paint.toys Open in urlscan Pro
3.33.186.135  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie HTTP 307
   https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Page URL
   
2. https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie?in=1 HTTP 302
   https://paint.toys/oil HTTP 301
   https://paint.toys/oil/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• http://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie HTTP 307
• https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie

Request Chain 31

• https://ps.eyeota.net/pixel?pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388 HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388

Request Chain 81

• https://rp.liadm.com/j?dtstmp=1733290917020&did=did-0046&se=e30&duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&refr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&cd=.paint.toys HTTP 302
• https://rp.liadm.com/j?dtstmp=1733290917020&did=did-0046&se=e30&duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&refr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&cd=.paint.toys&n3pc=true

Request Chain 83

• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-Beeswax_ox-db5_n-inmobi_n-sharethrough_pm-db5_ym_rbd_n-nativo_n-Rise_3lift_n-Outbrain HTTP 302
• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-Beeswax_ox-db5_n-inmobi_n-sharethrough_pm-db5_ym_rbd_n-nativo_n-Rise_3lift_n-Outbrain&dcc=t

Request Chain 114

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=107ea66a-bab7-44dd-982f-f7f182784c4b&gdpr=0&gdpr_consent=

Request Chain 115

• https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D0e8893f90b606c9c5d33f1be%26gdpr%3D0%26gdpr_consent%3D%26source_user_id%3D%24UID HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7551551670186111864

Request Chain 117

• https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D HTTP 302
• https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D&s=2 HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=eNStYVT86ZZFQe4Ejw_H

Request Chain 118

• https://cs.admanmedia.com/c01d0246d79eba64b8a7cca07e5b7dc7.gif?puid=4db898e3-65a2-4171-8917-dbb464e7414a&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DqUVJTHutDLcyGRS8xfsW2M4g%26source_user_id%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=b57423c7-5334-49b4-9086-811c72a47c1d&gdpr=0&gdpr_consent=

Request Chain 122

• https://id5-sync.com/i/483/8.gif?o=api&id5id=ID5*_37K2BAsbB9Iw0v3jXue_lq9vkrnCo8WT3FlNxap0VXfUbnHFKnoDe1ENRINEp4b&gdpr_consent=undefined&gdpr=false HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://id5-sync.com/k/264.gif?puid=fd7ee5f2-b88e-4a53-a721-f2386a0ec639&ttl=%%TTL%% HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/483/19/6/3.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
• https://id5-sync.com/c/483/19/6/3.gif?puid=86a19f2a8da1a88a71d64536bce8a0dd&gdpr=0&gdpr_consent= HTTP 302
• https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=

Request Chain 157

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://ps.eyeota.net/match?uid=fd7ee5f2-b88e-4a53-a721-f2386a0ec639&bid=1e2n4ou

Request Chain 158

• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjY4LVRlNFNnMFBoOXRJTFc3Wm1QTDNOc3pTc2VnZFFoTW9hTndfQ29YbEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00 HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESECjwg97_uDWuvqOmdJ8gV6k&google_cver=1

Request Chain 159

• https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dm51mh00 HTTP 302
• https://ps.eyeota.net/match?uid=7551551670186111864&bid=2cr76e1&referrer_pid=m51mh00

Request Chain 160

• https://sync.srv.stackadapt.com/sync?nid=eyeota HTTP 302
• https://ps.eyeota.net/match?bid=tpm4omv&uid=x-n8aR7HUMNgOVPxetVEQB-7Tig&gdpr=&gdpr_consent=

Request Chain 161

• https://eyeota-match.dotomi.com/match/bounce/current?networkId=41703&version=1&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&gdpr=0&gdpr_consent= HTTP 302
• https://eyeota-match.dotomi.com/match/bounce/current?DotomiTest=a2c8b927105176a&is_secure=true&networkId=41703&version=1&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&gdpr=0&gdpr_consent= HTTP 302
• https://ps.eyeota.net/match?bid=r8d1b20&uid=AQAGuNPbRMSvxgIID6BRAQEBAQEBAQCSkTG5WQEBAJKRMblZ&expiration=1733377332&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 165

