paint.toys Open in urlscan Pro
3.33.186.135  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 HTTP 307
   https://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 HTTP 307
   http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Page URL
   
2. http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264?in=1 HTTP 302
   https://paint.toys/oil HTTP 301
   https://paint.toys/oil/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 HTTP 307
• https://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 HTTP 307
• http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264

Request Chain 101

• https://rp.liadm.com/j?dtstmp=1731613381270&did=did-0046&se=e30&duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&cd=.paint.toys HTTP 302
• https://rp.liadm.com/j?dtstmp=1731613381270&did=did-0046&se=e30&duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&cd=.paint.toys&n3pc=true

Request Chain 102

• https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1

Request Chain 122

• https://playwire-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent= HTTP 302
• https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=

Request Chain 129

• https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=540c21e0-38ec-4d8a-994e-179993db5706&google_hm=NTQwYzIxZTAtMzhlYy00ZDhhLTk5NGUtMTc5OTkzZGI1NzA2&gdpr_consent=&gdpr=0 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENUcaKbcERTmQGEGPDMhyh0&google_cver=1&ssp=themediagrid&bsw_param=540c21e0-38ec-4d8a-994e-179993db5706&gdpr_consent=&gdpr=0

Request Chain 135

• https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID HTTP 302
• https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1

Request Chain 136

• https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-server.rubiconproject.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526gpp%253D%2526gpp_sid%253D%2526account%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
• https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3240452640532361633

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	7596963286264 wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyaw... Redirect Chain http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzy... https://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvz... http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzy...	769 B 1 KB	326ms 223ms	Document text/html	67.198.205.86 VPLSNET
General Check archive.org Show headers Download Go to Full URL http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Protocol HTTP/1.1 Server 67.198.205.86 , United States, ASN35908 (VPLSNET, US), Reverse DNS 67.198.205.86.static.krypt.com Software Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 / PHP/7.4.33 Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, private max-age=0, no-cache, no-store, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 401 Content-Type text/html; charset=UTF-8 Date Thu, 14 Nov 2024 19:42:41 GMT Developed-by Mohamed Amine El Attabi Email mohamed.amine.elattabi@gmail.com Expires Sat, 2 Aug 1980 15:15:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 Vary Accept-Encoding,User-Agent X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Powered-By PHP/7.4.33 X-XSS-Protection 1; mode=block Redirect headers Location http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Non-Authoritative-Reason HttpsUpgrades
GET H2	200	Primary Request / Show response paint.toys/oil/ Redirect Chain http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzy... https://paint.toys/oil https://paint.toys/oil/	6 KB 2 KB	197ms 70ms	Document text/html	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paint.toys/oil/ Requested by Host: wxszri.atlanticfoodint.com URL: http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 17795 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit content-encoding br content-length 1669 content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 19:42:44 GMT etag "7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df" server Netlify strict-transport-security max-age=31536000 vary Accept-Encoding x-nf-request-id 01JCP364EV6VMX6CFX2TNAVGWH Redirect headers accept-ranges bytes age 17795 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit content-length 1664 content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 19:42:44 GMT etag "7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df" location /oil/ server Netlify strict-transport-security max-age=31536000 x-nf-request-id 01JCP3645DNW2MZM2SA3GXB9EW
GET H2	200	ramp_config.js Show response cdn.intergient.com/1024872/74068/	37 KB 7 KB	2507ms 337ms	Script application/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/1024872/74068/ramp_config.js Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 7313a8097573590141ff1ab8041528e22b1c3b9c1b584156e15a49f4d9abc40d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers last-modified Thu, 14 Nov 2024 19:42:47 GMT hw-country-code IT cache-control max-age=600, public, must-revalidate content-encoding br cf-cache-status EXPIRED via 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront) cf-ray 8e297c98aa2e371d-FRA x-cache Hit from cloudfront x-amz-cf-id 286bgz-cneUvasTMkxL71IUYyc8LV0VVh-G2svLzpSX_XpSDDZdWQw== date Thu, 14 Nov 2024 19:42:47 GMT content-type application/javascript vary Accept-Encoding server cloudflare x-amz-cf-pop FRA60-P2
GET H2	200	apps.css paint.toys/	5 KB 1 KB	722ms 317ms	Stylesheet text/css	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paint.toys/apps.css Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate content-encoding br etag "58d01e65c6625681e8891f6fbc8c18f5-ssl-df" age 197596 accept-ranges bytes content-length 1373 x-nf-request-id 01JCP36527G0K7CY2791MWHFPZ cache-status "Netlify Edge"; hit date Thu, 14 Nov 2024 19:42:45 GMT content-type text/css; charset=UTF-8 vary Accept-Encoding server Netlify
GET H2	200	index.js Show response paint.toys/oil/	4 KB 1 KB	719ms 314ms	Script application/javascript	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paint.toys/oil/index.js Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate content-encoding br etag "687211e2ced405124b38663a13c97091-ssl-df" age 32113 accept-ranges bytes content-length 1204 x-nf-request-id 01JCP36527K85GN1ZNV0BBXK4P cache-status "Netlify Edge"; hit date Thu, 14 Nov 2024 19:42:45 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Netlify
GET H2	200	art-icon.png paint.toys/assets/	33 KB 33 KB	505ms 101ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/art-icon.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "1394f8469f2ca5750397e3d7b6ec70a1-ssl" age 113892 accept-ranges bytes content-length 33562 x-nf-request-id 01JCP36527G14V0F6JAD2DGS56 cache-status "Netlify Edge"; hit date Thu, 14 Nov 2024 19:42:45 GMT content-type image/png server Netlify
GET H2	200	icon-hand.png paint.toys/assets/	27 KB 27 KB	507ms 102ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/icon-hand.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "a0822110a4671ffdf710da1467460fba-ssl" age 79088 accept-ranges bytes content-length 27394 x-nf-request-id 01JCP36527WCX1671PKWF718S1 cache-status "Netlify Edge"; hit date Thu, 14 Nov 2024 19:42:45 GMT content-type image/png server Netlify
GET H2	200	icon-disk.png paint.toys/assets/	13 KB 14 KB	517ms 166ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/icon-disk.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "26852fa1548a91e004629b01e4abf1dd-ssl" age 79090 accept-ranges bytes content-length 13766 x-nf-request-id 01JCP365XHR00NMBE72B8BQXXJ cache-status "Netlify Edge"; hit date Thu, 14 Nov 2024 19:42:46 GMT content-type image/png server Netlify
GET H2	200	icon-trash.png paint.toys/assets/	50 KB 51 KB	494ms 213ms	Image image/png	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://paint.toys/assets/icon-trash.png Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "e91ef5e34b5154d392e8560031eaaa4c-ssl" age 79090 accept-ranges bytes content-length 51680 x-nf-request-id 01JCP366X1CH8H4METANBYVDJB cache-status "Netlify Edge"; hit date Thu, 14 Nov 2024 19:42:47 GMT content-type image/png server Netlify
GET H2	200	ramp_core.js Show response cdn.intergient.com/	3 KB 1 KB	103ms 94ms	Script application/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/ramp_core.js Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 22c5a847faecf1be113a0e2eea566d34080c022b9f001bfb386921d1d86c2e35 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers hw-country-code IT cache-control max-age=600, public, must-revalidate content-encoding br cf-cache-status DYNAMIC via 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront) cf-ray 8e297ca059eb371d-FRA x-cache Miss from cloudfront x-amz-cf-id rvqICw-5HiZ6oUTxYY4xqoCQ-lYj70BAZrghwrSnfKVmdQrVF7BNBA== date Thu, 14 Nov 2024 19:42:48 GMT x-lambda-function us-east-1.pageos_production:731 content-type application/javascript vary Accept-Encoding server cloudflare x-amz-cf-pop FRA60-P2
GET H2	200	js Show response www.googletagmanager.com/gtag/	316 KB 106 KB	2156ms 65ms	Script application/javascript	142.250.185.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f8.1e100.net Software Google Tag Manager / Resource Hash 9ff297fe3c3d356026e029397bff622e4fcbf587c0d6e0b2a0f5f63c51db2c8c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 14 Nov 2024 19:42:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 107915 x-xss-protection 0 server Google Tag Manager
GET H2	200	8276905b654970_03f1ce83f07db82e6e5c28be.main.js Show response faucetfoot.com/chunks/	67 KB 24 KB	2662ms 136ms	Script text/javascript	104.18.24.111
General Check archive.org Show headers Download Go to Full URL https://faucetfoot.com/chunks/8276905b654970_03f1ce83f07db82e6e5c28be.main.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024872/74068/ramp_config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.111 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash d21f634139fa71dc06425c54c36ff2d3ac1cc303199309489ed49382232a958b Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status MISS etag W/"67517cbe9d209e0c91ea2bd750ea7d81d3b2ed10a00499071a812dd42772c3eb" x-buildname hoothoot x-hostname fen-hoothoot-europe-west1-spot-27rk alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 19:42:50 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding, Accept-Language strict-transport-security max-age=15724800; preload cache-control private, must-revalidate, max-age=21600 timing-allow-origin * x-datacenter gce-europe-west1 via 1.1 google cf-ray 8e297cb04a945d9e-FRA x-buildnumber 1528792020 server cloudflare
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	109 KB 33 KB	2689ms 164ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024872/74068/ramp_config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash dfc2ff3e88ebac9c8b5777f57ba869d7bd4ebaaccc898bddde5072dbcfa2d6a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br etag 253 / 20041 / 31089017 / config-hash: 16056865451071421663 x-content-type-options nosniff expires Thu, 14 Nov 2024 19:42:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 14 Nov 2024 19:42:51 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33699 x-xss-protection 0 server cafe
GET H2	200	prebid.js.br Show response cdn.intergi.com/prebid/	521 KB 165 KB	2685ms 160ms	Script text/javascript	104.18.25.242
