy.html

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.20/js/player.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c3e9c0a04f9597c6ca93876eaf79f7510e75e74c25fe8167417a6ee583aca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://embed.vhx.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 2601
CF-Cache-Status: DYNAMIC
CF-RAY: 80ae3925aec15485-YYZ
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 22 Sep 2023 23:10:46 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: HIT
X-Cache-Hits: 40
X-Player-Backend: p
X-Served-By: cache-yyz4549-YYZ
X-Timer: S1695424247.682732,VS0,VE0
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-backend-proxy: playproxy3
x-bapp-server
x-content-type-options: nosniff
x-varnish-cache: 0
x-vserver: player-varnish-prod-varnish-2
x-xss-protection: 1; mode=block

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CC44 4 KB
2 KB 114ms
37ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.20/js/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 23:10:46 GMT

GET
H2 200 1603319908-2cad400bcb03685e691378c61b46da8d72e6db91a1030e439e1fd56e3353e3db-d
i.vimeocdn.com/video/ Frame CC44 7 KB
7 KB 104ms
57ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1603319908-2cad400bcb03685e691378c61b46da8d72e6db91a1030e439e1fd56e3353e3db-d?mw=800&mh=450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9bf39f367262b3546461505797d7c05effb6d2da101e8d08448a3b736c8dd464

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 859824
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 6675
viewmaster-server: viewmaster-us-central1-hr81
x-served-by: cache-dfw-kdfw8210048-DFW, cache-yyz4529-YYZ
x-timer: S1695424247.664715,VS0,VE41
etag: bd1c17ec397be0a53586215a3e457b43
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame CC44 0
139 B 97ms
52ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f7aecf801d58dc9a021d7f64a85dec93528cf6781695424246
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.20/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://embed.vhx.tv/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://embed.vhx.tv
date: Fri, 22 Sep 2023 23:10:46 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1603319908-2cad400bcb03685e691378c61b46da8d72e6db91a1030e439e1fd56e3353e3db-d
i.vimeocdn.com/video/ Frame CC44 7 KB
7 KB 17ms
17ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1603319908-2cad400bcb03685e691378c61b46da8d72e6db91a1030e439e1fd56e3353e3db-d?mw=800&mh=450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9bf39f367262b3546461505797d7c05effb6d2da101e8d08448a3b736c8dd464

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 859824
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 6675
viewmaster-server: viewmaster-us-central1-hr81
x-served-by: cache-dfw-kdfw8210048-DFW, cache-yyz4529-YYZ
x-timer: S1695424247.731149,VS0,VE0
etag: bd1c17ec397be0a53586215a3e457b43
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 1603319908-2cad400bcb03685e691378c61b46da8d72e6db91a1030e439e1fd56e3353e3db-d.jpg
i.vimeocdn.com/video/ Frame CC44 798 B
972 B 64ms
63ms Image
image/jpeg 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1603319908-2cad400bcb03685e691378c61b46da8d72e6db91a1030e439e1fd56e3353e3db-d.jpg?mw=80&q=85
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 84953fa4a619f7329d6a4ce34b14173ecd85cd84ba6394801ef5cdc3dd6640b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1493327
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 798
viewmaster-server: viewmaster-us-central1-kptz
x-served-by: cache-dfw-kdfw8210029-DFW, cache-yyz4529-YYZ
x-timer: S1695424247.759414,VS0,VE42
etag: d1d78ab1e63557afbbbb88c991d8d79a
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 6, 0