• https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=Z0-ruQAJVotV1gBR

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	uclpie xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/ Redirect Chain http://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie	601 B 970 B	768ms 251ms	Document text/html	67.198.205.86 VPLSNET
General Check archive.org Show headers Download Go to Full URL https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 67.198.205.86 , United States, ASN35908 (VPLSNET, US), Reverse DNS 67.198.205.86.static.krypt.com Software Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 / PHP/7.4.33 Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, private max-age=0, no-cache, no-store, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 331 Content-Type text/html; charset=UTF-8 Date Wed, 04 Dec 2024 05:41:52 GMT Developed-by Mohamed Amine El Attabi Email mohamed.amine.elattabi@gmail.com Expires Sat, 2 Aug 1980 15:15:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 Vary Accept-Encoding,User-Agent X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Powered-By PHP/7.4.33 X-XSS-Protection 1; mode=block Redirect headers Location https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Non-Authoritative-Reason HttpsUpgrades
GET H2	200	Primary Request / Show response paint.toys/oil/ Redirect Chain https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie?in=1 https://paint.toys/oil https://paint.toys/oil/	6 KB 2 KB	125ms 124ms	Document text/html	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paint.toys/oil/ Requested by Host: xwsfe.lixiuding.com URL: https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 105200 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit content-encoding br content-length 1669 content-type text/html; charset=UTF-8 date Wed, 04 Dec 2024 05:41:53 GMT etag "7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df" server Netlify strict-transport-security max-age=31536000 vary Accept-Encoding x-nf-request-id 01JE830W4YNYG7A1ZWQ0A0S4RQ Redirect headers accept-ranges bytes age 105200 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit content-length 1668 content-type text/html; charset=UTF-8 date Wed, 04 Dec 2024 05:41:53 GMT etag "7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df" location /oil/ server Netlify strict-transport-security max-age=31536000 x-nf-request-id 01JE830W0ZW5HA7928V1Z52KJ0
GET H2	200	ramp_config.js Show response cdn.intergient.com/1024872/74068/	38 KB 7 KB	652ms 239ms	Script application/javascript	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/1024872/74068/ramp_config.js Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebf5a8215eba625a8e86f5a6891b5d95e523dd9e63f687f6d1a997e3db0edef4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers last-modified Wed, 04 Dec 2024 05:41:49 GMT hw-country-code IL cache-control max-age=600, public, must-revalidate content-encoding br cf-cache-status HIT via 1.1 b64967530af1eaf55ba68a4d7e642cee.cloudfront.net (CloudFront) cf-ray 8ec978579f227d9a-TLV x-cache Hit from cloudfront x-amz-cf-id lJWJERqeESSauJGNXjHwaK-c3Hmoz4QNJvGosHsrWXRMeDxjiFNCXw== date Wed, 04 Dec 2024 05:41:54 GMT content-type application/javascript vary Accept-Encoding server cloudflare x-amz-cf-pop TLV50-C1
GET H2	200	apps.css paint.toys/	5 KB 1 KB	270ms 269ms	Stylesheet text/css	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paint.toys/apps.css Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate content-encoding br etag "58d01e65c6625681e8891f6fbc8c18f5-ssl-df" age 111376 accept-ranges bytes content-length 1395 x-nf-request-id 01JE830W9SV7SCD6QD1A8Y5XYS cache-status "Netlify Edge"; hit date Wed, 04 Dec 2024 05:41:54 GMT content-type text/css; charset=UTF-8 vary Accept-Encoding server Netlify
GET H2	200	index.js Show response paint.toys/oil/	4 KB 1 KB	125ms 124ms	Script application/javascript	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paint.toys/oil/index.js Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate content-encoding br etag "687211e2ced405124b38663a13c97091-ssl-df" age 118563 accept-ranges bytes content-length 1190 x-nf-request-id 01JE830W9T3X29PHEJ1SRTN9SB cache-status "Netlify Edge"; hit date Wed, 04 Dec 2024 05:41:54 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Netlify
GET H2	200	art-icon.png paint.toys/assets/	33 KB 33 KB	132ms 131ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/art-icon.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "1394f8469f2ca5750397e3d7b6ec70a1-ssl" age 41304 accept-ranges bytes content-length 33562 x-nf-request-id 01JE830W9TFDFGFZ2SG9Q0VQWQ cache-status "Netlify Edge"; hit date Wed, 04 Dec 2024 05:41:54 GMT content-type image/png server Netlify
GET H2	200	icon-hand.png paint.toys/assets/	27 KB 27 KB	132ms 132ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/icon-hand.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "a0822110a4671ffdf710da1467460fba-ssl" age 88241 accept-ranges bytes content-length 27394 x-nf-request-id 01JE830W9TEAJXCK4W68MXB34N cache-status "Netlify Edge"; hit date Wed, 04 Dec 2024 05:41:54 GMT content-type image/png server Netlify
GET H2	200	icon-disk.png paint.toys/assets/	13 KB 14 KB	125ms 124ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/icon-disk.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "26852fa1548a91e004629b01e4abf1dd-ssl" age 88239 accept-ranges bytes content-length 13766 x-nf-request-id 01JE830WJ8XNE7J82RTVMVGD9H cache-status "Netlify Edge"; hit date Wed, 04 Dec 2024 05:41:54 GMT content-type image/png server Netlify
GET H2	200	icon-trash.png paint.toys/assets/	50 KB 51 KB	131ms 130ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/icon-trash.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "e91ef5e34b5154d392e8560031eaaa4c-ssl" age 66569 accept-ranges bytes content-length 51680 x-nf-request-id 01JE830WJ9C176D5G4FJ9165G2 cache-status "Netlify Edge"; hit date Wed, 04 Dec 2024 05:41:54 GMT content-type image/png server Netlify
GET H2	200	ramp_core.js Show response cdn.intergient.com/	3 KB 2 KB	346ms 207ms	Script application/javascript	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/ramp_core.js Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 577e78ed141c104b234d555f9b292aaa0af0f930a7bd365011a64ce49562b948 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers hw-country-code IL cache-control max-age=600, public, must-revalidate content-encoding br cf-cache-status DYNAMIC via 1.1 399b5715f700bb807285dd950c15453e.cloudfront.net (CloudFront) cf-ray 8ec978579f247d9a-TLV x-cache Miss from cloudfront x-amz-cf-id sn5KHORm9b6ClZlRT_aXnjooQWe_TgScVAXvhTYHTzgwk8t9xMs2ow== date Wed, 04 Dec 2024 05:41:54 GMT x-lambda-function us-east-1.pageos_production:754 content-type application/javascript vary Accept-Encoding server cloudflare x-amz-cf-pop TLV50-C1
GET H2	200	js Show response www.googletagmanager.com/gtag/	316 KB 106 KB	7867ms 197ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash 74860ea67afc9e0d88efdfdb16d36b9c75ee3ed2673ca048e3e7758e6bf6b284 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 04 Dec 2024 05:42:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:02 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 108177 x-xss-protection 0 server Google Tag Manager
GET		f77c83994c7629264318befe1.main.js faucetfoot.com/j/a3e4bc15c9a3a/	0 0
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	103 KB 33 KB	372ms 133ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024872/74068/ramp_config.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash c557f84c0b7a71dd085826b6adb32a02064cb479078aaa990419ac3185aadf6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br etag 911 / 20061 / m202411180101 / config-hash: 9711647823751720821 x-content-type-options nosniff expires Wed, 04 Dec 2024 05:41:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Wed, 04 Dec 2024 05:41:55 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33453 x-xss-protection 0 server cafe
GET H2	200	prebid.js.br Show response cdn.intergi.com/prebid/	536 KB 169 KB	1490ms 93ms	Script text/javascript	104.18.25.242 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/prebid/prebid.js.br Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024872/74068/ramp_config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8429294dbe104afeafcde686898d55472274252021dc9e068ea8f3f23ae98a5f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT x-amz-version-id RsSvKuHpf4VS0lvS3yHraZ7eDlmwsOkV etag W/"28347b2131c172e8cbc65cdd1f06f8d3" age 6263 x-cache Hit from cloudfront x-amz-cf-id vFEvWlKYPjc3Kzc2bWlsRthOaLMFyUvIQtLhaTSPHCtkn4AOc6ldvg== date Wed, 04 Dec 2024 05:41:56 GMT content-type text/javascript last-modified Wed, 20 Nov 2024 15:48:53 GMT vary Accept-Encoding via 1.1 27c8fa1293b3ecca6804886739b2d020.cloudfront.net (CloudFront) cf-ray 8ec97861d9fa7d9a-TLV x-amz-cf-pop HEL50-C2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	pageos.js Show response cdn.intergient.com/pageos/1.12.2/	397 B 500 B	87ms 86ms	Script text/javascript	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.12.2/pageos.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/ramp_core.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a66b049eecbddfd608523251a04d8912c8906b8fd336ae444289b9cc645c863b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"0c29bc3554c6275412a58bf053466cda" age 1037469 x-cache Hit from cloudfront x-amz-cf-id lxD19b3NTNTQ7zap_erwJo4zKIni_LvxIA1ZVR0irdYY-9W-r1sV1g== date Wed, 04 Dec 2024 05:41:54 GMT content-type text/javascript last-modified Wed, 20 Nov 2024 14:24:59 GMT vary Accept-Encoding hw-country-code IL cache-control public, max-age=31536000 via 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront) cf-ray 8ec9785928fa7d9a-TLV x-amz-cf-pop FRA60-P2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	runtime.ee4a1bbf1a033c794a6a.js Show response cdn.intergient.com/pageos/1.12.2/	3 KB 2 KB	78ms 77ms	Script text/javascript	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.12.2/runtime.ee4a1bbf1a033c794a6a.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/pageos.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1a40585937ac293816334f359c71006be388c977e647dcf5270a8a75313639 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"61099087308e4d59d42eeb6e0a0d00b4" age 1174030 x-cache Hit from cloudfront x-amz-cf-id _GPSLzKPA2LEiZigawEVmXvvw05vANN0bYIRfeOfLj8zZgYX3KfwKQ== date Wed, 04 Dec 2024 05:41:54 GMT content-type text/javascript last-modified Wed, 20 Nov 2024 14:24:59 GMT vary accept-encoding hw-country-code IL cache-control public, max-age=31536000 via 1.1 d4e2a230c602065d2e7043c30b343ff6.cloudfront.net (CloudFront) cf-ray 8ec97859a9997d9a-TLV x-amz-cf-pop TLV50-C1 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	main.adcfb3cb78ca97b4e5f1.js Show response cdn.intergient.com/pageos/1.12.2/	205 KB 65 KB	82ms 82ms	Script text/javascript	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/pageos.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7ad3b1490c18aa8bd0866e056d8eba4d936b73d68d959fe9ccb4f9b4b09c8b2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"0da83f703e4b65564ff337f99214473a" age 1174030 x-cache Hit from cloudfront x-amz-cf-id mI-iKNsCQ4eHxDcfABzyA9Mc9_GoO85al7QPmIMpgMOiLlKm1M2c4A== date Wed, 04 Dec 2024 05:41:54 GMT content-type text/javascript last-modified Wed, 20 Nov 2024 14:24:59 GMT vary accept-encoding hw-country-code IL cache-control public, max-age=31536000 via 1.1 204bd0167cb393ba9e4c551868cf63f6.cloudfront.net (CloudFront) cf-ray 8ec97859a99c7d9a-TLV x-amz-cf-pop TLV50-C1 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	videoCard.5ed8eb34c11835040def.js Show response cdn.intergient.com/pageos/1.12.2/	559 B 498 B	86ms 85ms	Script text/javascript	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.12.2/videoCard.5ed8eb34c11835040def.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/runtime.ee4a1bbf1a033c794a6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"6880c1609e3243c11c7b4f1285e14d89" age 1095423 x-cache Hit from cloudfront x-amz-cf-id 3kKWGpRXqbb2Jw64zxbDl6uW59f8ZkOT7haOdp2Yi1g2puy6v9fbbA== date Wed, 04 Dec 2024 05:41:55 GMT content-type text/javascript last-modified Wed, 20 Nov 2024 14:24:59 GMT vary Accept-Encoding hw-country-code IL cache-control public, max-age=31536000 via 1.1 b64967530af1eaf55ba68a4d7e642cee.cloudfront.net (CloudFront) cf-ray 8ec9785b0af27d9a-TLV x-amz-cf-pop TLV50-C1 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	iframe.html cdn.intergient.com/pageos/1.12.2/iframe/ Frame 77B6	0 0	212ms 83ms	Document text/html	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.12.2/iframe/iframe.html Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 1174030 cache-control public, max-age=31536000 cf-cache-status HIT cf-ray 8ec9785bfc81c22f-TLV content-encoding br content-type text/html date Wed, 04 Dec 2024 05:41:55 GMT hw-country-code IL last-modified Wed, 20 Nov 2024 14:24:59 GMT server cloudflare vary Accept-Encoding via 1.1 42b75b2f786059fa572a801a0e071c32.cloudfront.net (CloudFront) x-amz-cf-id YiHF4zwLfxhHsZybYqEisRF_foK3nZIQnUyrO41_fneGV6h-PA2vjQ== x-amz-cf-pop TLV50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	iframe.html cdn.intergient.com/pageos/1.12.2/iframe/ Frame E347	0 0	211ms 211ms	Document text/html	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.12.2/iframe/iframe.html Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 1174030 cache-control public, max-age=31536000 cf-cache-status HIT cf-ray 8ec9785bfc81c22f-TLV content-encoding br content-type text/html date Wed, 04 Dec 2024 05:41:55 GMT hw-country-code IL last-modified Wed, 20 Nov 2024 14:24:59 GMT server cloudflare vary Accept-Encoding via 1.1 42b75b2f786059fa572a801a0e071c32.cloudfront.net (CloudFront) x-amz-cf-id YiHF4zwLfxhHsZybYqEisRF_foK3nZIQnUyrO41_fneGV6h-PA2vjQ== x-amz-cf-pop TLV50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	Other Show response impression-inferences-edge-prod.playwire.com/websites/74068/v1/Wed/0/desktop/Chrome/	586 B 921 B	3489ms 174ms	XHR application/json	18.66.102.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Wed/0/desktop/Chrome/Other Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-34.fra56.r.cloudfront.net Software CloudFront / Resource Hash f5666a4ca32467fd7c69a4e1d1640123a6942dad75678dfe30f14f077a03ba3e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=3600, public, must-revalidate access-control-expose-headers * age 724 via 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront content-length 586 x-amz-cf-id 8B7rDHVAhDut6bLcKuXFxwqLJIlC8oeqQfljrVvFjiZKVrP3oLsQtg== date Wed, 04 Dec 2024 05:29:54 GMT content-type application/json x-amz-cf-pop FRA56-P2 server CloudFront
GET H2	200	tag Show response btloader.com/	111 KB 31 KB	3621ms 131ms	Script application/javascript	172.67.41.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5150306120761344&upapi=true Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ae78992c9b493afa1489e1b1549dbf1b1235dd770718fd668e4101e1590b6a1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-robots-tag noindex, nofollow cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 content-encoding gzip cf-cache-status HIT etag "c608a614b6a2335d91c8752d02ba557d" age 1076 via 1.1 google cf-ray 8ec978718cf3c22c-TLV accept-ranges bytes content-length 31735 date Wed, 04 Dec 2024 05:41:58 GMT content-type application/javascript last-modified Wed, 04 Dec 2024 05:22:10 GMT vary Origin, Accept-Encoding server cloudflare
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	345 KB 85 KB	413ms 175ms	Script application/javascript	13.224.196.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-140.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers vary Accept-Encoding cache-control max-age=3600 content-encoding gzip etag W/"812ceba01127f3bf5aede260eaddcd29" age 1993 via 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront), 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id p7Si0PPJR9f0qiYnr4pZFEzf_vvInsBt5S2DOGPZMujgg4j8aUxZPg== date Wed, 04 Dec 2024 05:08:43 GMT content-type application/javascript last-modified Wed, 06 Nov 2024 22:51:07 GMT server AmazonS3 x-amz-cf-pop FRA6-C1, FRA2-C1 x-amz-server-side-encryption AES256
GET		pixel.gif px.moatads.com/	0 0
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/17138/	43 KB 13 KB	1688ms 182ms	Script text/javascript	65.9.66.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/17138/sync.min.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-122.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a1b70ca670ab8ac2ebf163fbedfd4d65b1a8e33c9277dee78468072d25aa605f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers vary Accept-Encoding cache-control public, max-age=86400 content-encoding gzip etag W/"7ac6dd54487d8f654726122eb9bd814d" age 6713 via 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id iF4vHodAuXgP0mvmQt1_gaure8D8tx68MFsrAVHbVKy0hK_FZh8Hrg== date Wed, 04 Dec 2024 03:52:25 GMT content-type text/javascript last-modified Tue, 20 Aug 2024 18:56:33 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 x-amz-server-side-encryption AES256
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/	492 KB 152 KB	126ms 124ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br etag 1421939719645060458 age 1136 x-content-type-options nosniff expires Thu, 04 Dec 2025 05:22:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Wed, 04 Dec 2024 05:22:59 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 155913 x-xss-protection 0 server cafe
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/	64 KB 23 KB	130ms 129ms	Other text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/gpt Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e33cff2da607ed34049c949ac59d671b34ce321369629f45ed5462131f6b0a83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 7798723742105243693 age 49246 x-content-type-options nosniff expires Wed, 04 Dec 2024 16:01:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Tue, 03 Dec 2024 16:01:09 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=86400, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 23021 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202412030101"