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/prebid/prebid.js.br Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024872/74068/ramp_config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash fe12844f3313fe65a62a2929566f57436facf41fec545ddcc70df796842a0952 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT etag W/"c470433004a82afee4ab8662ae9aaa27" x-amz-version-id FqNXBOTvPrlpiPyuvHusEv9yqADl8mtU age 5188 x-cache Hit from cloudfront x-amz-cf-id zKJgnagckDfnMy2GbDOloqjbnAykwMlO79-MUM29-rWESkFrNenC9g== date Thu, 14 Nov 2024 19:42:51 GMT content-type text/javascript last-modified Wed, 06 Nov 2024 15:42:54 GMT vary accept-encoding via 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront) cf-ray 8e297cb09c73d223-FRA x-amz-cf-pop FRA56-C2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	pageos.js Show response cdn.intergient.com/pageos/1.11.80/	399 B 506 B	101ms 101ms	Script text/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/pageos.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/ramp_core.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 3891bb666c2c0939cc4e41bd3086cc9147b3f8226fca1302045c0a15082de50d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"4f067b902d315e2cc953df7ab7664d88" age 8054 x-cache Hit from cloudfront x-amz-cf-id -kaJ6sV5BJFIp280nR4Ciaolp4v1y6tSO9FYOc8uRNgIDtlkKlz7SA== date Thu, 14 Nov 2024 19:42:48 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:48 GMT vary Accept-Encoding hw-country-code IT cache-control public, max-age=31536000 via 1.1 892b64cb4f7d422e3a1221397ea1a546.cloudfront.net (CloudFront) cf-ray 8e297ca0fa95371d-FRA x-amz-cf-pop MXP63-P2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	runtime.cb145137015a70928106.js Show response cdn.intergient.com/pageos/1.11.80/	3 KB 2 KB	247ms 239ms	Script text/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/runtime.cb145137015a70928106.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/pageos.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 01c634f49e7e09f521096ae8159c49f78d870f135e84aaae4649ab54c8a3310e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"046e193955ed8b955d90e42ca0f34e38" age 8054 x-cache Hit from cloudfront x-amz-cf-id nqS5pelDyjRoEkc-jp4_5l5V7Hg4H5fM6E7Ay7ECGy319UR1r77Lhg== date Thu, 14 Nov 2024 19:42:48 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:48 GMT vary accept-encoding hw-country-code IT cache-control public, max-age=31536000 via 1.1 c25307e8546cc763b82d2dc2ee51258a.cloudfront.net (CloudFront) cf-ray 8e297ca1dba4371d-FRA x-amz-cf-pop MXP63-P2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	main.d1b3db1b74992081b288.js Show response cdn.intergient.com/pageos/1.11.80/	205 KB 65 KB	85ms 77ms	Script text/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/pageos.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 9fc9b7bad5d836bb5a4e24795c093828c99c94551f8dcf904068331923aee9cc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"1ded9c02f7a75af7184795558a5582ed" age 8052 x-cache Hit from cloudfront x-amz-cf-id Vwq5HGR3rqtU88VS8DkQTgerdwhK4Hkoct06WlqWrZf_VPar0Poz0g== date Thu, 14 Nov 2024 19:42:48 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:48 GMT vary accept-encoding hw-country-code IT cache-control public, max-age=31536000 via 1.1 66a9d30cb1014679858f80448b50159c.cloudfront.net (CloudFront) cf-ray 8e297ca1dba6371d-FRA x-amz-cf-pop MXP63-P2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	videoCard.5ed8eb34c11835040def.js Show response cdn.intergient.com/pageos/1.11.80/	559 B 541 B	64ms 63ms	Script text/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/videoCard.5ed8eb34c11835040def.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/runtime.cb145137015a70928106.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"6880c1609e3243c11c7b4f1285e14d89" age 8054 x-cache Hit from cloudfront x-amz-cf-id wABuRZaJB-qViXlgu4DLBJu8b6PvZqjnR-OyFxf0tBxhAhctK_XEkg== date Thu, 14 Nov 2024 19:42:49 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:48 GMT vary Accept-Encoding hw-country-code IT cache-control public, max-age=31536000 via 1.1 a8fa1851afeaba34d9b72eca54e89abc.cloudfront.net (CloudFront) cf-ray 8e297ca4ff20371d-FRA x-amz-cf-pop MXP63-P2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	iframe.html cdn.intergient.com/pageos/1.11.80/iframe/ Frame E6FE	0 0	854ms 114ms	Document text/html	104.18.20.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/iframe/iframe.html Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers age 8055 cache-control public, max-age=31536000 cf-cache-status HIT cf-ray 8e297cb06e4d9143-FRA content-encoding br content-type text/html date Thu, 14 Nov 2024 19:42:50 GMT hw-country-code IT last-modified Thu, 14 Nov 2024 16:14:48 GMT server cloudflare vary Accept-Encoding via 1.1 bd4e114ece87e9cf66a7eccfeb6c9c4a.cloudfront.net (CloudFront) x-amz-cf-id ZNTtIJG0QOSSxkAEbVQDI714AKqgWEhUlIpzQD4S6UtGAyCCB-vW1w== x-amz-cf-pop MXP63-P2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	gdpr.1b960cdd1c148987c402.js Show response cdn.intergient.com/pageos/1.11.80/	6 KB 2 KB	80ms 80ms	Script text/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/gdpr.1b960cdd1c148987c402.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/runtime.cb145137015a70928106.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 0aa98ee205d0ed7ab5765a57a2652a721657b0afe77539306b4d2c2e582587cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"f4fb0f395e7b6363ec6a36d7e3603696" age 8054 x-cache Hit from cloudfront x-amz-cf-id iuSqp2vpqvOFrhWi1xDGbotXpBa1gzVrCvIIM7d7ZDEnbKMOFw3v1A== date Thu, 14 Nov 2024 19:42:49 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:48 GMT vary accept-encoding hw-country-code IT cache-control public, max-age=31536000 via 1.1 bd4e114ece87e9cf66a7eccfeb6c9c4a.cloudfront.net (CloudFront) cf-ray 8e297ca50f2c371d-FRA x-amz-cf-pop MXP63-P2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	GDPR Show response impression-inferences-edge-prod.playwire.com/websites/74068/v1/Thu/14/desktop/Chrome/	586 B 923 B	1816ms 52ms	XHR application/json	18.245.46.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Thu/14/desktop/Chrome/GDPR Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-16.fra56.r.cloudfront.net Software CloudFront / Resource Hash 5c104d9dea56c323cbb991645c56b8410ccd8b4ee4bf19607dd5a6ba5e61666d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=3600, public, must-revalidate access-control-expose-headers * age 2557 via 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront content-length 586 x-amz-cf-id QEUcvYfLIk3QujhLfOWB2qeAXqpycUVM_RFPRx5rheTqp__Z3d62dw== date Thu, 14 Nov 2024 19:00:13 GMT content-type application/json x-amz-cf-pop FRA56-P9 server CloudFront
GET H2	200	tag Show response btloader.com/	111 KB 31 KB	1753ms 66ms	Script application/javascript	172.67.41.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5150306120761344&upapi=true Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24a2cfa29de7c4b7d2c120bb979c5d2e34a480ebf03907afeca122fb8f572613 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-robots-tag noindex, nofollow cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 content-encoding gzip cf-cache-status HIT etag "7e29dc0afc0b7de8d8462a28efed02f5" age 666 via 1.1 google cf-ray 8e297cb02ff9d28e-FRA accept-ranges bytes content-length 31469 date Thu, 14 Nov 2024 19:42:50 GMT content-type application/javascript last-modified Thu, 14 Nov 2024 19:28:19 GMT vary Origin, Accept-Encoding server cloudflare
GET H/1.1	500 Internal Server Error	pixel.gif px.moatads.com/	27 B 27 B	834ms 91ms	Image text/html	23.218.209.154 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-209-154.deploy.static.akamaitechnologies.com Software / Resource Hash 5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Cache-Control max-age=0, no-cache, no-store Pragma no-cache Connection keep-alive Expires Thu, 14 Nov 2024 19:42:51 GMT Content-Length 27 Date Thu, 14 Nov 2024 19:42:51 GMT AK-GRN 0.25257e68.1731613371.5105c064 Content-Type text/html
GET H2	200	js Show response www.googletagmanager.com/gtag/	259 KB 92 KB	252ms 121ms	Script application/javascript	142.250.185.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je4bc0v9101576445za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f8.1e100.net Software Google Tag Manager / Resource Hash 72352f417fe3368474782aa990b306987b528275a552abf367fa41c8546996da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 14 Nov 2024 19:42:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:51 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 93977 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect www.google-analytics.com/g/	0 0	2250ms 37ms	Fetch text/plain	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4bc0v9101576445za200&_p=1731613365027&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102077855&cid=2024856270.1731613371&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731613371&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=8642 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://paint.toys cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:53 GMT content-type text/plain server Golfe2
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 481 B	6101ms 3455ms	Image image/gif	18.66.112.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif?adspot_id=ad_300x250_535690 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-44.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers etag "45cf913e5d9d3c9b2058033056d3dd23" x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja age 197 x-cache Hit from cloudfront x-amz-cf-id G_FlmGuc605BcVs1HBVCt5lf4YVyTSN7mChypuHvOPO3Khrb24wzwQ== date Thu, 14 Nov 2024 19:39:38 GMT content-type image/gif last-modified Mon, 17 Aug 2020 23:55:15 GMT x-amz-replication-status COMPLETED cache-control max-age=315360000 via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) accept-ranges bytes content-length 43 x-amz-cf-pop FRA56-P5 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/	489 KB 152 KB	980ms 683ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 98d0c4ee2961bbdf97cff859873e9e0b58a5794096d800b07fba5cbed9350013 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br etag 11242378932596198799 age 11504 x-content-type-options nosniff expires Fri, 14 Nov 2025 16:31:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 14 Nov 2024 16:31:07 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 155147 x-xss-protection 0 server cafe
GET H2	200	px.gif ad-delivery.net/	43 B 457 B	861ms 94ms	Image image/gif	172.67.69.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-goog-metageneration 5 access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== cf-cache-status HIT etag "ad4b0f606e0f8465bc4c4c170b37e1a3" age 29 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUWCV8kFFttqn0wSV3osCsNY1mIB8dFflVHqkZQjSJFnL%2FjhZCuL95uNgtbg7Zef1YXopYRjHluic%2FuUaRrm4YVRJF3p7kgP63W4TGw%2B8aPtUaVowZ9eeMk93BRZ8teN0w%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Fri, 15 Nov 2024 19:42:53 GMT server-timing cfL4;desc="?proto=TCP&rtt=18903&sent=10&recv=9&lost=0&retrans=0&sent_bytes=5107&recv_bytes=2264&delivery_rate=217054&cwnd=254&unsent_bytes=0&cid=3a452e1980218971&ts=387&x=0" x-goog-stored-content-length 43 date Thu, 14 Nov 2024 19:42:53 GMT content-type image/gif last-modified Wed, 05 May 2021 19:25:32 GMT vary Accept-Encoding x-guploader-uploadid AHmUCY0FIUe_KMwRiyIxInaIbb_zqwDAT537via137HloGK3192QTgRWyfcQuylaA4I_zH6EpMOrKFJ6eQ cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8e297cc04f65dbce-FRA accept-ranges bytes access-control-allow-origin * x-goog-generation 1620242732037093 content-length 43 server cloudflare
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 571 B	1219ms 328ms	Image image/x-icon	142.250.185.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip age 26576 report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} x-content-type-options nosniff expires Fri, 15 Nov 2024 12:19:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 12:19:57 GMT last-modified Tue, 08 May 2012 13:08:06 GMT content-type image/x-icon vary Accept-Encoding cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" content-length 104 x-xss-protection 0 server sffe