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame CC44 35 KB
12 KB 44ms
43ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 22 Sep 2023 23:10:46 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/117/ Frame CC44 51 KB
15 KB 37ms
37ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/117/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://embed.vhx.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 15:05:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 23 Sep 2023 16:20:11 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.derekwicks.com/	1970-01-21 00:33:04	Name: _ga_X87QM1JGR9 Value: GS1.1.1695424245.1.0.1695424245.0.0.0
.derekwicks.com/	1970-01-21 00:33:04	Name: _ga Value: GA1.1.1464289457.1695424246
.vhx.tv/	1970-01-20 14:57:06	Name: __cf_bm Value: J0_hHCdcQvkjg6u6EtX_8zc8HDZs2nfgACz2plxbt90-1695424246-0-AXZaAHPsMVgcKnqBUt+et3WV2voGZ8NmPnVTkp3WwVqJw2mB5DTAl8787Nem6fpDWHkVQU9gZm+bxcj15ImSt8c=
.list-manage.com/	1970-01-20 23:42:40	Name: _abck Value: 9F1302FA8529B4E1193805E3D1B2FC78~-1~YAAQZe4uF61Am5GKAQAAG/EovwpnCIdis1xQ/2La5PZ9aPN46+IhIIj2BG5MoggxuD0VEvCRhCFvv+XJGNOY9mTxM9vh7NF4VRFPTA/xPjGMJejH1s2r2XS5LnJQUvNGp1uLkJickDVzM3//G7Xx8oDKQ/ezL55TKvPnTlnq2c2Y7FsOV8WFN+3pZwEke5g7mF1fcTAjTe4zYzuGYYLt/HbVx8+DGnnN8PIu9blub1+4MsCr9H+sSDfQJ9ras/t7VnJ1BXB31EcAaJ81yc9/SxtbURERzdAdrVAaQxdUeYJdwQzfo8r8KAyizRiw8tfT0lxrU/BCyx3CzEdQh2/EH/+WIC/4GeVsd84nvZTeIKRv1nkM0aXYlfRMJ92VzlneaQ==~-1~-1~-1
.us13.list-manage.com/	1970-01-20 14:57:11	Name: ak_bmsc Value: 6862592A46C0FEDB34D0CF1CDE3884D6~000000000000000000000000000000~YAAQZe4uF65Am5GKAQAAG/EovxUaG9VkzXVrKPvbbn2a09J0Xxnk0bwox/0d7EYTIyN4iTIrw7xThwz4yqdcCmKUyy1djkUei37+50EluezK6SVv847Q1U08lYu/aHdZ2uBGJQ1vBjp14mV5djx9ptwWkAa4Y5hrSJ6tU1qLKEuJPl8f1cxiNXKbNIsJQ712MS+LO1csgJFBm+C6ml/7L7wZIZkb5ElUh1d08BPwRkd39PDGt+Lsq1tE7MjHceJdFo39diKIcbYZCPR6A4UDkUHkliawGRup7kU+/YhxHXF0kH5SSEseSR7YqSpRFZGFImKFIMbmdpzZWqJvvfg7762bTwpB9Bn5T2hIAC19bfrudte9n6DTSk+DZW6s1VmAbdoKkeXyuMNrl/8T5JKMLpZMNA==
.list-manage.com/	1970-01-20 14:57:18	Name: bm_sz Value: DE5C67F55611BE9ED973785CCFE4978C~YAAQZe4uF69Am5GKAQAAG/EovxWH+9p7q8BUuVG2wvz6VRn6BYuOkXxrSnPX017b9/Vz0KjhOlxwZTiB1Fut+JCtPRkN4BvlR1H1CAE5ppU7MPUHh4p5/+KY0Uz+/M1Ndof/PV0uSKnUnSvbclKbJVSGJZK9hyO2GaMBiBWPJr3Vny53DBGgPv/G/Bug1743YJxIeLxlXwBcjUGpzjxN8x/zO1YBr+SaEtLazkr/l/BtZTdZI7DsmcW4IMdq+iMyOOZFtKWtV83SmNvUPozumLg1AxF/RttKYnxXDMjKxQCId6iNyDexYg==~3424821~3354691
.vimeo.com/	1970-01-20 14:57:06	Name: __cf_bm Value: lEEk8UWN9z7nlDeo3rgPtJN8slpV5ECUkTFqdRTV8xA-1695424246-0-AYpXZKMYg9ZY3P5Oa9wb2FfcKiRd2xrOFsdHgGejcoMRQRLsxOSXDkCb5ov753Yuk8Pbr1q/yz7dGQfBVh12xRk=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.instagram.com/v1/users/3435195626/media/recent?access_token=5526956400.ba4c844.c832b2a554764bc8a1c66c39e99687d7&count=1&callback=instafeedCache00e251cd10a0e1c7.parse&callback=jQuery22409467158687297004_1695424245742&_=1695424245743 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.instagram.com
downloads.mailchimp.com
embed.vhx.tv
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
maps.googleapis.com
maps.gstatic.com
mc.us13.list-manage.com
player.vimeo.com
powertopaint.derekwicks.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.108.119.68
104.18.36.21
142.250.31.97
142.251.16.101
142.251.16.103
142.251.163.94
142.251.167.95
146.75.38.109
151.101.192.217
162.159.128.61
172.253.115.95
172.253.122.94
172.253.63.94
3.161.213.72
31.13.80.52
34.120.202.204
69.90.221.76
0c3e9c0a04f9597c6ca93876eaf79f7510e75e74c25fe8167417a6ee583aca23
0d7e380be9b379c2a64a21a547146dd11212eaececceb19f73110e1d4e804e7f
0dae30f662cf96793b83013e561b728a713df928ad027fe765da897d507f9853
0f536e6c39d1dc15452d340935e5c61b19241aaba3d2536e2984d7f0fdf0fe5f
13c515e6a320d8e243904c0fac04cc8963b1372b057513bde25fe4f583f13ddf