GET		62748034-10ab-4906-aeb9-9757842effd8 https://paint.toys/ Frame	0 0
GET H2	200	config.json Show response config.playwire.com/audience_segments/	328 KB 57 KB	3704ms 181ms	XHR application/json	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://config.playwire.com/audience_segments/config.json Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b493671cee2ddbdaf810ebbdd380c3cdfea3bd8db70f7db6e80e2d84a4a58463 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers access-control-max-age 7200 access-control-expose-headers hw-country-code content-encoding gzip cf-cache-status HIT age 6 report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1733210457&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=h1j9iPwEE99dH6bcywelKjV7H3oPgY6Cumz%2F8ymGBHs%3D"}]} access-control-allow-methods GET x-cache Hit from cloudfront x-amz-cf-id EFzv8xye39d-MyWWTZwWQIkrlV3Y5EmLgjPOKtqjh2tY753xa6HMEQ== date Wed, 04 Dec 2024 05:41:59 GMT content-type application/json vary Accept-Encoding last-modified Wed, 04 Dec 2024 05:41:53 GMT reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1733210457&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=h1j9iPwEE99dH6bcywelKjV7H3oPgY6Cumz%2F8ymGBHs%3D hw-country-code IL nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} cache-control public, max-age=600 via 1.1 vegur, 1.1 559504b2d79b041c65c358d3db693428.cloudfront.net (CloudFront) cf-ray 8ec978745eb38ff5-FRA access-control-allow-origin * x-amz-cf-pop TLV50-C1 server cloudflare
GET H2	200	474.9e5e7d94b0ad365e11fa.js Show response cdn.intergient.com/pageos/1.12.2/	3 KB 1 KB	79ms 77ms	Script text/javascript	104.18.20.56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.12.2/474.9e5e7d94b0ad365e11fa.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/runtime.ee4a1bbf1a033c794a6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"f32f7966b1a24d5db4c7e8891271dc87" age 1174030 x-cache Hit from cloudfront x-amz-cf-id VoIoKb4IKTn7QsWo6nol_ig_ymJ0bsQnLBlFsq2R1ulKtd42dMldVg== date Wed, 04 Dec 2024 05:41:55 GMT content-type text/javascript last-modified Wed, 20 Nov 2024 14:24:59 GMT vary accept-encoding hw-country-code IL cache-control public, max-age=31536000 via 1.1 16f88a640328f5c5351c2916207f0148.cloudfront.net (CloudFront) cf-ray 8ec9785dee047d9a-TLV x-amz-cf-pop TLV50-C1 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	script Show response carbon-cdn.ccgateway.net/	26 KB 8 KB	8149ms 248ms	Script text/javascript	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Requested by Host: xwsfe.lixiuding.com URL: https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash 16c56b435b207091765ba35ac730b941a43de2849190817f94c7c9419d129ec2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private,max-age=900 content-encoding gzip date Wed, 04 Dec 2024 05:42:03 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	tyche.js Show response cdn.intergi.com/hera/releases/4.12.3/	484 B 927 B	709ms 79ms	Script text/javascript	104.18.25.242 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.12.3/tyche.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e5b270206e2acc3802bc7fa2ce38356bf1745cb80de44300e8006923c900f99 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT x-amz-version-id ap1eMCZ1i9iclLIooQnp2vem4QO2Yw3C etag W/"b0f716cd9f656a0c124eb394dd64cb87" age 1088325 x-cache Miss from cloudfront x-amz-cf-id vXq9PQqfnAXvtdFXSToHpqagh2Vs9EkIwVclorCe91ZorJwjWZeg6g== date Wed, 04 Dec 2024 05:41:56 GMT content-type text/javascript last-modified Thu, 21 Nov 2024 15:09:46 GMT vary Accept-Encoding cache-control public, max-age=31536000 via 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront) cf-ray 8ec97861d9fc7d9a-TLV x-amz-cf-pop VIE50-C2 server cloudflare x-amz-server-side-encryption AES256
GET H/1.1	200 OK	/ Show response ps.eyeota.net/pixel/bounce/ Redirect Chain https://ps.eyeota.net/pixel?pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388 https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388	1 KB 2 KB	126ms 126ms	Script application/javascript	3.124.210.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Server 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-210-90.eu-central-1.compute.amazonaws.com Software / Resource Hash 7eb4bf720ff2497f77fc869c45c722f802de97c5bc6fbfe73f6ba8abbed0c804 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Content-Length 1196 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:11 GMT Content-Type application/javascript Redirect headers Location /pixel/bounce/?pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388 Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:11 GMT
GET H2	200	154013155 Show response fundingchoicesmessages.google.com/i/	196 KB 65 KB	3491ms 208ms	Script application/javascript	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/154013155?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash f0d8be89d2c0998743dbf11c69a8d4ecd840dd14d08a1fb9290d8fb2782bb20d Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-T3PwsKmz7-YxcQeD1YMnEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:41:59 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIm2P59f272AQWTDslpKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiCCT0DEziCwwAkUQ8xw" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-T3PwsKmz7-YxcQeD1YMnEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	3476ms 181ms	XHR application/javascript	13.224.196.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-140.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers access-control-max-age 3000 content-encoding gzip x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE etag W/"a4d296427fc806b21335359e398c025c" age 83607 access-control-allow-methods GET x-cache Hit from cloudfront x-amz-cf-id UPkXsrRgN5xVQQM79RvYr5oMxK-tubqAqe88NeAaELJ3zuRQh9fT6g== date Tue, 03 Dec 2024 06:28:33 GMT content-type application/javascript vary Origin,accept-encoding last-modified Thu, 29 Feb 2024 02:13:08 GMT cache-control public, max-age=86400 via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA2-C1 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	bd056b42-51db-43ce-9a8e-3b11319b5d1f Show response config.aps.amazon-adsystem.com/configs/	563 B 831 B	7756ms 181ms	Script application/javascript	18.245.31.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.31.123 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-31-123.fra56.r.cloudfront.net Software CloudFront / Resource Hash 525169d33bd78ca4b54af24f2e9a577531a9aac5544e2e58f247a326d2c95c9b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=3600 age 2467 via 1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront) x-cache Hit from cloudfront content-length 563 x-amz-cf-id dZuCXn27M1MtLXuoS15bDdXfEXnV4JI1ivroDeSzLOW9I8X0VGhJFw== date Wed, 04 Dec 2024 05:00:56 GMT content-type application/javascript x-amz-cf-pop FRA56-P8 server CloudFront
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	3 KB 3 KB	116ms 116ms	XHR application/json	13.224.196.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-140.fra2.r.cloudfront.net Software Server / Resource Hash 0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=21550, s-maxage=21600 age 4 access-control-allow-credentials true via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) access-control-allow-origin https://paint.toys x-cache Hit from cloudfront content-length 2862 x-amz-cf-id VgRBwB-o3YfmCIAGunPTAcGft48SW20ttPI3wQSViaPlz3kJQtbinQ== date Wed, 04 Dec 2024 05:41:50 GMT content-type application/json;charset=UTF-8 x-amz-cf-pop FRA2-C1 server Server
OPTIONS H2	200	recordVendorsLoaded prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame	0 0	856ms 198ms	Preflight	3.217.87.32 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.87.32 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-87-32.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://paint.toys Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Wed, 04 Dec 2024 05:41:56 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	pubcid.min.js Show response secure.cdn.fastclick.net/js/pubcid/latest/	54 KB 17 KB	975ms 133ms	Script application/javascript	2.23.78.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js Requested by Host: xwsfe.lixiuding.com URL: https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-23-78-67.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "d734-5f2f3919e751f-gzip" expires Wed, 04 Dec 2024 05:56:57 GMT accept-ranges bytes content-length 17407 date Wed, 04 Dec 2024 05:41:57 GMT last-modified Mon, 23 Jan 2023 19:40:17 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16576/	43 KB 13 KB	316ms 132ms	Script text/javascript	65.9.66.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16576/sync.min.js Requested by Host: xwsfe.lixiuding.com URL: https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-122.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers vary Accept-Encoding cache-control public, max-age=86400 content-encoding gzip etag W/"ad78eaf46246cac6849005eb8b50ae6f" age 20277 via 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id YRKt5Gr84GdAPxDBKJk7r9TzU14L0MEIeBghCnzOI6HdtIA4ddYoxw== date Wed, 04 Dec 2024 00:04:00 GMT content-type text/javascript last-modified Tue, 20 Aug 2024 18:47:23 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 x-amz-server-side-encryption AES256
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	100 KB 29 KB	470ms 75ms	Script text/javascript	172.67.38.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: xwsfe.lixiuding.com URL: https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-amz-id-2 NrambW2VONKjPrAp6sGGW93vhJZC9wvX3e2mnNQri6tY8K+AF6+wIau3U3/i8guOKqLAFidcDqZv631y9yaL9/N3iSGJwUKyNNC7vRFqAm8= strict-transport-security max-age=15552000; includeSubDomains; preload cache-control public, max-age=3600 content-encoding br cf-cache-status HIT etag W/"14cd899b51c2c37c71fbf5e1ae6fe38b" age 3257 x-amz-request-id 0AA387M9V15PXER9 cf-ray 8ec978681c53c224-TLV date Wed, 04 Dec 2024 05:41:57 GMT content-type text/javascript;charset=utf-8 last-modified Wed, 13 Nov 2024 11:06:09 GMT vary Accept-Encoding server cloudflare x-amz-server-side-encryption AES256
GET H2	200	launcher-stub.min.js Show response secure.cdn.fastclick.net/js/cnvr-launcher/latest/	14 KB 5 KB	469ms 204ms	Script application/javascript	2.23.78.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js Requested by Host: xwsfe.lixiuding.com URL: https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-23-78-67.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "38c0-5e92054540ea5-gzip" expires Wed, 04 Dec 2024 05:56:57 GMT accept-ranges bytes content-length 5252 date Wed, 04 Dec 2024 05:41:57 GMT last-modified Tue, 20 Sep 2022 18:52:26 GMT content-type application/javascript server Apache vary Accept-Encoding
POST H2	200	recordVendorsLoaded Show response prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/	0 128 B	201ms 199ms	XHR text/plain	3.217.87.32 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.87.32 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-87-32.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/json Referer https://paint.toys/ Response headers access-control-allow-origin * content-length 0 date Wed, 04 Dec 2024 05:41:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	runtime.89faceeed3ca361d62a9.js Show response cdn.intergi.com/hera/releases/4.12.3/	3 KB 2 KB	208ms 207ms	Script text/javascript	104.18.25.242 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.12.3/runtime.89faceeed3ca361d62a9.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.12.3/tyche.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9111aa9337ebd5fd6255ae8cddcb6186c18008d2491f298fe6b3a2f44c2667a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT etag W/"db2fcc737b1739379ed08e583dadbc6d" x-amz-version-id sBID0cB24P7xcUmhlYCoqH7shLXViMv6 age 1088325 x-cache Miss from cloudfront x-amz-cf-id b1gmXp0b_VlM4T8TuH4zwOuHe0Q-4GtaNJYLMMQUm4ZDtVDQy-FDhw== date Wed, 04 Dec 2024 05:41:56 GMT content-type text/javascript last-modified Thu, 21 Nov 2024 15:09:46 GMT vary accept-encoding cache-control public, max-age=31536000 via 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront) cf-ray 8ec978625a537d9a-TLV x-amz-cf-pop FRA56-P3 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	main.d76ddf148f40624c51a1.js Show response cdn.intergi.com/hera/releases/4.12.3/	239 KB 76 KB	209ms 208ms	Script text/javascript	104.18.25.242 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.12.3/main.d76ddf148f40624c51a1.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.12.3/tyche.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72b49f7f3b1695d725da86ed2140d0ee23ff0b3680006dbae16305f864827f1c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT etag W/"e6c656fbab2cf892f0e1b514fa53a25c" x-amz-version-id Y8m_hggcZIFCze_ky0kiKooiH8hQc11Q age 1088325 x-cache Miss from cloudfront x-amz-cf-id xWw4ZG7c51lehaOVvgnfef_aT5oXM4lBkNghS7hm35B-tIQzavGAsA== date Wed, 04 Dec 2024 05:41:56 GMT content-type text/javascript last-modified Thu, 21 Nov 2024 15:09:46 GMT vary accept-encoding cache-control public, max-age=31536000 via 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront) cf-ray 8ec978625a567d9a-TLV x-amz-cf-pop FRA56-P3 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	lib.82225ced52a6390e480c.js Show response cdn.intergi.com/hera/releases/4.12.3/lib/	1 KB 921 B	208ms 208ms	Script text/javascript	104.18.25.242 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.12.3/lib/lib.82225ced52a6390e480c.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.12.3/tyche.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT etag W/"26c007e785f82a765ec40fc9a32b0b3c" x-amz-version-id EIGBhlYUzYRwy0WSu6d04oJjPS4Yl40n age 1088325 x-cache Miss from cloudfront x-amz-cf-id nhNCaY6zsRhw3SyWvgaQt7ZXO0AXaNJlodPWGDUpzt-6PC5cE_lNnA== date Wed, 04 Dec 2024 05:41:56 GMT content-type text/javascript last-modified Thu, 21 Nov 2024 15:09:46 GMT vary accept-encoding cache-control public, max-age=31536000 via 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront) cf-ray 8ec978625a587d9a-TLV x-amz-cf-pop FRA56-P3 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	424 KB 145 KB	386ms 132ms	Script text/javascript	142.250.185.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.12.3/main.d76ddf148f40624c51a1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f10.1e100.net Software sffe / Resource Hash 6d87484ab05f1583269aa457919e2dc84c4fd1467a4c578c4ab01d85cf12c18a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private, max-age=900, stale-while-revalidate=3600 content-encoding gzip cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} x-content-type-options nosniff expires Wed, 04 Dec 2024 05:41:57 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148133 date Wed, 04 Dec 2024 05:41:57 GMT x-xss-protection 0 content-type text/javascript vary Accept-Encoding server sffe
POST H2	200	prebid Show response id5-sync.com/api/config/	194 B 659 B	3451ms 180ms	Fetch application/json	162.19.138.120 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/config/prebid Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533571.ip-162-19-138.eu Software / Resource Hash 1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys p3p CP="CAO PSA OUR" date Wed, 04 Dec 2024 05:41:59 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin access-control-allow-credentials true
GET H2	200	id Show response id.crwdcntrl.net/	75 B 822 B	1399ms 135ms	Fetch application/json	34.253.142.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id?c=17262 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.142.118 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-142-118.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 027e294017ad2391d2e5efd7af88129c7ded5e14165198dcaff37d5fefe3f8f2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV content-length 75 date Wed, 04 Dec 2024 05:41:57 GMT content-type application/json;charset=utf-8 x-server 10.45.21.74 server Jetty(9.4.38.v20210224)
GET		f fid.agkn.com/	0 0
GET		envelope lexicon.33across.com/v1/	0 0
GET H2	204	any Show response idx.liadm.com/idex/did-0046/	0 367 B	1629ms 197ms	Fetch	3.221.57.175 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.57.175 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-57-175.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=3599, private trace-id f7baf44cb363c670 request-time 0 access-control-allow-credentials true expires Wed, 04 Dec 2024 06:41:58 GMT access-control-allow-origin https://paint.toys date Wed, 04 Dec 2024 05:41:58 GMT vary Origin
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	1 KB 896 B	851ms 320ms	XHR text/javascript	18.245.52.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&pid=mxOy7to3tlCfF&cb=0&ws=1600x1200&v=24.1105.2150&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&sm=c11a9e12-3a02-4e1f-9ae7-874ab273e6b5&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.52.164 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-52-164.fra56.r.cloudfront.net Software Server / Resource Hash e9ffacc26dd52459ba0858bdf38718a15af7c769646c08858f3426cddde0c60d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip access-control-allow-credentials true via 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront) access-control-allow-origin https://paint.toys x-cache Miss from cloudfront content-length 566 x-amz-cf-id wDC9CvOzgxaXgs3kBGiz9Q8vJ147q_YRrAC0u0Y9b0cEUwqpUl07yg== date Wed, 04 Dec 2024 05:41:56 GMT content-type text/javascript;charset=UTF-8 x-amz-cf-pop FRA56-P9 server Server
GET H2	200	topics_frame.html pa.openx.net/ Frame 7761	0 0	1477ms 66ms	Document text/html	34.36.214.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pa.openx.net/topics_frame.html?bidder=openx Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.214.36.34.bc.googleusercontent.com Software UploadServer / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 932 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=3600 content-length 1036 content-type text/html; charset=utf-8 date Wed, 04 Dec 2024 05:26:26 GMT etag "c5379e35e267deacc52e06ed0f5fa81f" last-modified Mon, 22 Jan 2024 14:38:43 GMT server UploadServer supports-loading-mode fenced-frame vary Origin x-allow-fledge true x-goog-generation 1705934323795552 x-goog-hash crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw== x-goog-metageneration 1 x-goog-storage-class STANDARD x-goog-stored-content-encoding identity x-goog-stored-content-length 1036 x-guploader-uploadid AFiumC5qiEU3VXbXWTwid8kSp_P18jg9aBSOjk-6ESbFk76d7_er5EzxV1ld5FMHXlLSD5isVxaYFXq45Q