GET H2	200	px.gif ad-delivery.net/	43 B 1 KB	861ms 95ms	Image image/gif	172.67.69.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.7379993122765145 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-goog-metageneration 5 access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== cf-cache-status HIT etag "ad4b0f606e0f8465bc4c4c170b37e1a3" age 29 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTtd1LsLn9qE9ks%2FfX7ZhmrBrVzH2uKTY2gdFWESv1U4g95pfnwhMuNEBIvBAT2UY0vHL3asGiukn80dk9mygKNGuN6qJBkATWsjkQg1v%2BNjZ%2FLG9%2BH517rMIOHVIh9ItQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding identity expires Fri, 15 Nov 2024 19:42:53 GMT server-timing cfL4;desc="?proto=TCP&rtt=18903&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2264&delivery_rate=217054&cwnd=254&unsent_bytes=0&cid=3a452e1980218971&ts=386&x=0" x-goog-stored-content-length 43 date Thu, 14 Nov 2024 19:42:53 GMT content-type image/gif last-modified Wed, 05 May 2021 19:25:32 GMT vary Accept-Encoding x-guploader-uploadid AHmUCY0FIUe_KMwRiyIxInaIbb_zqwDAT537via137HloGK3192QTgRWyfcQuylaA4I_zH6EpMOrKFJ6eQ cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class MULTI_REGIONAL cf-ray 8e297cc04f67dbce-FRA accept-ranges bytes access-control-allow-origin * x-goog-generation 1620242732037093 content-length 43 server cloudflare
POST H2	204	collect www.google-analytics.com/g/	0 0	632ms 37ms	Fetch text/plain	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je4bc0v9102396898za200zb9101576445&_p=1731613365027&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102077855&cid=2024856270.1731613371&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731613372&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1731613365027&tfd=10254 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je4bc0v9101576445za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://paint.toys cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:53 GMT content-type text/plain server Golfe2
GET H2	200	154013155 Show response fundingchoicesmessages.google.com/i/	195 KB 64 KB	699ms 157ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/154013155?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash a5415381126fc95132375547c25e87d7dc4ec6459fe284aa9f1a5edd69b03790 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ry6YK8x0rLfBcg88TjzJlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:53 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg49i69uZNNYMW_ty3MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhobGegZG8QUGAKHOQHE" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ry6YK8x0rLfBcg88TjzJlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	country Show response api.btloader.com/	37 B 154 B	3830ms 186ms	Fetch application/json	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country?o=5150306120761344 Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 9c4520b262bf8198e3c3e55a8d927867838f0376f11e37e0729221ba79a40a93 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37 date Thu, 14 Nov 2024 19:42:57 GMT content-type application/json vary Origin
GET H2	204	pv Show response api.btloader.com/	0 129 B	3829ms 186ms	XHR text/plain	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=lCBQRgyVL&w=5096819819806720&o=5150306120761344&cv=2.1.63&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=y9NM7LDo&pm=false&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers via 1.1 google access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:57 GMT vary Origin
POST H2	204	collect www.google-analytics.com/g/	0 0	156ms 31ms	Fetch text/plain	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4bc0v9101576445za200&_p=1731613365027&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102077855&cid=2024856270.1731613371&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731613371&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=4&tfd=14706 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://paint.toys cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:57 GMT content-type text/plain server Golfe2
GET H2	200	skeleton.js Show response static.adsafeprotected.com/	17 B 461 B	187ms 62ms	Script application/javascript	18.66.112.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js?service=ad&adid=tttjo&adnum=728755 Requested by Host: faucetfoot.com URL: https://faucetfoot.com/chunks/8276905b654970_03f1ce83f07db82e6e5c28be.main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-44.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers etag "53fab767ecbd3bf07990b10246befbd4" x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 age 200 x-cache Hit from cloudfront x-amz-cf-id 25bd3350UGG3LcWZGUZn3iQ2wZsTCf2WiJ9YB81ROTouegf3bgBBpg== date Thu, 14 Nov 2024 19:39:38 GMT content-type application/javascript last-modified Mon, 17 Aug 2020 23:54:35 GMT x-amz-replication-status COMPLETED cache-control max-age=315360000 via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) accept-ranges bytes content-length 17 x-amz-cf-pop FRA56-P5 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	AGSKWxU8xcrxnrYJNO3a_DXb-C69-y0cYdFJYfBCbZQIWKa4BY8fqLVBJHStd1Koqt2QXK6luxrUoOdTVzT072_qKjZscnLt_QUWrfMWCZDrFucGmjDgc6ZYcxbFDrHe4zTFOX88Fga3qw== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	85ms 60ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxU8xcrxnrYJNO3a_DXb-C69-y0cYdFJYfBCbZQIWKa4BY8fqLVBJHStd1Koqt2QXK6luxrUoOdTVzT072_qKjZscnLt_QUWrfMWCZDrFucGmjDgc6ZYcxbFDrHe4zTFOX88Fga3qw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNjEzMzc3LDkwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJEd3k3MWtoM3ZDZyJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 4747a4ea3c0166bf5235bcb2632f69f39125c67a3e76227b01ef2479d2527833 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GJKXNLn9dViD2_MOV5xA4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:57 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Di69uZNN4MeaFyeYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ2N9QyM4gsMAKkhQKs" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GJKXNLn9dViD2_MOV5xA4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame 5CC2	0 0	733ms 71ms	Document text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 245 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 29121 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 19:38:53 GMT expires Thu, 14 Nov 2024 20:28:53 GMT last-modified Mon, 11 Nov 2024 20:42:41 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	1771ms 91ms	Script text/javascript	34.96.70.87
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN (), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers etag 96161c00fc10ad819c09e1314f0ae5b4 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1213 date Thu, 14 Nov 2024 19:42:59 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 14 Nov 2024 17:54:21 GMT server Google Frontend x-cloud-trace-context 19573bcfc4d86de9c176d3a541acb52b
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	1463ms 124ms	Script application/javascript	34.102.146.192
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN (), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-goog-metageneration 1 content-encoding gzip x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== etag "df5542b88bc0e368c6999754a5b9e2ba" age 1958463 x-goog-stored-content-encoding gzip expires Thu, 23 Oct 2025 03:41:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 7927 date Wed, 23 Oct 2024 03:41:56 GMT last-modified Thu, 27 May 2021 18:30:51 GMT content-type application/javascript x-guploader-uploadid AHmUCY3U4AVhwADiL4fQs5_f64WzF3fe5uokvESd7tPAvzHh_Qy2huxI07a9_ZRXayrZBjItqyg5DcU50w cache-control no-transform x-goog-storage-class MULTI_REGIONAL accept-ranges bytes x-goog-generation 1622140251693895 content-length 7927 server UploadServer
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	1770ms 90ms	Script text/javascript	178.250.1.3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=86400, public timing-allow-origin * content-encoding gzip etag W/"670e3454-a69c" cross-origin-resource-policy cross-origin expires Fri, 15 Nov 2024 19:42:59 GMT access-control-allow-origin * date Thu, 14 Nov 2024 19:42:59 GMT content-type text/javascript last-modified Tue, 15 Oct 2024 09:22:28 GMT server nginx
POST H2	200	bdf14efdbd1953a70f94b0f1634b559c9378956d85 Show response faucetfoot.com/submit/0dbfc7232dce/	303 B 773 B	623ms 140ms	Fetch application/json	104.18.24.111
General Check archive.org Show headers Download Go to Full URL https://faucetfoot.com/submit/0dbfc7232dce/bdf14efdbd1953a70f94b0f1634b559c9378956d85 Requested by Host: faucetfoot.com URL: https://faucetfoot.com/chunks/8276905b654970_03f1ce83f07db82e6e5c28be.main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.111 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 534a1d62e6ebcfa381bb8dbd2f48fa87c9656ea620aae66c06c868f830c97ca1 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status DYNAMIC x-buildname hoothoot access-control-allow-methods POST, OPTIONS x-hostname fen-hoothoot-europe-west1-spot-27rk expires Thu, 14 Nov 2024 19:42:57 GMT alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 19:42:58 GMT content-type application/json; charset=utf-8 vary Accept-Encoding, Origin access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie strict-transport-security max-age=15724800; preload cache-control no-cache, no-store, must-revalidate timing-allow-origin * access-control-allow-credentials true x-datacenter gce-europe-west1 via 1.1 google cf-ray 8e297cdf2b3d1cc1-FRA access-control-allow-origin https://paint.toys x-buildnumber 1528792020 server cloudflare
GET H2	200	AGSKWxUUHoK46iOFf-zgklHx05Frlc6hWtWi3Fxy518NWAELmEsTFatAtqiU0bCEeTAz29kbhQhgTcp5zjJHWv3EgkHg3ELf2q7vdSsplf2O-3RjBwe4Iuy92O_kgAu1-csgy-TirHp31A== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	120ms 119ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUUHoK46iOFf-zgklHx05Frlc6hWtWi3Fxy518NWAELmEsTFatAtqiU0bCEeTAz29kbhQhgTcp5zjJHWv3EgkHg3ELf2q7vdSsplf2O-3RjBwe4Iuy92O_kgAu1-csgy-TirHp31A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNjEzMzc3LDk5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGFpbnQudG95cy9vaWwvIixudWxsLFtbOCwiRHd5NzFraDN2Q2ciXSxbOSwiaXQiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 108ef9cd6b0e85718b2eb86703378732ffab0f2927e4391886a321302e81ab7c Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-78vLLaDZLiB7DModZiQ0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:58 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw15BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IZ5y-zLgDiIokrrC1AfLvpCutjIGb4eoWVA4iFuDkOLb25k01gwb5pgkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhoaGxnoGRvEFBgAKrUjy" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-78vLLaDZLiB7DModZiQ0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	iframe.html cdn.intergient.com/pageos/1.11.80/iframe/ Frame AFCA	0 0	3ms 3ms	Document text/html	104.18.20.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/iframe/iframe.html Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers age 8055 cache-control public, max-age=31536000 cf-cache-status HIT cf-ray 8e297cb06e4d9143-FRA content-encoding br content-type text/html date Thu, 14 Nov 2024 19:42:50 GMT hw-country-code IT last-modified Thu, 14 Nov 2024 16:14:48 GMT server cloudflare vary Accept-Encoding via 1.1 bd4e114ece87e9cf66a7eccfeb6c9c4a.cloudfront.net (CloudFront) x-amz-cf-id ZNTtIJG0QOSSxkAEbVQDI714AKqgWEhUlIpzQD4S6UtGAyCCB-vW1w== x-amz-cf-pop MXP63-P2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	345 KB 85 KB	1647ms 84ms	Script application/javascript	18.173.210.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.210.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-210-128.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers vary Accept-Encoding cache-control max-age=3600 content-encoding gzip etag W/"f4218dbb17ff2c3421282ef9135e5375" age 1053 via 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 b4c8f37704271e217979234a38712c42.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 8LRZs_Bm38JXwwLKYk1urshrCUeB4c3mYH0M3yRSs5ILN2rcQTeXWA== date Thu, 14 Nov 2024 19:25:27 GMT content-type application/javascript last-modified Wed, 06 Nov 2024 22:50:43 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P12 x-amz-server-side-encryption AES256