185f039043c82325526d128a69240ae92e2f2348175780970a988b8d14be19d2
1a11fa8787860ac000cdfdece221ab6be763632fd6abf82bddbc3810df182fdb
1f775c10e1e6d78a86704e4bb30608b739cbc7f9756a363d4a14a386536c8057
29a91dbabfbafabcaf7a708345ef9608fa1b403af6e3b5b030f53c6c0f314458
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3321035865eac51abf74cd3e2c128a08865b19f7c43eeb999b31b47ae5c53b04
34db0c2af2967433f020e4fc7be0dce3591c3704ed6a3cda03fddd411fb2c006
35c3d0975f6dc1fa2379cb2e7f8f9ac82b24ef10645cacd6c563df3fc170f3c7
3dea1fc2bb42675be172a791fa9e294d2b50461d447d3b6d6979ad043f8f8edf
465b9836df23f6af90a3cacb6615c3aa5aec12f7e47db2e6874141903c156971
4b79e3e26335ca4a95ca52352c86207987454ccf6fd770d40fcef706a31f923e
56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
5b7efd6d37de2602371b70c8017f9a533b66246b64bcab1317f6333b6ee6392d
62f26d5d5356f5b02d5c8a231ff5d2cfa3f29c72c66d6a4b2e20a4ec85ef9922
66aa0419a7cfe9b917ee7247ece9c0fe351886647224efbc24f039e20c5a1920
68b7633ebef180f095f4274946f341e43643fae34a11b10bb2b40306fcd1853e
71a4f6ef0ceb74c5cadcfd72a57179322aecdf05bd8444d302473443cdb9975d
71bc30518e9054dcd07e4139ccb94c8d8f95ac05ed44d39ae568d87e7de32493
75da8fb469e577b9e17458cb8f0e7a689f0e46415674db686e7047ad7ffc66cf
7a0a8bd137d9ddc1eaafad68e42ad3544b0a4e7df6f42f5d236c499de94180d5
84953fa4a619f7329d6a4ce34b14173ecd85cd84ba6394801ef5cdc3dd6640b2
8c8b7a07a1f7cd18035a9af5dfeb17038bc941c03f39cb865c610baa2f66ca7a
9bf39f367262b3546461505797d7c05effb6d2da101e8d08448a3b736c8dd464
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9d70cbc86fd64555f721861634a44f91dc9b48c31e931a5ddd16835eca97f7b0
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a6eb0aa923ec22dd463c157759de762ed2354cf111cf02b13d7cd035898466a0
af691cfe0bd3b29e74b93d1cbd7ec911bb5cc77d548ef84c7dac02d6c7a6847f
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b13163d1a56618275e9de4bcb931a4777046aab4ba1f13b8615cfeff2fd5c1c5
b29b1817692148eb026c359732d2cc65c21a259050825754cecc42bc2f388ae0
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b81aaaefb82dba825a126106b378cfaee7942b0d7f53eb387402184ec86e0337
b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc
b9f0312e6b8299e97a3a68365e4a20a1fdaf8fd6245bbf5081e79788a5969c58
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc84ecb94e68c1ad4dabf59fe183e4db6a5d4daba9678e46200d2d50211efb1b
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c10aa5fcbe0e7540afabf03f9d18496fa288e47b146fce8f7f6b89553da6abed
c8a951714d99bacc94f043465e2f60c97b83686c37035d4522aa6c51ba003ba9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cce807823d19d0932d56043354739cbbb46431486647f796403fc7e1d96f2dbb
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d229934d596f30708bed583a6727c78a5bab2904fa3e315ecb05bd4681189921
d700c54d46e00d74c55071b2ac778183aa6f096d9d674ddccf10074edf4fef83
de4054591ccb0676ab36e5772efa858e7ab5ba2ea181b1e1e25b894ba999fc59
e25df1388ddbee2f30a4b5699aa3033093a8ff88db303a4919920073582c7d7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8db5084ffdb049ecc8d67bd45dc90e457d845470be67c0036f5c7b47dfaec48
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
faf33b16103c648e15a80e4c70744dbe32f3f6d1c895ffa39a7c9b14d8f9c473
fb4063e04ae36bbd0c9a76b42f803f65211c53a823e88cc13fa4f81a73e1a976

powertopaint.derekwicks.com Open in urlscan Pro 69.90.221.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

0 %IPv6

12 Domains

17 Subdomains

18 IPs

5 Countries

2287 kBTransfer

6174 kBSize

7 Cookies

38 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

powertopaint.derekwicks.com Open in urlscan Pro
69.90.221.76 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

18
IPs

5
Countries

2287 kB
Transfer

6174 kB
Size

7
Cookies

61 HTTP transactions
1 data transactions