GET H2	200	topics_frame.html ads.pubmatic.com/AdServer/js/topics/ Frame 756C	0 0	1380ms 120ms	Document text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=156146 content-encoding gzip content-length 859 content-type text/html date Wed, 04 Dec 2024 05:41:57 GMT expires Fri, 06 Dec 2024 01:04:23 GMT last-modified Tue, 21 Mar 2023 05:02:13 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
POST		cookie_sync prebid-server.rubiconproject.com/	0 0
POST		auction prebid-server.rubiconproject.com/openrtb2/	0 0
POST		request grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/	0 0
POST H/1.1	200 OK	playwire Show response direct.adsrvr.org/bid/bidder/	0 394 B	16012ms 194ms	Fetch application/json	52.223.6.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://direct.adsrvr.org/bid/bidder/playwire Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.223.6.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a8c33d2b6751b365d.awsglobalaccelerator.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.3 cache-control private access-control-allow-credentials true access-control-allow-origin https://paint.toys content-length 0 date Wed, 04 Dec 2024 05:42:12 GMT content-type application/json server Kestrel access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
POST		auction tlx.3lift.com/header/	0 0
GET		fastlane.json fastlane.rubiconproject.com/a/api/	0 0
GET		fastlane.json fastlane.rubiconproject.com/a/api/	0 0
GET		fastlane.json fastlane.rubiconproject.com/a/api/	0 0
GET		fastlane.json fastlane.rubiconproject.com/a/api/	0 0
POST H3	200	pbjs Show response htlb.casalemedia.com/openrtb/	29 KB 11 KB	499ms 421ms	Fetch application/json	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/openrtb/pbjs?s=1031634 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db86c8578bf015697eb9b5a0ef4cab58bd1c03b1e5a48be0a9153ab690e33d7a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0N8pn8niZFF4t2lUz4jIlmJdF37RrvXhTHwkJc1j4bb%2B0WHp3XwiN%2FDDbTYMA34HoWHAH4%2FVTCr0mKoYupq3jz103V4bGmp6CYxRTOp%2BKxATcGTX36BJNKcgwOZ2Bhq4Dhu0h5j"}],"group":"cf-nel","max_age":604800} expires 0 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 04 Dec 2024 05:41:57 GMT content-type application/json vary Accept-Encoding priority u=1,i cache-control no-cache nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} pragma no-cache access-control-allow-credentials true cf-ray 8ec97865b9ee7d95-TLV access-control-allow-origin https://paint.toys server cloudflare
POST		hb-multi hb.yellowblue.io/	0 0
GET		imp g2.gumgum.com/hbid/	0 0
GET		imp g2.gumgum.com/hbid/	0 0
GET		imp g2.gumgum.com/hbid/	0 0
GET		imp g2.gumgum.com/hbid/	0 0
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	473 B 2 KB	3503ms 220ms	Fetch application/json	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 637b63a78707f95ac22870eb52e3e7bc90f901d75514a108873f1f0815063eac Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 31.187.78.40; 31.187.78.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin https://paint.toys an-x-request-uuid 3ff13f8e-b6b0-4b1c-b08b-772f758f67c9 content-length 473 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 04 Dec 2024 05:42:00 GMT x-xss-protection 0 content-type application/json; charset=utf-8 server nginx/1.23.4
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 109 B	1433ms 143ms	Fetch	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate access-control-allow-origin https://paint.toys date Wed, 04 Dec 2024 05:41:57 GMT access-control-allow-credentials true
POST		prebidjs rtb.openx.net/openrtbb/	0 0
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	438 B 640 B	576ms 292ms	Fetch application/json	3.126.92.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-92-214.eu-central-1.compute.amazonaws.com Software / Resource Hash d15afb49fe2e237b91547d1fdd2f9e315a7e03008e74e5082f88ba0aa6b611ae Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.5 strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys content-encoding gzip content-length 284 content-type application/json; charset=utf-8 access-control-allow-credentials true
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	829 B 821 B	479ms 196ms	Fetch application/json	3.126.92.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-92-214.eu-central-1.compute.amazonaws.com Software / Resource Hash 28f989b82957d362e385b2b95c41d919d983d53964804965fad29f6f4c5964e3 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.5 strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys content-encoding gzip content-length 464 content-type application/json; charset=utf-8 access-control-allow-credentials true
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	544 B 695 B	538ms 253ms	Fetch application/json	3.126.92.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-92-214.eu-central-1.compute.amazonaws.com Software / Resource Hash 7b5b6053e67268a46d3b32b8678e31d98e72ae6fe60b88d4e9f654ab23b2fd70 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.5 strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys content-encoding gzip content-length 339 content-type application/json; charset=utf-8 access-control-allow-credentials true
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	571 B 711 B	530ms 246ms	Fetch application/json	3.126.92.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-92-214.eu-central-1.compute.amazonaws.com Software / Resource Hash 60cd026224ff3acac8a82163bf17eb0e6d661fa2f1c22e0d209db672b0cb4253 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.5 strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys content-encoding gzip content-length 355 content-type application/json; charset=utf-8 access-control-allow-credentials true
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	545 B 745 B	512ms 229ms	Fetch application/json	3.126.92.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-92-214.eu-central-1.compute.amazonaws.com Software / Resource Hash b484cdf8ce13c81d8bfe52674dfea47e6dd701c4e4b9fd925e45c80c1fe62c62 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.5 strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys content-encoding gzip content-length 389 content-type application/json; charset=utf-8 access-control-allow-credentials true
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	620 B 773 B	525ms 243ms	Fetch application/json	3.126.92.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-92-214.eu-central-1.compute.amazonaws.com Software / Resource Hash 5ed31bd86ea11065c88de8b44d64a35c22f29a1fe3d3e1bcbd1f2f86694d55a9 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.5 strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys content-encoding gzip content-length 417 content-type application/json; charset=utf-8 access-control-allow-credentials true
POST		hbjson grid.bidswitch.net/	0 0
POST H2	200	map Show response bcp.crwdcntrl.net/6/	156 B 528 B	15933ms 195ms	XHR application/json	63.32.148.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.148.48 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-148-48.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 8c57822e90f390c65a952bacd647b8c838e30e157d853c0e0462a865c26b1197 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers cache-control no-cache pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV content-length 156 date Wed, 04 Dec 2024 05:42:12 GMT content-type application/json;charset=utf-8 x-server 10.45.0.15 server Jetty(9.4.38.v20210224)
POST H2	200	map Show response bcp.crwdcntrl.net/6/	115 B 487 B	15918ms 231ms	XHR application/json	63.32.148.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/17138/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.148.48 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-148-48.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 67b82fd15d97069f154b08e2c0158e50daa04ccd096bf73b80d0e08008c1c762 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers cache-control no-cache pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV content-length 115 date Wed, 04 Dec 2024 05:42:12 GMT content-type application/json;charset=utf-8 x-server 10.45.15.19 server Jetty(9.4.38.v20210224)
GET H2	200	j Show response rp.liadm.com/ Redirect Chain https://rp.liadm.com/j?dtstmp=1733290917020&did=did-0046&se=e30&duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&refr=https%3A%2F%2Fxwsfe.lixi... https://rp.liadm.com/j?dtstmp=1733290917020&did=did-0046&se=e30&duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&refr=https%3A%2F%2Fxwsfe.lixi...	13 B 378 B	202ms 202ms	Fetch application/json	52.54.248.128 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rp.liadm.com/j?dtstmp=1733290917020&did=did-0046&se=e30&duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&refr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&cd=.paint.toys&n3pc=true Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 52.54.248.128 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-54-248-128.compute-1.amazonaws.com Software / Resource Hash efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-pixel-event-id e7b7bb00-9590-42ff-b0cf-5e48a0fccc47 access-control-max-age 86400 access-control-expose-headers * access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin https://paint.toys content-length 13 date Wed, 04 Dec 2024 05:41:58 GMT content-type application/json Redirect headers access-control-max-age 86400 access-control-expose-headers * location /j?dtstmp=1733290917020&did=did-0046&se=e30&duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&refr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&cd=.paint.toys&n3pc=true access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin https://paint.toys content-length 0 date Wed, 04 Dec 2024 05:41:57 GMT
GET H2	200	launcher.min.js Show response secure.cdn.fastclick.net/js/cnvr-launcher/latest/	49 KB 17 KB	153ms 153ms	Script application/javascript	2.23.78.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-23-78-67.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "c4b6-5e920545406d3-gzip" expires Wed, 04 Dec 2024 05:56:57 GMT accept-ranges bytes content-length 17042 date Wed, 04 Dec 2024 05:41:57 GMT last-modified Tue, 20 Sep 2022 18:52:26 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H/1.1	200 OK	iu3 aax-eu.amazon-adsystem.com/s/ Frame AE7F Redirect Chain https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-Beeswax_ox-db5_n-inmobi_n-sharethrough_pm-db5_ym_rbd_n-nativo_n-Rise_3lift_n-Outbrain https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-Beeswax_ox-db5_n-inmobi_n-sharethrough_pm-db5_ym_rbd_n-nativo_n-Rise_3lift_n-Outbrain&dcc=t	0 0	290ms 289ms	Document text/html	52.95.115.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-Beeswax_ox-db5_n-inmobi_n-sharethrough_pm-db5_ym_rbd_n-nativo_n-Rise_3lift_n-Outbrain&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 385 Content-Type text/html;charset=ISO-8859-1 Date Wed, 04 Dec 2024 05:41:59 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid DH2ESJXV6KYERSCJRTHF Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Wed, 04 Dec 2024 05:41:58 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-Beeswax_ox-db5_n-inmobi_n-sharethrough_pm-db5_ym_rbd_n-nativo_n-Rise_3lift_n-Outbrain&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid ZSAAR073F476PD2XXNZP
GET H2	200	launcher Show response proc.ad.cpe.dotomi.com/cvx/client/direct/	190 B 459 B	397ms 120ms	XHR application/json	63.215.202.146 VCLK-EU-SE Conver...
General Check archive.org Show headers Download Go to Full URL https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681 Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US), Reverse DNS ams01-convex-float1.dotomi.com Software nginx / Resource Hash 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=1800 accept-ch Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness access-control-allow-credentials true expires Wed, 04 Dec 2024 06:11:57 GMT access-control-allow-origin https://paint.toys content-length 190 date Wed, 04 Dec 2024 05:41:57 GMT content-type application/json vary Origin server nginx
GET H2	200	bounce Show response id5-sync.com/	29 B 446 B	2203ms 180ms	Fetch text/plain	162.19.138.120 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/bounce Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533571.ip-162-19-138.eu Software / Resource Hash aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin https://paint.toys p3p CP="CAO PSA OUR" date Wed, 04 Dec 2024 05:41:59 GMT content-type text/plain;charset=utf-8 vary Origin
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	45 B 282 B	1660ms 131ms	Fetch application/json	162.19.138.117 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash 5fee88df78a6c7689a73c97229844c22e8ebac5442007360f5cd4f6a68d3ef82 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Wed, 04 Dec 2024 05:41:58 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	67 B 59 B	128ms 127ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpaint.toys%2Foil%2F Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Wed, 04 Dec 2024 05:41:57 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 35 date Wed, 04 Dec 2024 05:41:57 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	coreid.min.js Show response secure.cdn.fastclick.net/js/cnvr-coreid/latest/	229 KB 66 KB	135ms 134ms	Script application/javascript	2.23.78.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-23-78-67.deploy.static.akamaitechnologies.com Software Apache / Resource Hash eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "394d0-60864a57eaadc-gzip" expires Wed, 04 Dec 2024 05:56:57 GMT accept-ranges bytes content-length 67550 date Wed, 04 Dec 2024 05:41:57 GMT last-modified Mon, 23 Oct 2023 16:23:46 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H3	200	px.gif Show response bt.dns-finder.com/	43 B 1 KB	156ms 78ms	Fetch image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bt.dns-finder.com/px.gif Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-goog-metageneration 2 x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== cf-cache-status HIT etag "ad4b0f606e0f8465bc4c4c170b37e1a3" age 3261 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjqsC8VbHHsrAAnwbQBoOSMSGsEOBtATaf4FT3b4bZaufjQUI0jVKaE05qYS8ftZReC1cJCPxC%2Fu2oQcI4SDsH0ihEQTBWYw%2Fl5bKsJFbXlyA87Fb6L%2B2BnT7Zqz3BmQL2UCWg%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Wed, 04 Dec 2024 05:35:06 GMT alt-svc h3=":443"; ma=86400 x-goog-stored-content-length 43 server-timing cfL4;desc="?proto=QUIC&rtt=64396&min_rtt=64357&rtt_var=24161&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4067&recv_bytes=4252&delivery_rate=52010&cwnd=12000&unsent_bytes=0&cid=7496d1222f3ab3c9&ts=81&x=1", cfHdrFlush;dur=0 date Wed, 04 Dec 2024 05:41:58 GMT content-type image/gif last-modified Fri, 19 Jul 2024 16:36:17 GMT vary Accept-Encoding x-guploader-uploadid AFiumC62DCQrK56tiHeG6JZcGPwtYuUgqwJ_uTxChzEA9fqNmqGT_mEp3SFv20nhi6dGl2DqF-sLmm7BmA cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class STANDARD cf-ray 8ec978730e82c22c-TLV accept-ranges bytes x-goog-generation 1721406977485562 content-length 43 server cloudflare
GET H2	200	px.gif ad-delivery.net/	43 B 481 B	622ms 126ms	Image image/gif	172.67.69.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-goog-metageneration 5 access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== cf-cache-status HIT etag "ad4b0f606e0f8465bc4c4c170b37e1a3" age 688388 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HxD4CuSzD%2BddNQVyTgmqWDhfqaaN3Kx%2BwDD3a8MJGn3lWHZU6gGjvoOIBe9X35r%2Fyv0HE5EDVSzgw1zxKN5lg8oG9IGc421MOoNMG3L%2BaAdJof9NwYQwZ%2BF6giTCK6Zag%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Tue, 26 Nov 2024 06:43:11 GMT server-timing cfL4;desc="?proto=TCP&rtt=56401&min_rtt=56257&rtt_var=21199&sent=10&recv=9&lost=0&retrans=0&sent_bytes=5126&recv_bytes=2328&delivery_rate=68684&cwnd=252&unsent_bytes=0&cid=12dd5c4d39755c1b&ts=129&x=0" x-goog-stored-content-length 43 date Wed, 04 Dec 2024 05:41:59 GMT content-type image/gif last-modified Wed, 05 May 2021 19:25:32 GMT vary Accept-Encoding x-guploader-uploadid AFiumC7RA-H9DGZHEfpbeAGdy2ORzEL87tonY_T1X3L9G2Cl6ME0kkMjzXSFQRtTGat1Tzz6PZM cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8ec97875cd6bdbda-FRA accept-ranges bytes access-control-allow-origin * x-goog-generation 1620242732037093 content-length 43 server cloudflare
GET H3	200	favicon.ico ad.doubleclick.net/	1 KB 130 B	241ms 116ms	Image image/x-icon	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip age 69218 report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} x-content-type-options nosniff expires Wed, 04 Dec 2024 10:28:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 10:28:20 GMT last-modified Tue, 08 May 2012 13:08:06 GMT content-type image/x-icon vary Accept-Encoding cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" content-length 104 x-xss-protection 0 server sffe
GET H2	200	px.gif ad-delivery.net/	43 B 1 KB	621ms 125ms	Image image/gif	172.67.69.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.5367773583833293 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-goog-metageneration 5 access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== cf-cache-status HIT etag "ad4b0f606e0f8465bc4c4c170b37e1a3" age 688388 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCQGt%2BPS1D%2BEYifZYejFzmdAV0zEdHYIyXXgZa22IRenwE4POR9qhLwGh%2FHUvwvr2nR2bRd1cSStWsTBPQfT6sTj1m3S97w0LHevepUeImwiNKfg9%2BFmMyvle9xfOioBqA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Tue, 26 Nov 2024 06:43:11 GMT server-timing cfL4;desc="?proto=TCP&rtt=56401&min_rtt=56257&rtt_var=21199&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3995&recv_bytes=2328&delivery_rate=68684&cwnd=252&unsent_bytes=0&cid=12dd5c4d39755c1b&ts=128&x=0" x-goog-stored-content-length 43 date Wed, 04 Dec 2024 05:41:59 GMT content-type image/gif last-modified Wed, 05 May 2021 19:25:32 GMT vary Accept-Encoding x-guploader-uploadid AFiumC7RA-H9DGZHEfpbeAGdy2ORzEL87tonY_T1X3L9G2Cl6ME0kkMjzXSFQRtTGat1Tzz6PZM cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8ec97875cd6cdbda-FRA accept-ranges bytes access-control-allow-origin * x-goog-generation 1620242732037093 content-length 43 server cloudflare