GET H2	200	adbug_ Show response fundingchoicesmessages.google.com/f/AGSKWxX6QUpiZm7PbBEcSGdC90OIpAYQz4fYEp8k8YvAro4baAB_7sCnAinZJOO3nSulDQgxSkp2kzTRlCvrSBbnXJOGgAIqkm5JPoc3cXw0NoamtpY1aIARUZhJxcJPpBD41QiZcBeOsVRy6jD9qOvuaWxMcisQg...	54 B 534 B	79ms 75ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxX6QUpiZm7PbBEcSGdC90OIpAYQz4fYEp8k8YvAro4baAB_7sCnAinZJOO3nSulDQgxSkp2kzTRlCvrSBbnXJOGgAIqkm5JPoc3cXw0NoamtpY1aIARUZhJxcJPpBD41QiZcBeOsVRy6jD9qOvuaWxMcisQgPjeDG73jvdEhdw5wT-yqSsLGr5kO6S5/_/adgalleryheader./buildAdriverBanner./advFrameCollapse./space_ad./adbug_ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzoPmhS0D1rYK5W3p3vrExm2EAQSQ/m=ad_blocking_detection_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 3698affdcc1d44abbaeb7c9e002fae20d7dfd2c41a1c75e2bc7adb142f0d0023 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-uhuAvbDiN7B0oXwcTu65WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:42:59 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4hnnL7MuAOIiiSusLUB8u-kK62MgZvh6hZUDiIV4OA4vvbmTTWDCzcmrmJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0NjfUMjOILDAAXYkSN" content-security-policy script-src 'report-sample' 'nonce-uhuAvbDiN7B0oXwcTu65WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	157 KB 53 KB	655ms 66ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzoPmhS0D1rYK5W3p3vrExm2EAQSQ/m=ad_blocking_detection_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash f3f4ed1341f9f2fd531f501c3ce721f4fbf906802b1f52c68dc1a8ab72ef9767 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br etag 18411647579043015957 x-content-type-options nosniff expires Thu, 14 Nov 2024 19:43:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 14 Nov 2024 19:43:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 53448 x-xss-protection 0 server cafe
POST H2	204	AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Show response fundingchoicesmessages.google.com/el/	0 357 B	527ms 55ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-JHzn__9m0V1a8qpPXlM3Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:43:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uY4svTmTjaBF70NmkouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDQ0FjPwCy-wAAA_hYoRg" content-security-policy script-src 'report-sample' 'nonce-JHzn__9m0V1a8qpPXlM3Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
GET H2	200	syncframe gum.criteo.com/ Frame 0CB6	0 0	733ms 64ms	Document text/html	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent= Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 19:43:00 GMT server Kestrel server-processing-duration-in-ticks 321811 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
POST H2	204	AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Show response fundingchoicesmessages.google.com/el/	0 1 KB	219ms 50ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BC1SfVtseXwruJzKYJVfEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:43:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uY4svTmTjaBAzN3aCq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0NDQ2M9A7P4AgMACTkoag" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BC1SfVtseXwruJzKYJVfEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
GET H2	200	474.a06f43d51aa26adc277d.js Show response cdn.intergient.com/pageos/1.11.80/	3 KB 1 KB	68ms 67ms	Script text/javascript	104.18.21.56
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.11.80/474.a06f43d51aa26adc277d.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/runtime.cb145137015a70928106.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.56 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 1aebb66b197fa09f062d3c39fc4b841cea9b1e9e85146218cf19d526078af4dd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"4e40df765c4b2340e48e0a0795cd7b6b" age 8064 x-cache Hit from cloudfront x-amz-cf-id Eso3oKSiRh1TWh9og9vBsthe57Uo4nYXDqdlD4BTz1XOXNXZpZiPFg== date Thu, 14 Nov 2024 19:43:00 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:48 GMT vary accept-encoding hw-country-code IT cache-control public, max-age=31536000 via 1.1 9d4ff65dfbb2eb35f945c6fa4d05cf3a.cloudfront.net (CloudFront) cf-ray 8e297ce9de03371d-FRA x-amz-cf-pop MXP63-P2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	tyche.js Show response cdn.intergi.com/hera/releases/4.11.43/	487 B 611 B	57ms 56ms	Script text/javascript	104.18.25.242
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.11.43/tyche.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 69b9a2336e2383c3a222943f79d824f176a6e3057b97193e49ebff5f86219564 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT x-amz-version-id 9P5kI_HsVEL3Gk1yGCl0eZsFnDzQHl74 etag W/"9ac24e4718d2ed093036591a47756ac0" age 8064 x-cache Miss from cloudfront x-amz-cf-id PjYorgXqitT_boqXrusByq_bSv-XHLAeAyFFG6ybBukCTPQxYs5U0A== date Thu, 14 Nov 2024 19:43:00 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:42 GMT vary Accept-Encoding cache-control public, max-age=31536000 via 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront) cf-ray 8e297ce9dbf5d223-FRA x-amz-cf-pop FRA56-C2 server cloudflare x-amz-server-side-encryption AES256
POST H2	200	fb87a4ea41 Show response cd836371f1d.cdn.intergient.com/	0 96 B	545ms 107ms	XHR application/octet-stream	3.73.242.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cd836371f1d.cdn.intergient.com/fb87a4ea41 Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-242-72.eu-central-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers access-control-allow-origin * date Thu, 14 Nov 2024 19:43:00 GMT content-type application/octet-stream server nginx/1.24.0
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	251ms 104ms	XHR application/javascript	18.173.210.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.210.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-210-128.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers access-control-max-age 3000 content-encoding gzip x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE etag W/"a4d296427fc806b21335359e398c025c" age 46646 access-control-allow-methods GET x-cache Hit from cloudfront x-amz-cf-id EmHDX-K0ZFKFEn7Ld-o2Ka-diQEedcu4vZJvoR5nGVY8-VaSydo_Rg== date Thu, 14 Nov 2024 19:43:00 GMT content-type application/javascript vary Origin,accept-encoding last-modified Thu, 29 Feb 2024 02:13:08 GMT cache-control public, max-age=86400 via 1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA56-P12 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	bd056b42-51db-43ce-9a8e-3b11319b5d1f Show response config.aps.amazon-adsystem.com/configs/	563 B 829 B	593ms 107ms	Script application/javascript	99.86.4.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-128.fra6.r.cloudfront.net Software CloudFront / Resource Hash 0a24226b810811def317ee02bf0703399b08e300afe117f3df37beb24b25e2bd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=3600 age 3009 via 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront) x-cache Hit from cloudfront content-length 563 x-amz-cf-id k4wgpSsFOWq9uIY8fsx68L_xrfr8AgT7FeTJHa3HhM_J8wdQk0Y1_w== date Thu, 14 Nov 2024 18:52:51 GMT content-type application/javascript x-amz-cf-pop FRA6-C1 server CloudFront
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	3 KB 3 KB	146ms 146ms	XHR application/json	18.173.210.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.210.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-210-128.fra56.r.cloudfront.net Software Server / Resource Hash 0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true via 1.1 b4c8f37704271e217979234a38712c42.cloudfront.net (CloudFront) access-control-allow-origin https://paint.toys x-cache Miss from cloudfront content-length 2862 x-amz-cf-id 08Ne15yrKhAdbvvEdyLbE1MQmHXfyElR0AsJa8BgW8vkm5zCMarj_g== date Thu, 14 Nov 2024 19:42:59 GMT content-type application/json;charset=UTF-8 x-amz-cf-pop FRA56-P12 server Server
GET		bc347d11-99ed-4a47-bbb2-165519896647 https://paint.toys/ Frame	0 0
GET H2	200	runtime.c0f623cab8f617e6e75f.js Show response cdn.intergi.com/hera/releases/4.11.43/	3 KB 2 KB	55ms 54ms	Script text/javascript	104.18.25.242
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.11.43/runtime.c0f623cab8f617e6e75f.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.11.43/tyche.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 68094403c6d76567d57657373f103adb6aea25c5262d53923bc629189ac5b3dc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT etag W/"b020c85a69155d753f3e5a3485264885" x-amz-version-id TY1_Y7AzfhZj5NVI_T7IEF9UEqfp_M59 age 8064 x-cache Miss from cloudfront x-amz-cf-id _C8cAaobNjWH0TgzdVfqXe40DxyAr4x-YUoecVnYLCUyiWbrXDZj5g== date Thu, 14 Nov 2024 19:43:00 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:42 GMT vary accept-encoding cache-control public, max-age=31536000 via 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront) cf-ray 8e297ceb5849d223-FRA x-amz-cf-pop FRA56-C2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	main.43322fef8c7f95d4950e.js Show response cdn.intergi.com/hera/releases/4.11.43/	246 KB 80 KB	65ms 54ms	Script text/javascript	104.18.25.242
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.11.43/main.43322fef8c7f95d4950e.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.11.43/tyche.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 428b15f8b985a116b84eb80211260507f00bd307781a4f91a1c097f54c5df899 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT etag W/"a1d4a55fd6a3ed68533b202d3a38d302" x-amz-version-id gSKRJPitin6OUEkmecPGO_zYjGodPMTq age 8064 x-cache Miss from cloudfront x-amz-cf-id ZYZt2us63yUr2AIi5m-wWyFssoaExja5wrs67jMZdqQDa9teLijNHQ== date Thu, 14 Nov 2024 19:43:00 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:42 GMT vary accept-encoding cache-control public, max-age=31536000 via 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront) cf-ray 8e297cebd99cd223-FRA x-amz-cf-pop FRA56-C2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	lib.82225ced52a6390e480c.js Show response cdn.intergi.com/hera/releases/4.11.43/lib/	1 KB 923 B	54ms 49ms	Script text/javascript	104.18.25.242
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/hera/releases/4.11.43/lib/lib.82225ced52a6390e480c.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.11.43/tyche.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.242 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip cf-cache-status HIT etag W/"26c007e785f82a765ec40fc9a32b0b3c" x-amz-version-id z.6jnnXFRE46KuZ2Jj5XDGMqbNWTyXci age 8064 x-cache Miss from cloudfront x-amz-cf-id IshAxr6coZ0mLkPkHLdrvXYfIigysgtBU6GxIaVFNiYSJLn_hutpdA== date Thu, 14 Nov 2024 19:43:00 GMT content-type text/javascript last-modified Thu, 14 Nov 2024 16:14:42 GMT vary accept-encoding cache-control public, max-age=31536000 via 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront) cf-ray 8e297cebe9b2d223-FRA x-amz-cf-pop FRA56-C2 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	pubcid.min.js Show response secure.cdn.fastclick.net/js/pubcid/latest/	54 KB 17 KB	323ms 94ms	Script application/javascript	23.67.137.210 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js Requested by Host: wxszri.atlanticfoodint.com URL: http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-67-137-210.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "d734-5f2f3919e751f-gzip" expires Thu, 14 Nov 2024 19:58:00 GMT accept-ranges bytes content-length 17407 date Thu, 14 Nov 2024 19:43:00 GMT last-modified Mon, 23 Jan 2023 19:40:17 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16576/	43 KB 13 KB	313ms 95ms	Script text/javascript	65.9.66.122
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16576/sync.min.js Requested by Host: wxszri.atlanticfoodint.com URL: http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.122 , United States, ASN (), Reverse DNS server-65-9-66-122.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers vary Accept-Encoding cache-control public, max-age=86400 content-encoding gzip etag W/"6016bf24a16f4d1d8384c5f7f11c49fb" age 60413 via 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id ytorV5n5RWGGuoCXUcdfUiPmjbIXVjlNvx5DZ9J8oOR4vZR5f3DQ3A== date Thu, 14 Nov 2024 02:56:08 GMT content-type text/javascript last-modified Tue, 20 Aug 2024 18:47:26 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 x-amz-server-side-encryption AES256