GET H2	200	AGSKWxW5cD0mkTEiWKpYKq4QwsJt3Csnx5nfRf0fkfemopgXUfDbyPafKFf39R8W9U4Wsj-lqMooChgLq9XCSUcVN1tSNhSrJFAhqaatJP7BpWuF-egsnIaQz9CejLKOIj9EtThsEEVC2g== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	147ms 146ms	Script application/javascript	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxW5cD0mkTEiWKpYKq4QwsJt3Csnx5nfRf0fkfemopgXUfDbyPafKFf39R8W9U4Wsj-lqMooChgLq9XCSUcVN1tSNhSrJFAhqaatJP7BpWuF-egsnIaQz9CejLKOIj9EtThsEEVC2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMjkwOTE5LDI2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCIyMnlleUdWZ3k0ayJdLFs5LCJpdyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash f115b06374d49f6273129690c4bf0e14e0aa4ce70d3065a22a139270c4341eab Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2eAOwcSrd9YaiBW3bVRXZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:41:59 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIh2P59f272AROTFm2mFFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxBBI6BmYxBcYAADfez1m" content-security-policy script-src 'report-sample' 'nonce-2eAOwcSrd9YaiBW3bVRXZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame D1F5	0 0	353ms 117ms	Document text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 2048 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 28994 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 04 Dec 2024 05:07:51 GMT expires Wed, 04 Dec 2024 05:57:51 GMT last-modified Mon, 18 Nov 2024 20:43:40 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	314ms 138ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers etag 96161c00fc10ad819c09e1314f0ae5b4 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1213 date Wed, 04 Dec 2024 05:41:59 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 14 Nov 2024 17:54:21 GMT server Google Frontend x-cloud-trace-context 20f6b8aca721fda919c99949cedb9206
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	235ms 70ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-goog-metageneration 1 content-encoding gzip x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== etag "df5542b88bc0e368c6999754a5b9e2ba" age 25440 x-goog-stored-content-encoding gzip expires Wed, 03 Dec 2025 22:37:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 7927 date Tue, 03 Dec 2024 22:37:59 GMT last-modified Thu, 27 May 2021 18:30:51 GMT content-type application/javascript x-guploader-uploadid AFiumC6oU11l6HihMaaf4oVRG_PLj4M4U_7TozylqPU2gjN11t75hs1VPSseYdEJhjgU--91w7iqSLpU1w cache-control no-transform x-goog-storage-class MULTI_REGIONAL accept-ranges bytes x-goog-generation 1622140251693895 content-length 7927 server UploadServer
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	423ms 150ms	Script text/javascript	178.250.1.3 ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software nginx / Resource Hash 1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=86400, public timing-allow-origin * content-encoding gzip etag W/"670e3454-a69c" cross-origin-resource-policy cross-origin expires Thu, 05 Dec 2024 05:41:59 GMT access-control-allow-origin * date Wed, 04 Dec 2024 05:41:59 GMT content-type text/javascript last-modified Tue, 15 Oct 2024 09:22:28 GMT server nginx
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	30 KB 3 KB	577ms 577ms	Fetch text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4175051212462116&correlator=3977483772075606&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&gdpr=0&iu_parts=154013155%2C1024872%2C74068%2Cpublisher%3A1024872-website%3A74068-160x600%2Cpublisher%3A1024872-website%3A74068-160x600-CP%2Cpublisher%3A1024872-website%3A74068-160x600-CP-160x600&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=160x600%7C120x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1733290919281&lmt=1733290919&adxs=20&adys=614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=https%3A%2F%2Fxwsfe.lixiuding.com%2F&vis=1&psz=180x1096&msz=160x-1&fws=4&ohw=180&td=1&egid=56214&tan=f342ec31-dfb6-468d-a204-ff1651257af2&tdf=2&topics=9&tps=9&htps=10&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGOuKwoG5MkgAUgIIZBIUCgVvcGVueBjrisKBuTJIAFICCGQSFwoIcnRiaG91c2UY64rCgbkySABSAghk&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733290914042&idt=1539&prev_scp=pos%3Datf%26slot_id%3Dpw-160x600_atf%26refresh%3Dfalse%26amazonBid%3Dtrue%26custom_path%3D160x600%26lld_id%3Df5d37b5e2c4f4ccd9fbce72e21bb0a2e90916530%26price_floor%3Dna%26amznbid%3Dgbm8lc%26amznp%3Dioiscg%26amzniid%3DJJarVaihSjmL13Hzp55LCDMAAAGTkDB9zgMAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICA-BneG%26hb_format_ix%3Dbanner%26hb_size_ix%3D160x600%26hb_pb_ix%3D0.13%26hb_adid_ix%3D1152370185bbc67f%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.13%26hb_adid%3D1152370185bbc67f%26hb_bidder%3Dix%26bid_type%3Dclient&cust_params=pf_src%3Dml%26li-module-enabled%3Dt1-e0%26salad%3Dchef%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_casual%26referrer%3Dhttps%253A%252F%252Fxwsfe.lixiuding.com%252F%26tyche_code%3D4.12.3%26pageos_code%3D1.12.2%26hour%3D7%26day%3DWednesday%26referrer_domain%3Dxwsfe.lixiuding.com%26OS%3DLinux%2520null%26browser%3DChrome%2520131%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26website_id%3D74068%26refresh_count%3D0%26tyche_version%3D4.12.3%26ab_test%3Dna_A%26ad_clicker%3Dfalse%26page_focus%3Dtrue&adks=2747221344&frm=20&eoidce=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash d8651ac2ff2a365adcac5ce336789bea11fa34b421234aa3681f3b6e684d614b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding dcb google-lineitem-id 6065409265 observe-browsing-topics ?1 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Wed, 04 Dec 2024 05:41:59 GMT content-type text/plain; charset=UTF-8 google-creative-id 138398280168 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://paint.toys content-length 3305 x-xss-protection 0 server cafe
GET		container.html 0bf235370ef5c1cb1c1acd0d27549b75.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4EA2	0 0
GET H2	200	country Show response api.btloader.com/	36 B 152 B	359ms 216ms	Fetch application/json	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country?o=5150306120761344 Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 70fee922218a67fda3635615f2b1e7d2af2b1832cdd6df452759672368312351 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36 date Wed, 04 Dec 2024 05:41:59 GMT content-type application/json vary Origin
GET H2	200	AGSKWxV8k0qO20ZLDeVmX_KDgDGlqoszant-eBFGGSJKabmYGIHiezyCcZ_sgswwOLOQo0TVhKWq7SEzXNy1Avh8tVwDlRjdDHv46u4KReVDpff7ZAe18JCJbxlZivZ-JRPEae42oUJMtQ== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	152ms 152ms	Script application/javascript	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxV8k0qO20ZLDeVmX_KDgDGlqoszant-eBFGGSJKabmYGIHiezyCcZ_sgswwOLOQo0TVhKWq7SEzXNy1Avh8tVwDlRjdDHv46u4KReVDpff7ZAe18JCJbxlZivZ-JRPEae42oUJMtQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMjkwOTE5LDQyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGFpbnQudG95cy9vaWwvIixudWxsLFtbOCwiMjJ5ZXlHVmd5NGsiXSxbOSwiaXciXSxbMTksIjIiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash a4675b3f3c5584d8d49ead0cbcd6bb8c0e8075e5abd0129098005291601709aa Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vKYcm0ziBLhAhfyHPvdLPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:41:59 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw15BiUAzbySTx9SWTBhA7pc9gDQLi1pvnWKcCcdK_86xFQGyocInVEYSLLrF6ArFqzyVWUyC-v-4S63MgnnH-MusCIC6SuMLaBMQMX6-wcgCxEA_H8uv7d7EJdOzb9YlRSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMQQSOgZmMQXGAAAnKg-3g" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vKYcm0ziBLhAhfyHPvdLPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	204	pv Show response api.btloader.com/	0 128 B	316ms 214ms	XHR text/plain	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=6k8Lrgy6R2-1hV93tZl-939030836e&w=5096819819806720&o=5150306120761344&cv=2.1.66&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=1wymjdj1-27sSG3YrtI-939030836e&pm=true&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers via 1.1 google access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:41:59 GMT vary Origin
POST H2	200	fb87a4ea41 Show response cd836371f1d.cdn.intergient.com/	0 96 B	631ms 120ms	XHR application/octet-stream	3.73.242.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cd836371f1d.cdn.intergient.com/fb87a4ea41 Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-242-72.eu-central-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers access-control-allow-origin * date Wed, 04 Dec 2024 05:42:00 GMT content-type application/octet-stream server nginx/1.24.0
POST H2	200	encrypt Show response esp.rtbhouse.com/	201 B 465 B	1345ms 203ms	Fetch application/json	35.190.39.111 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://esp.rtbhouse.com/encrypt Requested by Host: invstatic101.creativecdn.com URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 111.39.190.35.bc.googleusercontent.com Software Google Frontend / Resource Hash 9afe04922bb8e8ed651615b2a16ff70cb21e3ce19bb96014abbe36e135b44465 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-allow-credentials true access-control-allow-methods POST via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 201 date Wed, 04 Dec 2024 05:42:00 GMT content-type application/json x-cloud-trace-context c22016a96dd4aa25016ba88b2580baf8 server Google Frontend access-control-allow-headers X-Requested-With
GET H2	200	syncframe gum.criteo.com/ Frame 7652	0 0	1674ms 129ms	Document text/html	178.250.1.11 ASN-CRITEO-EUROPE...
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent= Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 04 Dec 2024 05:42:01 GMT server Kestrel server-processing-duration-in-ticks 371434 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 5D8B	0 0	129ms 129ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvADY95etvP5QrCzAE5fZzq1FQCwc7WNvUmxPEfo7ucL1XnnEDENNxPY5hSSRZ1RKXH-F8GMn5RmlhyHV8hge4dXlK9vdxWR-NlcO1VtNcl8jcswhrSKxox5gfZ2ADg1OaSjRH4T21zG_FIq6nG-qNLylqW4qfiovjdw907T71kd2yvQABSWB9z1H5tXv6K6zaI6l386F-m4GnOx3-wioO28AJolajioxtYNEsbBoKm4epAkKFRzwXJF6_z5C_WDTBZ33SvxWgef67-cKnhwhgb6FQmyul1d7RJSmOBW2Mf3HlaGtGNgnRhqVjf6opKDsZyvwI2QUm5KdUIc1Nxo_KpqzMeDsMlos0RVcTwlPA5EbkXMNQdyyD73hcenCxYP4bdgTqaxY7GARzmJPHkNqsUmfXBj6I7zsTb0GYD_SHKD1d1nQmB7aGSkb5SPfeupk9gpBhTlfOl9FmXuli-HS6AXcp3io3pHPmIwbDMmkgMn5OCO9OUcNw-JXaCrScrD6_FSIetDrQTyAgS-4eyanbAz0Cm5VrZMa2V4P9DSuMRhvzoTmuChwi50sPS9-rGvwyOO45ONZWprbJLylO-WWKkCTdW&sai=AMfl-YSxZx1B0AzIJ-wopeHTauJl1sVd-7ZpvrC_I1gcRQUuuxs35ClI4FMTYCnZhpKfITphYgL5zYYmHKkFBmh8L6KpFfxQkIVO0JkU-hVCgKoWMosIwSvPcPGUmOQS01zgbNeHUJ-WzEiMfleumR6V&sig=Cg0ArKJSzOCh7AUiqH_kEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: xwsfe.lixiuding.com URL: https://xwsfe.lixiuding.com/upoeeyegpRN01sdU5DdDFkeXRmUXZDWk8zdEUtMzY1LTI2NzY5MDU2LTBkYWIwMjQ4LTY1MC0yVTJ4TGtySjNJdFczZ1RRcHdxZw/89zn2jxbiu5/uclpie Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Wed, 04 Dec 2024 05:42:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Wed, 04 Dec 2024 05:42:00 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5D8B	217 KB 67 KB	346ms 115ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br etag 12158714353530318320 age 2463 x-content-type-options nosniff expires Wed, 04 Dec 2024 06:00:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Wed, 04 Dec 2024 05:00:57 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=ISO-8859-1 vary Accept-Encoding cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 69014 x-xss-protection 0 server cafe
GET H2	200	ixmatch.html js-sec.indexww.com/um/ Frame 1922	0 0	207ms 71ms	Document text/html	104.18.24.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 1013 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 8ec9787acfbb7d95-TLV content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 04 Dec 2024 05:42:00 GMT expires Wed, 04 Dec 2024 09:42:00 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 1EAA	0 0	120ms 119ms	Document text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=68021 content-encoding gzip content-length 6694 content-type text/html date Wed, 04 Dec 2024 05:42:00 GMT expires Thu, 05 Dec 2024 00:35:41 GMT last-modified Wed, 13 Nov 2024 05:14:24 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
POST H2	200	prebid Show response id5-sync.com/api/config/	194 B 658 B	121ms 120ms	Fetch application/json	162.19.138.120 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/config/prebid Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533571.ip-162-19-138.eu Software / Resource Hash 1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys p3p CP="CAO PSA OUR" date Wed, 04 Dec 2024 05:41:59 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin access-control-allow-credentials true
GET		f fid.agkn.com/	0 0
GET		envelope lexicon.33across.com/v1/	0 0
GET H2	204	any Show response idx.liadm.com/idex/did-0046/	0 0	0ms 0ms	Fetch	3.221.57.175 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01je830yn6eq1cdkc9pt0hzxe0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.221.57.175 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-221-57-175.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control max-age=3599, private trace-id f7baf44cb363c670 request-time 0 access-control-allow-credentials true expires Wed, 04 Dec 2024 06:41:58 GMT access-control-allow-origin https://paint.toys date Wed, 04 Dec 2024 05:41:58 GMT vary Origin
GET H2	204	v1 match.sharethrough.com/sync/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=107ea66a-bab7-44dd-982f-f7f182784c4b&gdpr=0&gdpr_consent=	0 58 B	131ms 123ms	Image text/plain	18.184.206.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=107ea66a-bab7-44dd-982f-f7f182784c4b&gdpr=0&gdpr_consent= Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-206-66.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; Redirect headers location https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=107ea66a-bab7-44dd-982f-f7f182784c4b&gdpr=0&gdpr_consent= content-length 323 date Wed, 04 Dec 2024 05:42:00 GMT server Kestrel
GET H2	204	v1 match.sharethrough.com/sync/ Redirect Chain https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D0e8893f90b606c9c5d33f1be%26gdpr%3D0%26gdpr_consent%3D%26source_user_id%3D%24UID https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7551551670186111864	0 57 B	624ms 124ms	Image text/plain	18.184.206.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7551551670186111864 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-206-66.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; Redirect headers cache-control no-store, no-cache, private location https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7551551670186111864 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 31.187.78.40; 31.187.78.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 098193ee-f047-4690-8576-5f9088584e60 content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 04 Dec 2024 05:42:00 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET		cksync.php hb.yahoo.net/	0 0
GET H2	204	v1 match.sharethrough.com/sync/ Redirect Chain https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D&s=2 https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=eNStYVT86ZZFQe4Ejw_H	0 58 B	369ms 127ms	Image text/plain	18.184.206.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=eNStYVT86ZZFQe4Ejw_H Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-206-66.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; Redirect headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, no-store, must-revalidate location https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=eNStYVT86ZZFQe4Ejw_H pragma no-cache expires Thu, 01 Dec 1994 16:00:00 GMT content-length 136 p3p CP="We do not support P3P header." date Wed, 04 Dec 2024 05:42:16 GMT content-type text/html; charset=utf-8
GET H2	204	v1 match.sharethrough.com/sync/ Redirect Chain https://cs.admanmedia.com/c01d0246d79eba64b8a7cca07e5b7dc7.gif?puid=4db898e3-65a2-4171-8917-dbb464e7414a&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DqU... https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=b57423c7-5334-49b4-9086-811c72a47c1d&gdpr=0&gdpr_consent=	0 57 B	126ms 124ms	Image text/plain	18.184.206.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=b57423c7-5334-49b4-9086-811c72a47c1d&gdpr=0&gdpr_consent= Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-206-66.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; Redirect headers Cache-Control no-cache, no-store, must-revalidate Location https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=b57423c7-5334-49b4-9086-811c72a47c1d&gdpr=0&gdpr_consent= Pragma no-cache Connection keep-alive Expires 0 Content-Length 0 Date Wed, 04 Dec 2024 05:42:01 GMT Server nginx
POST H2	200	v3 Show response id5-sync.com/gm/	699 B 1 KB	128ms 126ms	XHR application/json	162.19.138.120 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/gm/v3 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533571.ip-162-19-138.eu Software / Resource Hash 741aae0b8ebdd688c0a1ba3b4ae5806baeb4d420424e44f7b5ba40afa32318cc Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin https://paint.toys p3p CP="CAO PSA OUR" date Wed, 04 Dec 2024 05:42:00 GMT content-type application/json vary Origin
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	45 B 281 B	130ms 129ms	Fetch application/json	162.19.138.117 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash 9f9dbfcd4fb2af496634428af41af3ddd9ca4d3dfbe47266764f767ea169168e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Wed, 04 Dec 2024 05:41:59 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	45 B 281 B	151ms 128ms	Fetch application/json	162.19.138.117 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash b368f5db3c69d5dd7c79aaf56513dafe6a2fd4014cb7baa673eb2d5275fb61f2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Wed, 04 Dec 2024 05:42:00 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H/1.1	204 No Content	token token.rubiconproject.com/ Redirect Chain https://id5-sync.com/i/483/8.gif?o=api&id5id=ID5*_37K2BAsbB9Iw0v3jXue_lq9vkrnCo8WT3FlNxap0VXfUbnHFKnoDe1ENRINEp4b&gdpr_consent=undefined&gdpr=false https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= https://id5-sync.com/k/264.gif?puid=fd7ee5f2-b88e-4a53-a721-f2386a0ec639&ttl=%%TTL%% https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/483/19/6/3.gif?puid=${profile_id}&gdpr=0&gdpr_consent= https://id5-sync.com/c/483/19/6/3.gif?puid=86a19f2a8da1a88a71d64536bce8a0dd&gdpr=0&gdpr_consent= https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=	0 1 KB	1511ms 124ms	Image text/plain	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost ba134c4441b6cdf8ef9f5e0539a8ef3e Pragma no-cache Redirect headers strict-transport-security max-age=63072000; includeSubDomains; preload location https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= p3p CP="CAO PSA OUR" date Wed, 04 Dec 2024 05:42:00 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	483.json Show response id5-sync.com/g/v2/	631 B 1 KB	121ms 120ms	Fetch application/json	162.19.138.120 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/483.json Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533571.ip-162-19-138.eu Software / Resource Hash dfd77fd583a25f0901f02296d0cc6d6ea7a82e88dd042d1fb1782f97933ee661 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin https://paint.toys p3p CP="CAO PSA OUR" date Wed, 04 Dec 2024 05:42:00 GMT content-type application/json vary Origin
POST H2	200	483.json Show response id5-sync.com/g/v2/	631 B 1 KB	123ms 121ms	Fetch application/json	162.19.138.120 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/483.json Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns31533571.ip-162-19-138.eu Software / Resource Hash ab19e961232b4974956cfbd5c4040ace5d912aa376cb2877f081a778e3f6c529 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin https://paint.toys p3p CP="CAO PSA OUR" date Wed, 04 Dec 2024 05:42:00 GMT content-type application/json vary Origin
GET H3	200	getads. Show response fundingchoicesmessages.google.com/f/AGSKWxXXmIadI9jrmaxFwDj52qFl9ix5_Vlfm_zN4VxTcLWcEaxPiEX-9ascHoU9JSmZunHiIISPBrx01HLzsdMC275zxEhnvH2oM5-b8f79sxOYddK_0zAnkTJVAAy5yZqMnFqmuL9HvYg4rZzzdEGnV02x9fVWH...	54 B 109 B	129ms 129ms	Script application/javascript	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXXmIadI9jrmaxFwDj52qFl9ix5_Vlfm_zN4VxTcLWcEaxPiEX-9ascHoU9JSmZunHiIISPBrx01HLzsdMC275zxEhnvH2oM5-b8f79sxOYddK_0zAnkTJVAAy5yZqMnFqmuL9HvYg4rZzzdEGnV02x9fVWHG9HuSoDNRqV2__3gtZ5nZgBwY5JY8fR/_/baseAd._advert_label./Disable%2BAdblock./aderlee_ads./getads. Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3RUd6ZA2MSfhVPtrLslHDn860zg/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash ffb2754ebe73021ac08010b63e3b4372549f0874574764eeaf61837316fbac1f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-N37o6FGuukZ8ZoW3cKj0Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:00 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIh2PF9f272AQmTJ23mFFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxBBI6BmYxBcYAADQIj0h" content-security-policy script-src 'report-sample' 'nonce-N37o6FGuukZ8ZoW3cKj0Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H3	200	show_companion_ad.js Show response pagead2.googlesyndication.com/pagead/	40 KB 15 KB	185ms 184ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3RUd6ZA2MSfhVPtrLslHDn860zg/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br etag 2157040660662159465 age 2989 x-content-type-options nosniff expires Wed, 04 Dec 2024 05:52:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Wed, 04 Dec 2024 04:52:11 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 15113 x-xss-protection 0 server cafe
POST H3	204	AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Show response fundingchoicesmessages.google.com/el/	0 28 B	256ms 128ms	XHR text/html	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9PminuRbXUjiPJA4zeHZPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBicEqfwRoCxAxfr7ByALEQD8eK6_t3sQksaN18j1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgCCT0D8_gCAwAigyZN" content-security-policy script-src 'report-sample' 'nonce-9PminuRbXUjiPJA4zeHZPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Show response fundingchoicesmessages.google.com/el/	0 28 B	131ms 131ms	XHR text/html	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wP2QbjRhD_-YSv6YotzBBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoCxAxfr7ByALEQD8eK6_t3sQns2L3_IaOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjEEEnoG5vEFBgA3Uyab" content-security-policy script-src 'report-sample' 'nonce-wP2QbjRhD_-YSv6YotzBBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5D8B	0 0	146ms 144ms	Fetch image/gif	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 04 Dec 2024 05:42:00 GMT x-xss-protection 0 content-type image/gif server cafe
GET H/1.1	200	admi aax-eu.amazon-adsystem.com/e/dtb/ Frame 9461	0 0	385ms 385ms	Document text/html	52.95.115.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=JJarVaihSjmL13Hzp55LCDMAAAGTkDB9zgMAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICA-BneG&rnd=671333766601733290919938&pp=gbm8lc&p=ioiscg Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control no-store, max-age=0 Connection keep-alive Content-Encoding gzip Content-Length 7042 Content-Type text/html;charset=UTF-8 Date Wed, 04 Dec 2024 05:42:00 GMT Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid Q65SEE3FPPYS6HNQEQDN
GET H2	200	csm_othersv6.js Show response c.amazon-adsystem.com/bao-csm/direct/ Frame 5D8B	53 KB 17 KB	119ms 119ms	Script application/javascript	13.224.196.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv6.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-140.fra2.r.cloudfront.net Software Server / Resource Hash dbd27b2debee9e9ead968ea96a78a1baec71fd87ebc6c0e06ce88efafc19a281 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-amz-version-id fNVIthOZ9Mc3RccRWaT8VIh8jpHiSdww etag faa2f8b7164daa9e35c611a97c7ccaec age 10259 x-cache Hit from cloudfront x-amz-cf-id EKY8VUKFvnCcuo2AjLdb7Qd_6EOsRj0mru90oTns38y2pgEmeLmssw== date Wed, 04 Dec 2024 02:51:00 GMT content-type application/javascript vary Accept-Encoding cache-control public, max-age=86400 via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) accept-ranges bytes x-amz-rid 0X7YJPGJD59Z2AFD7ZBS x-amz-cf-pop FRA2-C1 server Server x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated / Frame 5D8B	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 15ea7c4f074d5ffb4ff299732802d6a2ae1e407e6f9694f1b1dfc7731ca45cab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5D8B	0 0	123ms 122ms	Fetch image/gif	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 04 Dec 2024 05:42:00 GMT x-xss-protection 0 content-type image/gif server cafe
POST H3	204	AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Show response fundingchoicesmessages.google.com/el/	0 28 B	131ms 130ms	XHR text/html	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mrxXqqX_QClMsEXDiDuTFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoCxAxfr7ByALEQD8eK6_t3sQl0TDo0gUnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgCCT0D8_gCAwAJYyX5" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mrxXqqX_QClMsEXDiDuTFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Show response fundingchoicesmessages.google.com/el/	0 28 B	129ms 128ms	XHR text/html	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVBsL-TWF1VAr2k6GD3dW8E7VsaKAXTtvDe9VSXC-ZB688kWNkcCY_Jz269UdoB3BUdJl5E8mOJs2fnf6xPhhG_1_U0dnBHILMIBT7IH6t6c6AHhaanfQ-Ceaj0HfXXA9d2M09LFA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sF124srXmhkuVR2E52V4sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoCxAxfr7ByALEQD8eK6_t3sQl0_Js3gUnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgCCT0D8_gCAwAeVyZB" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sF124srXmhkuVR2E52V4sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
GET H3	200	AGSKWxWphJvm_7NH7fPe6GrFRKJpKUogdpYsulA0YY8hSJY6cyzhv3ZAeW3-cKd7oOsIUT99QUpv3hlnJzxFbLiJB_WmVwiPAnbkjzHWtB1q_GFvAmzmWdsoH94NH8apqD6QS70khmvXTg== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	139ms 138ms	Script application/javascript	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWphJvm_7NH7fPe6GrFRKJpKUogdpYsulA0YY8hSJY6cyzhv3ZAeW3-cKd7oOsIUT99QUpv3hlnJzxFbLiJB_WmVwiPAnbkjzHWtB1q_GFvAmzmWdsoH94NH8apqD6QS70khmvXTg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMjkwOTIwLDUwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCIyMnlleUdWZ3k0ayJdLFs5LCJpdyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash ce6c4324ac579f56b32fec414d1fdd02cbbccd0260ba7ea72bce05b7766b2d28 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UKUabatpUrMdcXHe3kBENg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:00 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw05BikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIh2PF9f272AQuzD03jUlJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxBBI6BmYxBcYAADgzT2I" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UKUabatpUrMdcXHe3kBENg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
POST H3	204	AGSKWxXgcOSWKWoTPYWsFwMn5Y25ATSWTvqV9qeTOUUtXOxgQhQOhagdPDEfkNdw-OeXiLa4a0I_0ao4mCzqsRmONaEntN25BUOH2BjIbPefDrBUZ2wupgVrzWYHKiRtWc7GuCYPtDN1-A== Show response fundingchoicesmessages.google.com/el/	0 28 B	130ms 130ms	XHR text/html	172.217.18.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXgcOSWKWoTPYWsFwMn5Y25ATSWTvqV9qeTOUUtXOxgQhQOhagdPDEfkNdw-OeXiLa4a0I_0ao4mCzqsRmONaEntN25BUOH2BjIbPefDrBUZ2wupgVrzWYHKiRtWc7GuCYPtDN1-A== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.22yeyGVgy4k.es5.O/am=DAY/d=1/rs=AJlcJMwXCK94EP_Jd8GtxF_HWFio6zsxIw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-izt9IN9enumykSAUrL9L6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBicEqfwRoCxAxfr7ByALEQD8eK6_t3sQkc6P51hUnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgCCT0D8_gCAwA7rSao" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-izt9IN9enumykSAUrL9L6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
GET H2	200	js Show response www.googletagmanager.com/gtag/	259 KB 92 KB	134ms 132ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je4bk0v9101576445za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash 4862a3fcefdbef92e3fb48ed199ef4673fcef1d7a61051d9738f803c346f6f12 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 04 Dec 2024 05:42:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:02 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 94211 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect www.google-analytics.com/g/	0 0	1395ms 126ms	Fetch text/plain	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4bk0v9101576445za200&_p=1733290914061&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485&cid=1729995609.1733290922&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733290922&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=9607 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://paint.toys cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:03 GMT content-type text/plain server Golfe2
POST H2	204	collect www.google-analytics.com/g/	0 0	1210ms 128ms	Fetch text/plain	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je4bk0v9102396898za200zb9101576445&_p=1733290914061&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485&cid=1729995609.1733290922&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733290922&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1733290914061&tfd=9793 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je4bk0v9101576445za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://paint.toys cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:03 GMT content-type text/plain server Golfe2
GET H2	200	%7B%22adCsm%22:[%7B%22tld%22:%22paint.toys%22%7D,%7B%22ns%22:1733290919901,%22st%22:%22596.40%22,%22re%22:%22718.80%22,%22ldTot%22:%22122.40%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.10%22,%22... aax.amazon-adsystem.com/x/px/JJarVaihSjmL13Hzp55LCDMAAAGTkDB9zgMAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICA-BneG/ Frame 5D8B	43 B 436 B	155ms 154ms	Image image/gif	18.245.52.164 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax.amazon-adsystem.com/x/px/JJarVaihSjmL13Hzp55LCDMAAAGTkDB9zgMAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICA-BneG/%7B%22adCsm%22:[%7B%22tld%22:%22paint.toys%22%7D,%7B%22ns%22:1733290919901,%22st%22:%22596.40%22,%22re%22:%22718.80%22,%22ldTot%22:%22122.40%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.10%22,%22ltpq%22:%220.10%22,%22lths%22:%220.20%22,%22ltpm%22:%220.20%22,%22ltdm%22:%220.30%22,%22ltdb%22:%220.10%22,%22ltpst%22:%220.20%22,%22csmTot%22:%220.40%22%7D],%22pixelId%22:%22zzijg3oe6yq%22,%22ts%22:1733290923125,%22ver%22:%22d-1.22%22%7D?cb=568010 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.52.164 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-52-164.fra56.r.cloudfront.net Software Server / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=47474747; includeSubDomains; preload cache-control no-cache content-encoding gzip pragma no-cache via 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront) x-amz-rid QTZ2K95VXDPQ7CG4VTMR x-cache Miss from cloudfront x-amz-cf-id 7N580nrsKVaiL_XpXZwEJdXZttYSHZ76xr45T8ReagN00PgcQwJfwA== date Wed, 04 Dec 2024 05:42:03 GMT content-type image/gif vary Accept-Encoding,User-Agent server Server x-amz-cf-pop FRA56-P9
GET H2	200	location Show response privacy-location-edge.ccgateway.net/privacy/	5 B 191 B	567ms 185ms	XHR text/plain	18.212.140.196 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://privacy-location-edge.ccgateway.net/privacy/location Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-212-140-196.compute-1.amazonaws.com Software / Resource Hash 1c55d9b826e8dfa994370e306ae8dc2e849f3e003381dc848a0b95f782c0c0e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers access-control-allow-origin * content-encoding gzip date Wed, 04 Dec 2024 05:42:04 GMT content-type text/plain; charset=utf-8 vary Accept-Encoding access-control-allow-credentials true
GET H2	200	classification Show response pogo.ccgateway.net/v1/p/5bb3e20859/	369 B 414 B	3699ms 253ms	XHR application/json	3.237.175.195 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pogo.ccgateway.net/v1/p/5bb3e20859/classification?url=https%3A%2F%2Fpaint.toys%2Foil%2F Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-237-175-195.compute-1.amazonaws.com Software / Resource Hash d81189b1d8c1ab9ccbf5e46b4b69123228de61922c239efd0b8fee5a6c16d63f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers access-control-allow-origin https://paint.toys content-encoding gzip date Wed, 04 Dec 2024 05:42:07 GMT content-type application/json vary Origin, Accept-Encoding access-control-allow-credentials true
GET H2	200	userId Show response script-api.ccgateway.net/1/	446 B 705 B	222ms 192ms	Script text/javascript	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script-api.ccgateway.net/1/userId Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash fca82e89bd7eaf971649bab27cba65e40e0534a701f8b17d966c2ac2b04ebb7a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private,max-age=3156000 content-encoding gzip date Wed, 04 Dec 2024 05:42:04 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	user.js Show response script-api.ccgateway.net/script/launcher/2/	2 KB 677 B	223ms 193ms	Script text/javascript	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script-api.ccgateway.net/script/launcher/2/user.js Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private,max-age=604800 content-encoding gzip date Wed, 04 Dec 2024 05:42:04 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	customevents.js Show response script-api.ccgateway.net/script/launcher/1/	5 KB 2 KB	219ms 189ms	Script text/javascript	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script-api.ccgateway.net/script/launcher/1/customevents.js Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash 04c94ecaae50f713607dd45d40c5756d0e6a9e58c6398433ac098bc9bee89f5d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private,max-age=604800 content-encoding gzip date Wed, 04 Dec 2024 05:42:04 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	api.js Show response script-api.ccgateway.net/script/launcher/5/	5 KB 2 KB	218ms 188ms	Script text/javascript	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script-api.ccgateway.net/script/launcher/5/api.js Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash 67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private,max-age=604800 content-encoding gzip date Wed, 04 Dec 2024 05:42:04 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	setUser Show response script-api.ccgateway.net/	0 360 B	189ms 188ms	Script text/javascript	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script-api.ccgateway.net/setUser?parent=5bb3e20859&site=paint.toys&ccuid=aec58db4-bdec-490b-816a-b78073998fee&ccsid=7f08e8f8-8cd0-4415-8fe0-e2917d926ac1 Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private,max-age=300 content-length 0 date Wed, 04 Dec 2024 05:42:04 GMT content-type text/javascript
GET H2	200	bundle Show response script-api.ccgateway.net/script/	14 KB 4 KB	192ms 192ms	Script text/javascript	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script-api.ccgateway.net/script/bundle?id=paint.toys&parentId=5bb3e20859 Requested by Host: carbon-cdn.ccgateway.net URL: https://carbon-cdn.ccgateway.net/script?id=paint.toys&parentId=5bb3e20859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash eaa7e3d32d237bf9271ddb57b4068ec273bea7ce8efcf3b3eb36f3b6b5b31206 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control public,max-age=1200 content-encoding gzip date Wed, 04 Dec 2024 05:42:04 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding
POST H2	200	fb87a4ea41 Show response cd836371f1d.cdn.intergient.com/	0 95 B	127ms 125ms	XHR application/octet-stream	3.73.242.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cd836371f1d.cdn.intergient.com/fb87a4ea41 Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-242-72.eu-central-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers access-control-allow-origin * date Wed, 04 Dec 2024 05:42:04 GMT content-type application/octet-stream server nginx/1.24.0