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	100 KB 29 KB	1031ms 271ms	Script text/javascript	172.67.38.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: wxszri.atlanticfoodint.com URL: http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br cf-cache-status HIT etag W/"14cd899b51c2c37c71fbf5e1ae6fe38b" age 17 expires Thu, 14 Nov 2024 20:43:01 GMT date Thu, 14 Nov 2024 19:43:01 GMT content-type text/javascript;charset=utf-8 last-modified Wed, 13 Nov 2024 11:06:09 GMT vary Accept-Encoding x-amz-id-2 ApEIBw45d15Fk7aTdYCA0S299ZybqBlcRO7mYPwTWdSSKwCiU396Z6NXFx/tcJJNdo+ynQfYhJ4aHsJkPDLBT/7ngvJCdbd0p8+hpX2wYvE= strict-transport-security max-age=15552000; includeSubDomains; preload cache-control public, max-age=3600 x-amz-request-id JMATKJTDEW6MGPHX cf-ray 8e297cf0fd7637cb-FRA server cloudflare x-amz-server-side-encryption AES256
GET H2	200	launcher-stub.min.js Show response secure.cdn.fastclick.net/js/cnvr-launcher/latest/	14 KB 5 KB	79ms 67ms	Script application/javascript	23.67.137.210 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js Requested by Host: wxszri.atlanticfoodint.com URL: http://wxszri.atlanticfoodint.com/qbtdpcabdiefRM1UzVXZIdTByRTJXT21sSHl3S0otMjQ1LTI2MTU2NjEyLTBkNWQwMjM5LTQ1NC1aT0N0WDR3TWlDckRGQ2pIYnBVeQ/jhrtwprzghusbnrdwasbaemd/n1v8ibdnsu0/emcnqeuspgtw/yyjdufvzyfigvyawwcqzngevgxrls/7596963286264 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-67-137-210.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "38c0-5e92054540ea5-gzip" expires Thu, 14 Nov 2024 19:58:00 GMT accept-ranges bytes content-length 5252 date Thu, 14 Nov 2024 19:43:00 GMT last-modified Tue, 20 Sep 2022 18:52:26 GMT content-type application/javascript server Apache vary Accept-Encoding
POST H2	204	AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Show response fundingchoicesmessages.google.com/el/	0 360 B	53ms 51ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5h8bsMgJpx5vfPttRhrzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:43:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4svTmTjaBA3O6tjIquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0NjPQOz-AIDAC8DKME" content-security-policy script-src 'report-sample' 'nonce-5h8bsMgJpx5vfPttRhrzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
POST H2	204	AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Show response fundingchoicesmessages.google.com/el/	0 349 B	79ms 77ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXB4emmd7tEBgu2Hzo1ulRT3T15LCfZ0pa8rnWXSpfra56-kPYwPTlKYKQnbU7ysZynXH6V4tdbTIuAfZRZ_UJJ5562xkXqaA4w8Dk5evh5ip7vYUhFhpVfjd6dgtGlDNBpgFii9g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rZoE3rFXxjp3AMj0Rv_kyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:43:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4svTmTjaBD5um7mZUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhobGegZm8QUGAEdiKRY" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rZoE3rFXxjp3AMj0Rv_kyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
GET H2	200	AGSKWxW5y9C6JYSOdGnRsgXSsfoHERRdze4HBK1AAQ7dYYO00yxFHXMMQlqYH3OD0un0zl7gnLNAvq9BCZ_ph1ToVFfZm0On2iOQdUozSU6jLnpHf3_dj25iqO44sxGy1Th_KwdpzodWRQ== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	82ms 82ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxW5y9C6JYSOdGnRsgXSsfoHERRdze4HBK1AAQ7dYYO00yxFHXMMQlqYH3OD0un0zl7gnLNAvq9BCZ_ph1ToVFfZm0On2iOQdUozSU6jLnpHf3_dj25iqO44sxGy1Th_KwdpzodWRQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNjEzMzgwLDM0OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJEd3k3MWtoM3ZDZyJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 0eee74dc10df9923ebbecb6685cbc4db03e502d0c76d44c6a69083a2f8100458 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-j0P5xfI_1dgzFWUw_fU3Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:43:00 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw15BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IZ5y-zLgDiIokrrC1AfLvpCutjIGb4eoWVA4iFeDiOLL25k03gxvUnl5iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDY31DIziCwwAg_FKVw" content-security-policy script-src 'report-sample' 'nonce-j0P5xfI_1dgzFWUw_fU3Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	424 KB 145 KB	1187ms 311ms	Script text/javascript	216.58.206.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/hera/releases/4.11.43/main.43322fef8c7f95d4950e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f10.1e100.net Software sffe / Resource Hash ae050a0159c9519b836bf5a1a8ffb7c5c45611037cc18b40ed51b8af41eb10c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private, max-age=900, stale-while-revalidate=3600 content-encoding gzip cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} x-content-type-options nosniff expires Thu, 14 Nov 2024 19:43:01 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148159 date Thu, 14 Nov 2024 19:43:01 GMT x-xss-protection 0 content-type text/javascript vary Accept-Encoding server sffe
POST H2	200	prebid Show response id5-sync.com/api/config/	194 B 659 B	1148ms 281ms	Fetch application/json	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/config/prebid Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash 1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys p3p CP="CAO PSA OUR" date Thu, 14 Nov 2024 19:43:00 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin access-control-allow-credentials true
GET H2	200	id Show response id.crwdcntrl.net/	43 B 313 B	798ms 316ms	Fetch application/json	34.251.18.147
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.251.18.147 Dublin, Ireland, ASN (), Reverse DNS ec2-34-251-18-147.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV content-length 43 date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json;charset=utf-8 x-server 10.45.26.77 server Jetty(9.4.38.v20210224)
GET		f fid.agkn.com/	0 0
GET H2	200	envelope Show response lexicon.33across.com/v1/	49 B 246 B	751ms 272ms	Fetch application/json	35.244.193.51 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 51.193.244.35.bc.googleusercontent.com Software / Resource Hash d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control private, must-revalidate, max-age=28800 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://paint.toys alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49 date Thu, 14 Nov 2024 19:43:00 GMT content-type application/json vary origin
GET H2	204	any Show response idx.liadm.com/idex/did-0046/	0 367 B	754ms 275ms	Fetch	3.93.160.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.93.160.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-93-160-245.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=3599, private trace-id 99ec3a69e6e47a85 request-time 1 access-control-allow-credentials true expires Thu, 14 Nov 2024 20:43:01 GMT access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT vary Origin
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 373 B	730ms 271ms	XHR text/javascript	18.66.143.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&pid=r5rR7EkIEPzSX&cb=0&ws=1600x1200&v=24.1105.2150&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.143.149 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-143-149.fra60.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding gzip access-control-allow-credentials true via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) access-control-allow-origin https://paint.toys x-cache Miss from cloudfront content-length 43 x-amz-cf-id bTH8wLQrJGxY0XkcjWXgr0hwRCZd6KCK2r8iPh8CIyNdI7h1ZPd3RQ== date Thu, 14 Nov 2024 19:43:00 GMT content-type text/javascript;charset=UTF-8 x-amz-cf-pop FRA60-P4 server Server
POST H2	204	AGSKWxWUm8CnaVqXuICMe1hVyF7curKvrjwN6sl4Wk551Uk2JUFtifgrnJbwNBDPoiF5Mbm709PwOocPNt34CMOyXcjJTA9w1RqBRmSQcvgvob1Nl8bk_5u1ZiKVQIC5QJy4_Iy05o6QWw== Show response fundingchoicesmessages.google.com/el/	0 358 B	95ms 82ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWUm8CnaVqXuICMe1hVyF7curKvrjwN6sl4Wk551Uk2JUFtifgrnJbwNBDPoiF5Mbm709PwOocPNt34CMOyXcjJTA9w1RqBRmSQcvgvob1Nl8bk_5u1ZiKVQIC5QJy4_Iy05o6QWw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.Dwy71kh3vCg.es5.O/am=GAw/d=1/rs=AJlcJMyhuR-Sn9UdL37bs4k8yKVvKykEFA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-_xmuzAD05HOe9BzTqiVzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:43:00 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uE4svTmTjaBExePL2dWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhobGegZm8QUGAFRgKTw" content-security-policy script-src 'report-sample' 'nonce-_xmuzAD05HOe9BzTqiVzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://paint.toys content-length 0 x-xss-protection 0 server ESF
GET H2	200	launcher.min.js Show response secure.cdn.fastclick.net/js/cnvr-launcher/latest/	49 KB 17 KB	660ms 405ms	Script application/javascript	23.67.137.210 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-67-137-210.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "c4b6-5e920545406d3-gzip" expires Thu, 14 Nov 2024 19:58:02 GMT accept-ranges bytes content-length 17042 date Thu, 14 Nov 2024 19:43:02 GMT last-modified Tue, 20 Sep 2022 18:52:26 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	topics_frame.html pa.openx.net/ Frame 0BAC	0 0	443ms 64ms	Document text/html	34.36.214.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pa.openx.net/topics_frame.html?bidder=openx Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.214.36.34.bc.googleusercontent.com Software UploadServer / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 237 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=3600 content-length 1036 content-type text/html; charset=utf-8 date Thu, 14 Nov 2024 19:39:04 GMT etag "c5379e35e267deacc52e06ed0f5fa81f" last-modified Mon, 22 Jan 2024 14:38:43 GMT server UploadServer supports-loading-mode fenced-frame vary Origin x-allow-fledge true x-goog-generation 1705934323795552 x-goog-hash crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw== x-goog-metageneration 1 x-goog-storage-class STANDARD x-goog-stored-content-encoding identity x-goog-stored-content-length 1036 x-guploader-uploadid AHmUCY3wT5RCyLBOumms1rgwnmZcsL7lQJFvkMjd9Htm8QOaqqrZ6A32ScOUdXfavQ1xodXfmNY8ykBoGQ
GET H2	200	topics_frame.html ads.pubmatic.com/AdServer/js/topics/ Frame D5E2	0 0	484ms 106ms	Document text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=110857 content-encoding gzip content-length 859 content-type text/html date Thu, 14 Nov 2024 19:43:01 GMT expires Sat, 16 Nov 2024 02:30:38 GMT last-modified Tue, 21 Mar 2023 05:02:13 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
POST H2	200	cookie_sync Show response prebid-server.rubiconproject.com/	3 KB 792 B	778ms 37ms	Fetch application/json	69.173.144.137
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/cookie_sync Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.144.137 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash dbc24ca4437f59025e598d322bd521eb2cbf5b65a60b64fd8af47da5eb430d7f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys content-length 652 content-type application/json vary origin
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	346 B 333 B	1540ms 805ms	Fetch application/json	69.173.144.137
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.144.137 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash 4b82acd0d8ba14a0c01a03ddfd2f77290a47b6d483d800af51c9e8351ee11aa1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip pragma no-cache access-control-allow-credentials true observe-browsing-topics ?1 expires 0 access-control-allow-origin https://paint.toys content-length 260 x-prebid pbs-java/3.14.0 content-type application/json vary origin