GET H2	200	script-load ingestion-router-api.ccgateway.net/v1/event/record/	0 44 B	271ms 253ms	Image text/plain	52.91.215.149 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ingestion-router-api.ccgateway.net/v1/event/record/script-load?engttl=60&engcount=0&engid=54ca1f78-bbea-4cf8-a9c8-0df3c30bc9ad&prevPvid=&pageVisits=1&landingUrl=https%3A%2F%2Fpaint.toys%2Foil%2F&extReferer=xwsfe.lixiuding.com&url=https%3A%2F%2Fpaint.toys%2Foil%2F&pvid=f3414c43-48c0-49d6-a22b-4c9fecb32db9&ccuid=aec58db4-bdec-490b-816a-b78073998fee&sid=7f08e8f8-8cd0-4415-8fe0-e2917d926ac1&nct=1733290924000&r=https%3A%2F%2Fxwsfe.lixiuding.com%2F&ns=true&lang=he-IL&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&devicefp=31.187.78.40%3A2&browserCache=true&localCache=false&cookieType=0&nocookies=false&ios=false&parentId=5bb3e20859&scriptId=paint.toys&skey=a5982045-64f8-4c4e-891d-f62c2ccc689e&url=https%3A%2F%2Fpaint.toys%2Foil%2F Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-91-215-149.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers date Wed, 04 Dec 2024 05:42:04 GMT content-length 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 5D8B	0 0	130ms 130ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO_5IUUaMEam8PbIkw54TIqEDRQi475KAom09hsI6Jjun02nuzv3Ott1VdaZOuTquwo6uSL8Uezu9LJGhjkJH5EPdMlAp0LMDqT3A5V_fYzMhFtr9PuPyr8pqStJ8FO0ZCp9bvl3KyCj8G3V1fjCinvbJ4UO9cNNQTRpnV_cbOB-yw9CIhN0beR5Ph_GVRvFAhXT0d__0OW_id-86UCWJ6z6mKsZYrCURDwUL92NN0ibTtTMEnX1s10voTtcZTe0iaPJamj71qZ7PkPIjxbib4rqrXZdSbgnS1v_6nmrcu2rGemwhC1pFPnGcChcBoDd1F8l-iXKCntDjBJMfAFSepK0Taazj_JHLeILKO3ogpiN4yYA2gsJt49kACNkLQg2972sw5UBSA5398QDR_dzN_t8NSU6GxwQBTE88RZGIRkS3loXWzOsWlYXAwjRsAhaL_7pibdbs553k-iiPo7PTEvdngwRBzPd-pPw35lpriMQIE_mzzP-kOO7OqGDi1mw9XY9Zv4W71Op4Ihaz_opvio5OaiFqf0OlRDuVH3CzK8ZmaRVfiLcUXT6A1-keLtirNoJEo1Q4t-uODU3NFKMVcBv8M2DI&sai=AMfl-YQ8ucEgLBkuwFO27ywAXubzImGDGPhAPmIRj14plNxwFxE0D7Mkj_d2aRBkQwWeaZYQmyaK2dQyHVfjdb9NwIR-QWJbIm8ICeNHDHrKrHzyq-KnyvEu6goqcAQc_yD6B2BuJV4ytUFA2PJUdCFB&sig=Cg0ArKJSzGW6OOaO7094EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Wed, 04 Dec 2024 05:42:05 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Wed, 04 Dec 2024 05:42:05 GMT x-xss-protection 0 content-type image/gif server cafe
OPTIONS H2	200	3pCsmEvent tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev/csm/ Frame	0 0	3475ms 196ms	Preflight	52.222.236.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev/csm/3pCsmEvent Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.64 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-64.fra56.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://paint.toys Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date,smithy-protocol access-control-max-age 172800 content-length 0 date Wed, 04 Dec 2024 05:42:08 GMT via 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront) x-amz-cf-id ii6xYRLQOutVlLY9U2toOZYdy2_UB-VNLH7BcoiU6663TjQYJe_G2g== x-amz-cf-pop FRA56-P4 x-amzn-requestid bdfe3ed2-077d-4a30-94b8-cf18a84f7d9f x-cache Miss from cloudfront
POST H2	200	3pCsmEvent Show response tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev/csm/ Frame 5D8B	2 B 370 B	138ms 136ms	Fetch application/json	52.222.236.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev/csm/3pCsmEvent Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.64 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-64.fra56.r.cloudfront.net Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json Referer https://paint.toys/ Response headers access-control-expose-headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date,smithy-protocol x-amzn-requestid 619f1cd0-3f6a-4ad1-8e07-6252eadd9f57 via 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 2 x-amz-cf-id PqnCR5YJvbSoeskDTy9TEFPAUfl-MqNDC6NuBW_owkiDgiFZivu9-w== date Wed, 04 Dec 2024 05:42:08 GMT content-type application/json x-amz-cf-pop FRA56-P4
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5D8B	42 B 65 B	125ms 125ms	Fetch image/gif	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszadE65hBH_CqXxeLKtOyg261CBPQJZf5y6lhkokZfx1lSC9oJs-IPcLFu4oWsXawBDRpmbLiS7Cas5eNc6Ly8KiH8_YBshLNFUJ5QkK0wquriUYF2OGzZ474JF8J8z4A6r4gkcHvrAMMEbST68bkHVzidfMMCAhb-QSqHxQZV7XeLLFpZWzg-ZGlY2qbob8lwhQ&sig=Cg0ArKJSzGRMyNBxT5W-EAE&id=lidar2&mcvt=1000&p=314,20,914,180&tm=5811.199999809265&tu=4811&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241120&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2747221344&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2922372000&rst=1733290919901&rpt=5389&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 04 Dec 2024 05:42:06 GMT x-xss-protection 0 content-type image/gif server cafe
POST H2	204	collect www.google-analytics.com/g/	0 0	126ms 125ms	Fetch text/plain	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4bk0v9101576445za200&_p=1733290914061&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485&cid=1729995609.1733290922&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733290922&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=3&tfd=14612 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://paint.toys cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 05:42:07 GMT content-type text/plain server Golfe2
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= https://ps.eyeota.net/match?uid=fd7ee5f2-b88e-4a53-a721-f2386a0ec639&bid=1e2n4ou	70 B 440 B	125ms 124ms	Image image/gif	3.124.210.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=fd7ee5f2-b88e-4a53-a721-f2386a0ec639&bid=1e2n4ou Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Server 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-210-90.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:11 GMT Content-Type image/gif Redirect headers location https://ps.eyeota.net/match?uid=fd7ee5f2-b88e-4a53-a721-f2386a0ec639&bid=1e2n4ou content-length 191 date Wed, 04 Dec 2024 05:42:11 GMT server Kestrel
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjY4LVRlNFNnMFBoOXRJTFc3Wm1QTDNOc3pTc2VnZFFoTW9hTndfQ29YbEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESECjwg97_uDWuvqOmdJ8gV6k&google_cver=1	70 B 440 B	128ms 128ms	Image image/gif	3.124.210.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESECjwg97_uDWuvqOmdJ8gV6k&google_cver=1 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Server 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-210-90.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:13 GMT Content-Type image/gif Redirect headers cache-control no-cache, must-revalidate location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESECjwg97_uDWuvqOmdJ8gV6k&google_cver=1 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 375 date Wed, 04 Dec 2024 05:42:13 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dm51mh00 https://ps.eyeota.net/match?uid=7551551670186111864&bid=2cr76e1&referrer_pid=m51mh00	70 B 440 B	295ms 294ms	Image image/gif	3.124.210.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=7551551670186111864&bid=2cr76e1&referrer_pid=m51mh00 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Server 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-210-90.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:12 GMT Content-Type image/gif Redirect headers cache-control no-store, no-cache, private location https://ps.eyeota.net/match?uid=7551551670186111864&bid=2cr76e1&referrer_pid=m51mh00 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 31.187.78.40; 31.187.78.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 45376f13-58c0-48b0-8aca-08210f57e20c content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 04 Dec 2024 05:42:12 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://sync.srv.stackadapt.com/sync?nid=eyeota https://ps.eyeota.net/match?bid=tpm4omv&uid=x-n8aR7HUMNgOVPxetVEQB-7Tig&gdpr=&gdpr_consent=	70 B 440 B	123ms 123ms	Image image/gif	3.124.210.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=tpm4omv&uid=x-n8aR7HUMNgOVPxetVEQB-7Tig&gdpr=&gdpr_consent= Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Server 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-210-90.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:13 GMT Content-Type image/gif Redirect headers Location https://ps.eyeota.net/match?bid=tpm4omv&uid=x-n8aR7HUMNgOVPxetVEQB-7Tig&gdpr=&gdpr_consent= Content-Length 126 Date Wed, 04 Dec 2024 05:42:13 GMT Content-Type text/html; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://eyeota-match.dotomi.com/match/bounce/current?networkId=41703&version=1&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&gdpr=0&gdpr_consent= https://eyeota-match.dotomi.com/match/bounce/current?DotomiTest=a2c8b927105176a&is_secure=true&networkId=41703&version=1&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&gdpr=0&gdpr_consent= https://ps.eyeota.net/match?bid=r8d1b20&uid=AQAGuNPbRMSvxgIID6BRAQEBAQEBAQCSkTG5WQEBAJKRMblZ&expiration=1733377332&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&is_secure=true&gdpr_consent=&gdpr=0	70 B 440 B	223ms 150ms	Image image/gif	3.124.210.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=r8d1b20&uid=AQAGuNPbRMSvxgIID6BRAQEBAQEBAQCSkTG5WQEBAJKRMblZ&expiration=1733377332&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&is_secure=true&gdpr_consent=&gdpr=0 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Server 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-210-90.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:12 GMT Content-Type image/gif Redirect headers expires 0 cache-control no-cache, private, max-age=0, no-store location https://ps.eyeota.net/match?bid=r8d1b20&uid=AQAGuNPbRMSvxgIID6BRAQEBAQEBAQCSkTG5WQEBAJKRMblZ&expiration=1733377332&nuid=2b3_J5xachrQuMtGZ8MX87W_t2eCTuiGtsbvUhbTK9iQ&is_secure=true&gdpr_consent=&gdpr=0 content-length 0 date Wed, 04 Dec 2024 05:42:12 GMT pragma no-cache server nginx
GET H/1.1	200 OK	pixel Show response ps.eyeota.net/	1 KB 2 KB	123ms 123ms	Script application/javascript	3.124.210.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel?e_rc=1&pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388 Requested by Host: ps.eyeota.net URL: https://ps.eyeota.net/pixel?pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-210-90.eu-central-1.compute.amazonaws.com Software / Resource Hash b4993b3e6b55f33b489358b424796ea358bfa605a07f336bff61594ab9990b9c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Content-Length 1211 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 04 Dec 2024 05:42:16 GMT Content-Type application/javascript
GET H2	200	cm trc.taboola.com/sg/eyeota/1/	43 B 421 B	4570ms 165ms	Image image/gif	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/eyeota/1/cm Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" date Wed, 04 Dec 2024 05:42:21 GMT x-served-by cache-fra-eddf8230046-FRA x-cache-hits 0 cache-control no-cache, no-store x-fastly-to-nlb-rtt 65722 pragma no-cache x-timer S1733290941.384007,VS0,VE67 x-vcl-time-ms 67 access-control-allow-credentials true via 1.1 varnish accept-ranges bytes access-control-allow-origin * x-service-version v1 server nginx
GET		match d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/	0 0
GET H2	200	lons7jax sync-tm.everesttech.net/ct/upi/pid/ Redirect Chain https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00 https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=Z0-ruQAJVotV1gBR	85 B 171 B	119ms 119ms	Image image/png	151.101.194.49 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=Z0-ruQAJVotV1gBR Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 151.101.194.49 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Jetty(9.4.35.v20201120) / Resource Hash acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-robots-tag noindex cache-control no-cache x-timer S1733290938.566892,VS0,VE0 age 1811 pragma no-cache via 1.1 varnish accept-ranges bytes x-cache HIT content-length 85 date Wed, 04 Dec 2024 05:42:17 GMT content-type image/png x-served-by cache-fra-eddf8230148-FRA server Jetty(9.4.35.v20201120) x-cache-hits 5995 Redirect headers x-robots-tag noindex cache-control no-cache location https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=Z0-ruQAJVotV1gBR x-timer S1733290937.352191,VS0,VE93 pragma no-cache via 1.1 varnish accept-ranges bytes access-control-allow-origin * x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" content-length 0 date Wed, 04 Dec 2024 05:42:17 GMT x-served-by cache-fra-eddf8230148-FRA server Jetty(9.4.35.v20201120) x-cache-hits 0
GET		cms ups.analytics.yahoo.com/ups/58773/	0 0
GET		ibs:dpid=30064&dpuuid=1939030b58c-24a0000010f4f99&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dm51mh00 dpm.demdex.net/	0 0
GET		pixel ps.eyeota.net/	0 0
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	650 B 761 B	257ms 250ms	XHR text/javascript	18.245.52.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=https%3A%2F%2Fxwsfe.lixiuding.com%2F&pid=mxOy7to3tlCfF&cb=1&ws=1600x1200&v=24.1105.2150&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&sm=c11a9e12-3a02-4e1f-9ae7-874ab273e6b5&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*YgY-7o1UmCnVu7_BEANqyMfFSnx6cnsg0gmRAYvRJWPfUXzgOGe_hUxw5YF0ASS8%22%2C%22pubcommon%22%3A%22c29c2df8-4e05-46af-80f0-4ebe9ffd55db%22%7D%2C%22vendors%22%3A%7B%22liveintent%22%3A%7B%22data%22%3A%7B%22default%22%3A%7B%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%5D%7D%7D%7D%7D%7D%7D%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.52.164 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-52-164.fra56.r.cloudfront.net Software Server / Resource Hash 3f8d97d56b28e85322dc17d5c443d03c43d347cb67e649385b8af85872d39367 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip access-control-allow-credentials true via 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront) access-control-allow-origin https://paint.toys x-cache Miss from cloudfront content-length 431 x-amz-cf-id QNlaeuLkmhwJmdMUgZiidrQlX2iVBlZW9nULaJVCWkXXtIkb9H44xQ== date Wed, 04 Dec 2024 05:42:26 GMT content-type text/javascript;charset=UTF-8 x-amz-cf-pop FRA56-P9 server Server
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	343 B 440 B	524ms 231ms	Fetch application/json	69.173.144.137
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.144.137 -, , ASN (), Reverse DNS Software / Resource Hash 2b24d3b960d6c7840b1a702fba290c28662ab0baac81eb1a3d9d3ea8161a1e34 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip pragma no-cache access-control-allow-credentials true observe-browsing-topics ?1 expires 0 access-control-allow-origin https://paint.toys content-length 259 x-prebid pbs-java/3.15.0 content-type application/json vary origin
POST		prebidjs rtb.openx.net/openrtbb/	0 0
POST		auction tlx.3lift.com/header/	0 0
POST		v1 btlr.sharethrough.com/universal/	0 0
POST H3	200	pbjs Show response htlb.casalemedia.com/openrtb/	20 KB 9 KB	473ms 389ms	Fetch application/json	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/openrtb/pbjs?s=1031634 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13a4b0f1335c0878dd377a169620f078087fdefbfa336ef735f7edee91bad28b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUvo2FLxzFvajHSGJ00kd4mCJ3zgji8Cm7iTyujwy%2BzDXUvI2y5Afu%2B%2BttlBcIAZN2YO0uvuqoMTjODp2UJW9DcOzHq%2FuELZRjMQo13WuQppuna2uY1QfcVzd9LRqHzHgYjrAi9y"}],"group":"cf-nel","max_age":604800} expires 0 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 04 Dec 2024 05:42:27 GMT content-type application/json vary Accept-Encoding priority u=1,i cache-control no-cache nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} pragma no-cache access-control-allow-credentials true cf-ray 8ec979241b887da0-TLV access-control-allow-origin https://paint.toys content-length 8914 server cloudflare
POST		request grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/	0 0
GET		imp g2.gumgum.com/hbid/	0 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 53 B	188ms 145ms	Fetch	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate access-control-allow-origin https://paint.toys date Wed, 04 Dec 2024 05:42:27 GMT access-control-allow-credentials true
POST		hb-multi hb.yellowblue.io/	0 0
POST H/1.1	200 OK	playwire Show response direct.adsrvr.org/bid/bidder/	0 394 B	175ms 142ms	Fetch application/json	52.223.6.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://direct.adsrvr.org/bid/bidder/playwire Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.223.6.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a8c33d2b6751b365d.awsglobalaccelerator.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers x-openrtb-version 2.3 cache-control private access-control-allow-credentials true access-control-allow-origin https://paint.toys content-length 0 date Wed, 04 Dec 2024 05:42:26 GMT content-type application/json server Kestrel access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
POST		prebid ib.adnxs.com/ut/v3/	0 0
POST		hbjson grid.bidswitch.net/	0 0
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	705 B 910 B	1482ms 214ms	Fetch application/json	69.173.156.139
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=ID5*YgY-7o1UmCnVu7_BEANqyMfFSnx6cnsg0gmRAYvRJWPfUXzgOGe_hUxw5YF0ASS8%5E1%5E2&eid_pubcid.org=5493aa01-2d9a-42e5-8324-719792725c6c%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fxwsfe.lixiuding.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.in_view=true&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v9.11.0&x_source.tid=81765f73-fb51-4706-a1a7-cdc02443da4c&l_pb_bid_id=161bc855528c8bb&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=d6cd1817-2a0b-415a-bc4b-02984cb9a2db&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.12030628520785824 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.156.139 -, , ASN (), Reverse DNS Software nginx/1.27.2 / Resource Hash c65337d224892b5254918f9e466ff2b8113baa9082ffc16c7dcb52913d0a842c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT access-control-allow-origin https://paint.toys content-length 705 date Wed, 04 Dec 2024 05:42:28 GMT content-type application/json vary Accept-Encoding server nginx/1.27.2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