POST H2	200	prebidjs Show response rtb.openx.net/openrtbb/	53 B 269 B	734ms 355ms	Fetch text/plain	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb.openx.net/openrtbb/prebidjs Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software / Resource Hash e961151a9bbcbab401355f30fbf274b77e549527e160945d6650386de4ca731f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers content-encoding gzip x-forwarded-for 185.198.62.83 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://paint.toys alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77 date Thu, 14 Nov 2024 19:43:00 GMT content-type text/plain vary Origin
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	467 B 1 KB	637ms 260ms	Fetch application/json	185.89.210.82 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 2d5564fcb1959720c0f4ac88b43ebdc4bc7a5972223c8dd2faf0990648c6d29d Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 185.198.62.83; 185.198.62.83; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin https://paint.toys an-x-request-uuid 6f5f0599-d191-472d-992e-00d8569312c1 content-length 467 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Thu, 14 Nov 2024 19:43:01 GMT x-xss-protection 0 content-type application/json; charset=utf-8 server nginx/1.23.4
POST H2	200	hb-multi Show response hb.yellowblue.io/	331 B 752 B	651ms 303ms	Fetch application/json	52.222.236.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hb.yellowblue.io/hb-multi Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-9.fra56.r.cloudfront.net Software istio-envoy / Resource Hash 2e03a0abbba4732c818be0a0b4c3cf043502e580d73b18e8529227cace0658fd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers content-encoding gzip x-envoy-upstream-service-time 138 access-control-allow-credentials true access-control-allow-methods GET, OPTIONS via 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront) access-control-allow-origin https://paint.toys x-cache Miss from cloudfront content-length 235 x-amz-cf-id pbPkAttRBG6QKgdpQbL8Uh1-Jx4VFzLYXX4s58XzuqCH0UPq0fYxAQ== date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json x-amz-cf-pop FRA56-P4 server istio-envoy x-reason auction result is empty access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	694 B 1 KB	1014ms 172ms	Fetch application/json	69.173.156.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=63365c9f-d70f-4094-b64c-b2c2931d5d28%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v9.11.0&x_source.tid=acff7904-dbc1-4b73-8e90-a1685bb91380&l_pb_bid_id=6663dcd8700640d&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=297fde4f-7ee5-4a39-b1ac-d800b48f8562&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.5582682524952398 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.6 / Resource Hash ee01149c3a93891a7e751d1e0030ffd0fc4ab411b3be11055464761442c4cd71 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json vary Accept-Encoding server nginx/1.21.6
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	526 B 868 B	993ms 165ms	Fetch application/json	69.173.156.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=63365c9f-d70f-4094-b64c-b2c2931d5d28%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_btf&tg_i.pbadslot=pw-160x600_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=acff7904-dbc1-4b73-8e90-a1685bb91380&l_pb_bid_id=670766d2dddf8d6&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=00b9243c-a235-4b8b-b932-747a891ee64c&rp_maxbids=1&p_gpid=pw-160x600_btf&m_ch_mobile=%3F0&slots=1&rand=0.07012423118100708 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.6 / Resource Hash 0b737c6d116f8d8b87a4c6b629a4a5ed08f720fd1c8beb5b6df600c51f224ed0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT access-control-allow-origin https://paint.toys content-length 526 date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json vary Accept-Encoding server nginx/1.21.6
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 2 KB	1425ms 662ms	Fetch application/json	69.173.156.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=63365c9f-d70f-4094-b64c-b2c2931d5d28%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_atf&tg_i.pbadslot=leaderboard_atf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=acff7904-dbc1-4b73-8e90-a1685bb91380&l_pb_bid_id=687d9bf83243818&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=fb64a930-5c27-4fde-b052-b0d81b1c085b&rp_maxbids=1&p_gpid=leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.4361684251088478 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.6 / Resource Hash 20f0abacc1bb03064710dd05e34ab0708e9b0e967c7e63d90a458c5e89620f15 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip pragma no-cache access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:02 GMT content-type application/json vary Accept-Encoding server nginx/1.21.6
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	532 B 874 B	930ms 168ms	Fetch application/json	69.173.156.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=63365c9f-d70f-4094-b64c-b2c2931d5d28%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_btf&tg_i.pbadslot=leaderboard_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=acff7904-dbc1-4b73-8e90-a1685bb91380&l_pb_bid_id=69cba48d62b335d&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=3131ef08-9ad9-457a-8077-dddc41ba2a4c&rp_maxbids=1&p_gpid=leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.6347809866313994 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.6 / Resource Hash 78770a84757d982374f6c07ec90663e4d1f9cb8d7e92a81572426265a190e297 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT access-control-allow-origin https://paint.toys content-length 532 date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json vary Accept-Encoding server nginx/1.21.6
GET H2	200	imp Show response g2.gumgum.com/hbid/	3 KB 1 KB	942ms 303ms	Fetch application/json	52.30.73.153
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1731613380933&to=-60&aun=pw-160x600_atf&pubcid=63365c9f-d70f-4094-b64c-b2c2931d5d28&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=1331 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.73.153 Dublin, Ireland, ASN (), Reverse DNS ec2-52-30-73-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 66847ffce1a3b3c9e923b69357441d596ffabf2e52706c46b450953f8ed5c7e7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control private, no-store, must-revalidate, max-age=0 timing-allow-origin * content-encoding gzip pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json;charset=UTF-8 server nginx
GET H2	200	imp Show response g2.gumgum.com/hbid/	3 KB 1 KB	933ms 294ms	Fetch application/json	52.30.73.153
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1731613380933&to=-60&aun=pw-160x600_btf&pubcid=63365c9f-d70f-4094-b64c-b2c2931d5d28&gpid=pw-160x600_btf&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=1331 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.73.153 Dublin, Ireland, ASN (), Reverse DNS ec2-52-30-73-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash d790943b27f40f1e3ba72a191860cfcfd45c1479ece19a05dc568982a3ddde1b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control private, no-store, must-revalidate, max-age=0 timing-allow-origin * content-encoding gzip pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json;charset=UTF-8 server nginx
GET H2	200	imp Show response g2.gumgum.com/hbid/	3 KB 1 KB	933ms 294ms	Fetch application/json	52.30.73.153
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1731613380933&to=-60&aun=leaderboard_atf&pubcid=63365c9f-d70f-4094-b64c-b2c2931d5d28&gpid=leaderboard_atf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=1331 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.73.153 Dublin, Ireland, ASN (), Reverse DNS ec2-52-30-73-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash adac848a6fd81621afae56d2913a317fb61b23b05e03d72050402e36288cdcdf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control private, no-store, must-revalidate, max-age=0 timing-allow-origin * content-encoding gzip pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json;charset=UTF-8 server nginx
GET H2	200	imp Show response g2.gumgum.com/hbid/	3 KB 1 KB	911ms 276ms	Fetch application/json	52.30.73.153
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1731613380933&to=-60&aun=leaderboard_btf&pubcid=63365c9f-d70f-4094-b64c-b2c2931d5d28&gpid=leaderboard_btf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=1331 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.73.153 Dublin, Ireland, ASN (), Reverse DNS ec2-52-30-73-153.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash d897d2cdd6154309966aab81f24ba8298e30c0e20dd457a83e81062dba4db29c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control private, no-store, must-revalidate, max-age=0 timing-allow-origin * content-encoding gzip pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json;charset=UTF-8 server nginx
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 754 B	912ms 268ms	Fetch application/json	18.157.230.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=9.11.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&gdpr=false&fledge=true Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.157.230.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-230-4.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip pragma no-cache accept-ch sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width access-control-allow-credentials true expires Thu, 15 Oct 1992 20:10:00 GMT access-control-allow-origin https://paint.toys x-auction-status 29, 29, 29, 29, 29 x-xss-protection 0 content-type application/json; charset=utf-8 vary Accept-Encoding
POST H2	200	hbjson Show response grid.bidswitch.net/	24 B 311 B	3527ms 2219ms	Fetch application/json	178.250.1.56 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://grid.bidswitch.net/hbjson Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 1b7cc00e4ca16d6b495cb508e33ea383034adf5315b42d158b3f7d7dd15973d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=31536000; preload; cache-control no-store, must-revalidate, no-cache content-encoding br cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:02 GMT content-type application/json vary Accept-Encoding, Origin server Kestrel
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 109 B	932ms 299ms	Fetch	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache, no-store, must-revalidate access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT access-control-allow-credentials true
POST H2	200	pbjs Show response htlb.casalemedia.com/openrtb/	6 KB 2 KB	931ms 298ms	Fetch application/json	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/openrtb/pbjs?s=1031634 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 646dea1f63701df21934259e4375212b5d6fb76b1f93f592790b8cd17e495cb9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC pragma no-cache access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2prBExXAZFfsWZLoX19OjETUUrOCa%2B36wSUgJwda16yEA8OKClYLiKTN4xWIuIkZn5KHYc60%2FOW7mPnVBlWUvTPi%2BKtx6a4YmKYu44LuDCV59Lt6XT7ItEIyeRrln75e0niN2rAd"}],"group":"cf-nel","max_age":604800} cf-ray 8e297cf3380f6aea-FRA expires 0 access-control-allow-origin https://paint.toys alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 19:43:01 GMT content-type application/json vary Accept-Encoding server cloudflare
POST H2	200	request Show response grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/	10 KB 4 KB	3513ms 2219ms	Fetch application/json	178.250.1.4
General Check archive.org Show headers Download Go to Full URL https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.11.0&cb=18234411103&lsavail=1&bundle=lKMXll9yWXBVRkxJaEdMd1lRUk0lMkJRM2pkcDlqaUEwZzZHZWw4d1ZPSzRYMkMzSGEwSyUyRndwRzg3ciUyRlc3SjdLJTJGMjZ1TkNWJTJGYjI2OG9CN3pmVzFCNTRCUmIxTm5RS3cxWSUyQnE1dUJkVjBPREhucjFzUTFDcDN1MW12OG1qSEh5UjZPNEhJUktPR0YlMkJwMmJkaGVVUExYOVNveXBPQSUzRCUzRA&networkId=6163 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.4 , France, ASN (), Reverse DNS Software Kestrel / Resource Hash b1f6567e102056eca4b28ebb4c5fd5e385316c7791df4f02068c9a345721cdb1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=31536000; preload; content-encoding br cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:02 GMT content-type application/json vary Accept-Encoding, Origin server Kestrel
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 116 B	899ms 281ms	Fetch	18.156.199.224
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.199.224 Frankfurt am Main, Germany, ASN (), Reverse DNS ec2-18-156-199-224.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys access-control-allow-credentials true
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 116 B	917ms 300ms	Fetch	18.156.199.224
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.199.224 Frankfurt am Main, Germany, ASN (), Reverse DNS ec2-18-156-199-224.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys access-control-allow-credentials true
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 116 B	895ms 278ms	Fetch	18.156.199.224
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.199.224 Frankfurt am Main, Germany, ASN (), Reverse DNS ec2-18-156-199-224.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys access-control-allow-credentials true
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 116 B	920ms 303ms	Fetch	18.156.199.224
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.199.224 Frankfurt am Main, Germany, ASN (), Reverse DNS ec2-18-156-199-224.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys access-control-allow-credentials true
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 117 B	913ms 297ms	Fetch	18.156.199.224
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.199.224 Frankfurt am Main, Germany, ASN (), Reverse DNS ec2-18-156-199-224.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys access-control-allow-credentials true
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 116 B	918ms 302ms	Fetch	18.156.199.224
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.199.224 Frankfurt am Main, Germany, ASN (), Reverse DNS ec2-18-156-199-224.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; access-control-allow-origin https://paint.toys access-control-allow-credentials true
GET H2	200	j Show response rp.liadm.com/ Redirect Chain https://rp.liadm.com/j?dtstmp=1731613381270&did=did-0046&se=e30&duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fwxsz... https://rp.liadm.com/j?dtstmp=1731613381270&did=did-0046&se=e30&duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fwxsz...	13 B 380 B	268ms 139ms	Fetch application/json	3.208.47.161
General Check archive.org Show headers Download Go to Full URL https://rp.liadm.com/j?dtstmp=1731613381270&did=did-0046&se=e30&duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&cd=.paint.toys&n3pc=true Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 3.208.47.161 Ashburn, United States, ASN (), Reverse DNS ec2-3-208-47-161.compute-1.amazonaws.com Software / Resource Hash efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers x-pixel-event-id 18b88db8-201b-4583-bb96-4ee5395add2c access-control-max-age 86400 access-control-expose-headers * access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin https://paint.toys content-length 13 date Thu, 14 Nov 2024 19:43:04 GMT content-type application/json Redirect headers access-control-max-age 86400 access-control-expose-headers * location /j?dtstmp=1731613381270&did=did-0046&se=e30&duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&cd=.paint.toys&n3pc=true access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin https://paint.toys content-length 0 date Thu, 14 Nov 2024 19:43:02 GMT
GET H2	200	usermatch ssum-sec.casalemedia.com/ Frame A234 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent... https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp...	0 0	301ms 288ms	Document text/html	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 8e297d074d09dc9a-FRA content-encoding br content-type text/html date Thu, 14 Nov 2024 19:43:05 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qx88%2B%2FCT4zg856zKWOM%2FJ6J4rY7VXh4QTqyYSj3BrzC7Zw2jdIHFzRz%2B9XElixrd36PSjrYrXCYx2AoYxhSuGg%2FX9DX81iWqBCX5PXiOkym4vrYF16DjdK8ahKZNAhcS7VWnQCC2zwoQCA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 8e297d05e92cdc9a-FRA content-length 0 date Thu, 14 Nov 2024 19:43:04 GMT expires 0 location /usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBAkOe%2Bq5NquKwUpwcB1ckSniJOJ0wIx0ig3nV7H8C26o7n1KH8FGL9zaOhVW3XP0UnD6wf6yhGP65Gvas7GzB8%2Bg3EAQZPbZsT6l4erJRkKgXerRlWdsgoiFcYQU8YI5vEHtyj%2BLb9mRw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	45 B 282 B	2651ms 24ms	Fetch application/json	162.19.138.83 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532338.ip-162-19-138.eu Software / Resource Hash a264057ac9b1f5ce20b459854cd2c96a72cb0dd9fa7c72851895bb77748ac631 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:04 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 9C13	0 0	283ms 68ms	Document text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=34596 content-encoding gzip content-length 6694 content-type text/html date Thu, 14 Nov 2024 19:43:04 GMT expires Fri, 15 Nov 2024 05:19:40 GMT last-modified Wed, 13 Nov 2024 05:14:24 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	151 KB 45 KB	626ms 477ms	Fetch text/plain	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3700161718954449&correlator=956319009192792&eid=31089017%2C95345000&output=ldjh&gdfp_req=1&vrg=202411110103&ptt=17&impl=fifs&gdpr=0&npa=1&iu_parts=154013155%2C1024872%2C74068%2Cpublisher%3A1024872-website%3A74068-160x600%2Cpublisher%3A1024872-website%3A74068-160x600-CP%2Cpublisher%3A1024872-website%3A74068-160x600-CP-160x600&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=160x600%7C120x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1731613384415&lmt=1731613384&adxs=20&adys=614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=http%3A%2F%2Fwxszri.atlanticfoodint.com%2F&vis=1&psz=180x1097&msz=160x-1&fws=4&ohw=180&td=1&egid=46778&tan=ebb816b1-4987-4283-b5cc-7cc8fee5b526&tdf=2&topics=5&tps=5&htps=5&a3p=EjQKCnB1YmNpZC5vcmcSJDYzMzY1YzlmLWQ3MGYtNDA5NC1iNjRjLWIyYzI5MzFkNWQyOFgBEh0KDmVzcC5jcml0ZW8uY29tGPGKzeGyMkgAUgIIZBIUCgVvcGVueBjEls3hsjJIAFICCG8SFwoIcnRiaG91c2UY8ZjN4bIySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731613364851&idt=8302&prev_scp=pos%3Datf%26slot_id%3Dpw-160x600_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3D160x600%26lld_id%3D75f99c1aa22b40718ef8398d10a31cbf13380779%26price_floor%3Dna%26amznbid%3D2%26amznp%3D2&cust_params=pf_src%3Dml%26li-module-enabled%3Dt1-e0%26salad%3Dchef%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_casual%26referrer%3Dhttp%253A%252F%252Fwxszri.atlanticfoodint.com%252F%26tyche_code%3D4.11.43%26pageos_code%3D1.11.80%26hour%3D20%26day%3DThursday%26referrer_domain%3Dwxszri.atlanticfoodint.com%26OS%3DLinux%2520null%26browser%3DChrome%2520130%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26website_id%3D74068%26refresh_count%3D0%26tyche_version%3D4.11.43%26ab_test%3Dna_A%26page_focus%3Dtrue&adks=2747221344&frm=20&eoidce=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 316e300ff1c64d519fa71b2bdf695635102fb376c4004db761ba1c4e641ab4eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers content-encoding br google-lineitem-id -1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 14 Nov 2024 19:43:05 GMT content-type text/plain; charset=UTF-8 google-creative-id -1 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://paint.toys content-length 46160 x-xss-protection 0 server cafe
GET H2	200	container.html 6393234e605feac89b84831eebe75819.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FE0	0 0	895ms 49ms	Document text/html	142.250.185.65 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6393234e605feac89b84831eebe75819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.65 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 19:43:05 GMT expires Thu, 14 Nov 2024 19:43:05 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	483.json Show response id5-sync.com/g/v2/	251 B 441 B	150ms 120ms	Fetch application/json	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/483.json Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash 3c374a81041820e50f0bfb1b32469c76a7256aecc7a5e65a35bf248d1d1f2ea0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:04 GMT content-type application/json vary Origin access-control-allow-credentials true
GET H2	200	launcher Show response proc.ad.cpe.dotomi.com/cvx/client/direct/	190 B 460 B	984ms 83ms	XHR application/json	64.158.223.146
General Check archive.org Show headers Download Go to Full URL https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681 Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 64.158.223.146 Amsterdam, Netherlands, ASN (), Reverse DNS ams02-convex-float1.dotomi.com Software nginx / Resource Hash 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=1800 accept-ch Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness access-control-allow-credentials true expires Thu, 14 Nov 2024 20:13:05 GMT access-control-allow-origin https://paint.toys content-length 190 date Thu, 14 Nov 2024 19:43:05 GMT content-type application/json vary Origin server nginx
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/	0 239 B	722ms 82ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=0&gdpr_consent=&account=12556&us_privacy=&gpp_sid=&gpp= Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 5b959e9b7aef6dd90a6fa539ca64ac62 Pragma no-cache Content-Type image/gif
POST H2	200	fb87a4ea41 Show response cd836371f1d.cdn.intergient.com/	0 96 B	62ms 51ms	XHR application/octet-stream	3.73.242.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cd836371f1d.cdn.intergient.com/fb87a4ea41 Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.11.80/main.d1b3db1b74992081b288.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-242-72.eu-central-1.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers access-control-allow-origin * date Thu, 14 Nov 2024 19:43:05 GMT content-type application/octet-stream server nginx/1.24.0
GET H2	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	67 B 580 B	1209ms 108ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpaint.toys%2Foil%2F Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Thu, 14 Nov 2024 19:43:06 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 35 date Thu, 14 Nov 2024 19:43:06 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	bounce Show response id5-sync.com/	30 B 228 B	50ms 49ms	Fetch text/plain	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/bounce Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:05 GMT content-type text/plain;charset=utf-8 vary Origin access-control-allow-credentials true
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	45 B 281 B	51ms 50ms	Fetch application/json	162.19.138.83 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532338.ip-162-19-138.eu Software / Resource Hash 91203e1386b38f2b28f16f30878f77fb1f3b0669e2762455919d115df80f8fd3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:04 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	container.html 6393234e605feac89b84831eebe75819.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 392F	0 0	14ms 14ms	Document text/html	142.250.185.65 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6393234e605feac89b84831eebe75819.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110103/pubads_impl.js?cb=31089017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.65 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 19:43:05 GMT expires Thu, 14 Nov 2024 19:43:05 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/dmp/ Frame D0B4	0 0	850ms 320ms	Document text/html	2.16.10.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.10.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-10-177.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Thu, 14 Nov 2024 19:43:06 GMT ETag "623de86a-cf34" Expires Fri, 15 Nov 2024 19:43:08 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