faucetfoot.com

URL

https://faucetfoot.com/j/a3e4bc15c9a3a/f77c83994c7629264318befe1.main.js

Domain

px.moatads.com

URL

https://px.moatads.com/pixel.gif

Domain

paint.toys

URL

blob:https://paint.toys/62748034-10ab-4906-aeb9-9757842effd8

Domain

fid.agkn.com

URL

https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F

Domain

lexicon.33across.com

URL

https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0

Domain

prebid-server.rubiconproject.com

URL

https://prebid-server.rubiconproject.com/cookie_sync

Domain

prebid-server.rubiconproject.com

URL

https://prebid-server.rubiconproject.com/openrtb2/auction

Domain

grid-bidder.criteo.com

URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.11.0&cb=57044694913&lsavail=1&networkId=6163

Domain

tlx.3lift.com

URL

https://tlx.3lift.com/header/auction?lib=prebid&v=9.11.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&fledge=true

Domain

fastlane.rubiconproject.com

URL

https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=5493aa01-2d9a-42e5-8324-719792725c6c%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fxwsfe.lixiuding.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v9.11.0&x_source.tid=b675a4c9-dced-4e25-8797-ddb105d281b1&l_pb_bid_id=68e9ca0493cc978&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=1a3351d7-790c-4e17-b653-e6cd0ffbf4c0&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.6177446804873958

Domain

fastlane.rubiconproject.com

URL

https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=5493aa01-2d9a-42e5-8324-719792725c6c%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fxwsfe.lixiuding.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_btf&tg_i.pbadslot=pw-160x600_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=b675a4c9-dced-4e25-8797-ddb105d281b1&l_pb_bid_id=697e4e316d48714&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=71051e0d-d9e9-4ada-98cf-d9eab17fbbf4&rp_maxbids=1&p_gpid=pw-160x600_btf&m_ch_mobile=%3F0&slots=1&rand=0.07972551522230908

Domain

fastlane.rubiconproject.com

URL

https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=5493aa01-2d9a-42e5-8324-719792725c6c%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fxwsfe.lixiuding.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_atf&tg_i.pbadslot=leaderboard_atf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=b675a4c9-dced-4e25-8797-ddb105d281b1&l_pb_bid_id=7047ab83a05ffb&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=1f923a6f-bbbf-440a-b7fe-5925033904a6&rp_maxbids=1&p_gpid=leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.2538754691810923

Domain

fastlane.rubiconproject.com

URL

https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=5493aa01-2d9a-42e5-8324-719792725c6c%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fxwsfe.lixiuding.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_btf&tg_i.pbadslot=leaderboard_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=b675a4c9-dced-4e25-8797-ddb105d281b1&l_pb_bid_id=7140ebd0f21cfdb&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=f009f809-f618-4d5e-86fe-b413f6964d72&rp_maxbids=1&p_gpid=leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.43455901540158615

Domain

hb.yellowblue.io

URL

https://hb.yellowblue.io/hb-multi

Domain

g2.gumgum.com

URL

https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1733290916643&to=-120&aun=pw-160x600_atf&pubcid=5493aa01-2d9a-42e5-8324-719792725c6c&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240

Domain

g2.gumgum.com

URL

https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1733290916644&to=-120&aun=pw-160x600_btf&pubcid=5493aa01-2d9a-42e5-8324-719792725c6c&gpid=pw-160x600_btf&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240

Domain

g2.gumgum.com

URL

https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1733290916644&to=-120&aun=leaderboard_atf&pubcid=5493aa01-2d9a-42e5-8324-719792725c6c&gpid=leaderboard_atf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240

Domain

g2.gumgum.com

URL

https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1733290916644&to=-120&aun=leaderboard_btf&pubcid=5493aa01-2d9a-42e5-8324-719792725c6c&gpid=leaderboard_btf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240

Domain

rtb.openx.net

URL

https://rtb.openx.net/openrtbb/prebidjs

Domain

grid.bidswitch.net

URL

https://grid.bidswitch.net/hbjson

Domain

0bf235370ef5c1cb1c1acd0d27549b75.safeframe.googlesyndication.com

URL

https://0bf235370ef5c1cb1c1acd0d27549b75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain

fid.agkn.com

URL

https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F

Domain

lexicon.33across.com

URL

https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0

Domain

hb.yahoo.net

URL

https://hb.yahoo.net/cksync.php?cs=1&type=58280&ovsid=4db898e3-65a2-4171-8917-dbb464e7414a

Domain

d.turn.com

URL

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=m51mh00

Domain

ups.analytics.yahoo.com

URL

https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot&gdpr=0&gdpr_consent=

Domain

dpm.demdex.net

URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=1939030b58c-24a0000010f4f99&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dm51mh00

Domain

ps.eyeota.net

URL

https://ps.eyeota.net/pixel?e_rc=2&pid=m51mh00&t=ajs&uid=user_ed4dbca8-5837-47fc-927e-9eb26da78e2c_1733290915388

Domain

rtb.openx.net

URL

https://rtb.openx.net/openrtbb/prebidjs

Domain

tlx.3lift.com

URL

https://tlx.3lift.com/header/auction?lib=prebid&v=9.11.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&fledge=true

Domain

btlr.sharethrough.com

URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain

grid-bidder.criteo.com

URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.11.0&cb=90022786571&lsavail=1&bundle=w2sqaF9ZY2hTNzM1T2hhd0JoYWJyMUpqJTJGTXAyNHpOZzd1NFhFWGYwdUV4Zm5LM3FkVG8lMkZtOGJGak9abnRocUU0aTU2V3FxNCUyQiUyRmRsVXBRYWdjdE5yQ1ZtOHZoSjlEWmtFdjBIYXZyc21NNGVJMFoyV2RoUE9mUDFLU3NseDBETnVlY1BPRXg3bnl3bUQ0TEJ6NDlMRzVTaWtkdyUzRCUzRA&networkId=6163

Domain

g2.gumgum.com

URL

https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1733290947108&to=-120&id5Id=ID5*YgY-7o1UmCnVu7_BEANqyMfFSnx6cnsg0gmRAYvRJWPfUXzgOGe_hUxw5YF0ASS8&id5IdLinkType=2&aun=pw-160x600_atf&id5id=ID5*YgY-7o1UmCnVu7_BEANqyMfFSnx6cnsg0gmRAYvRJWPfUXzgOGe_hUxw5YF0ASS8&pubcid=5493aa01-2d9a-42e5-8324-719792725c6c&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240

Domain

hb.yellowblue.io

URL

https://hb.yellowblue.io/hb-multi

Domain

ib.adnxs.com

URL

https://ib.adnxs.com/ut/v3/prebid

Domain

grid.bidswitch.net

URL

https://grid.bidswitch.net/hbjson