GET H2	200	ixmatch.html js-sec.indexww.com/um/ Frame 921A	0 0	388ms 93ms	Document text/html	104.18.24.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers age 199 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 8e297d0dbb5e35ea-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 19:43:05 GMT expires Thu, 14 Nov 2024 23:43:05 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H2	200	sync eb2.3lift.com/ Frame 6B81	0 0	774ms 258ms	Document image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync? Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif date Thu, 14 Nov 2024 19:43:06 GMT
GET H2	200	cs.html sdk.streamrail.com/cs-config/ Frame ED46	0 0	1219ms 250ms	Document text/html	18.173.205.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.streamrail.com/cs-config/cs.html?org=6280c6f1899612000123320b&tc=62fa3ffe716915000133a9c7&as=62fa3ffe716915000133a9c9&type=hb&wd=cs.yellowblue.io&domain=paint.toys&gdpr=1&gdpr_consent= Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.205.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-205-36.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 53836 content-length 3480 content-type text/html date Thu, 14 Nov 2024 04:45:51 GMT etag "a0a441bd34ade33598ec2a72125b5709" last-modified Wed, 22 Mar 2023 13:07:05 GMT server AmazonS3 via 1.1 ee047aee7532c119ede08bf41f5f0762.cloudfront.net (CloudFront) x-amz-cf-id RkpFgcXfLdvGs_U7844O8U47gxwVbMnMxXnCRpDL7P90h4ryeh8wwA== x-amz-cf-pop FRA56-P12 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	syncframe gum.criteo.com/ Frame 1DCC	0 0	80ms 78ms	Document text/html	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paint.toys&gpp= Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 19:43:05 GMT server Kestrel server-processing-duration-in-ticks 829197 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 696F	0 0	81ms 80ms	Document text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent= Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=34595 content-encoding gzip content-length 6694 content-type text/html date Thu, 14 Nov 2024 19:43:05 GMT expires Fri, 15 Nov 2024 05:19:40 GMT last-modified Wed, 13 Nov 2024 05:14:24 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	usync.html eus.rubiconproject.com/ Frame 38D9	0 0	2736ms 91ms	Document text/html	184.30.22.30 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?gdpr=0 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-22-30.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 224 content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 19:43:08 GMT etag "28052a-10d-6142d69a886c0" last-modified Thu, 21 Mar 2024 15:32:19 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding
GET H2	200	pd playwire-d.openx.net/w/1.0/ Frame 0D0E Redirect Chain https://playwire-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent= https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=	0 0	184ms 70ms	Document text/html	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent= Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 492 content-type text/html date Thu, 14 Nov 2024 19:43:06 GMT p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Thu, 14 Nov 2024 19:43:05 GMT location https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent= p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 via 1.1 google
POST H2	200	prebid Show response id5-sync.com/api/config/	195 B 470 B	46ms 43ms	Fetch application/json	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/config/prebid Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash 7e4d2c9111e1ca31b5e2e4bfd5a66925f07c0c232672f31481c6b66a89b26f16 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:05 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin access-control-allow-credentials true
GET H2	200	id Show response id.crwdcntrl.net/	43 B 313 B	293ms 292ms	Fetch application/json	34.251.18.147
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.251.18.147 Dublin, Ireland, ASN (), Reverse DNS ec2-34-251-18-147.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control no-cache pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://paint.toys p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV content-length 43 date Thu, 14 Nov 2024 19:43:05 GMT content-type application/json;charset=utf-8 x-server 10.45.29.30 server Jetty(9.4.38.v20210224)
GET		f fid.agkn.com/	0 0
GET H2	200	envelope Show response lexicon.33across.com/v1/	49 B 0	2ms 2ms	Fetch application/json	35.244.193.51 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 51.193.244.35.bc.googleusercontent.com Software / Resource Hash d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control private, must-revalidate, max-age=28800 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://paint.toys alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49 date Thu, 14 Nov 2024 19:43:00 GMT content-type application/json vary origin
GET H2	204	any Show response idx.liadm.com/idex/did-0046/	0 0	9ms 9ms	Fetch	3.93.160.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jcp36m4sypcyqhn0bz5kcv0g&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.93.160.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-93-160-245.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type text/plain Referer https://paint.toys/ Response headers cache-control max-age=3599, private trace-id 99ec3a69e6e47a85 request-time 1 access-control-allow-credentials true expires Thu, 14 Nov 2024 20:43:01 GMT access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:01 GMT vary Origin
GET H2	200	9.gif id5-sync.com/s/441/	43 B 1 KB	65ms 48ms	Image image/gif	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload p3p CP="CAO PSA OUR" date Thu, 14 Nov 2024 19:43:05 GMT content-type image/gif;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	sync x.bidswitch.net/ Redirect Chain https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=540c21e0-38ec-4d8a-994e-179993db5706&google_hm=NTQwYzIxZTAtMzhlYy00ZDhhLTk5NGUtMTc5OTkzZGI... https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENUcaKbcERTmQGEGPDMhyh0&google_cver=1&ssp=themediagrid&bsw_param=540c21e0-38ec-4d8a-994e-179993db5706&gdpr_consent=&gdpr=0	43 B 104 B	200ms 123ms	Image image/gif	35.214.136.108 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENUcaKbcERTmQGEGPDMhyh0&google_cver=1&ssp=themediagrid&bsw_param=540c21e0-38ec-4d8a-994e-179993db5706&gdpr_consent=&gdpr=0 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 108.136.214.35.bc.googleusercontent.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers via 1.1 google cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 date Thu, 14 Nov 2024 19:43:08 GMT content-type image/gif Redirect headers cache-control no-cache, must-revalidate location https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENUcaKbcERTmQGEGPDMhyh0&google_cver=1&ssp=themediagrid&bsw_param=540c21e0-38ec-4d8a-994e-179993db5706&gdpr_consent=&gdpr=0 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 394 date Thu, 14 Nov 2024 19:43:08 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
POST H2	200	v3 Show response id5-sync.com/gm/	319 B 509 B	56ms 55ms	XHR application/json	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/gm/v3 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash 508e33f5b6bdcbfbee05a3ae3ed345bd57c261b944850de65420d004d9a2628d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:05 GMT content-type application/json vary Origin access-control-allow-credentials true
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	45 B 281 B	671ms 647ms	Fetch application/json	162.19.138.83 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532338.ip-162-19-138.eu Software / Resource Hash bad91757000de9ec9c93d6368b7ed02a852e461b8a186ecf0486257739a8125e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:04 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	204	v1 match.sharethrough.com/FGMrCMMc/	0 58 B	752ms 42ms	Image text/plain	18.197.30.174 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/FGMrCMMc/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.197.30.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-30-174.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers strict-transport-security max-age=16000000; includeSubDomains; preload;
GET H2	200	coreid.min.js Show response secure.cdn.fastclick.net/js/cnvr-coreid/latest/	229 KB 66 KB	72ms 71ms	Script application/javascript	23.67.137.210 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-67-137-210.deploy.static.akamaitechnologies.com Software Apache / Resource Hash eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers cache-control max-age=900 content-encoding gzip etag "394d0-60864a57eaadc-gzip" expires Thu, 14 Nov 2024 19:58:05 GMT accept-ranges bytes content-length 67550 date Thu, 14 Nov 2024 19:43:05 GMT last-modified Mon, 23 Oct 2023 16:23:46 GMT content-type application/javascript server Apache vary Accept-Encoding
POST H2	200	483.json Show response id5-sync.com/g/v2/	251 B 441 B	272ms 48ms	Fetch application/json	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/483.json Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash af557da23b99a45ecf40c0f1c3b923d2035310d1c23963e04fdb7a26d8406338 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://paint.toys/ Response headers strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-origin https://paint.toys date Thu, 14 Nov 2024 19:43:06 GMT content-type application/json vary Origin access-control-allow-credentials true
GET H2	200	sync eb2.3lift.com/ Frame 315B Redirect Chain https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%... https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%...	0 0	126ms 0ms	Document text/html	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1 Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate content-length 1267 content-type text/html; charset=utf-8 date Thu, 14 Nov 2024 19:43:06 GMT p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 date Thu, 14 Nov 2024 19:43:06 GMT location /sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID&ld=1 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	setuid prebid-server.rubiconproject.com/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D... https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-server.rubiconproject.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526gpp%253D%25... https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3240452640532361633	86 B 624 B	634ms 579ms	Image image/png	69.173.144.137
General Check archive.org Show headers Download Go to Show image Full URL https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3240452640532361633 Requested by Host: paint.toys URL: https://paint.toys/oil/ Protocol H2 Server 69.173.144.137 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/ Response headers expires 0 cache-control no-cache, no-store, must-revalidate content-encoding gzip pragma no-cache content-type image/png Redirect headers cache-control no-store, no-cache, private location https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3240452640532361633 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 185.198.62.83; 185.198.62.83; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 8c90da30-22f1-4ada-b34b-bc00893adafb content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Thu, 14 Nov 2024 19:43:08 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET H2	200	cm u.openx.net/w/1.0/ Frame 4F77	0 0	167ms 38ms	Document text/html	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D Requested by Host: cdn.intergi.com URL: https://cdn.intergi.com/prebid/prebid.js.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash Request headers Referer https://paint.toys/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 440 content-type text/html date Thu, 14 Nov 2024 19:43:08 GMT p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET		pbs-iframe pbs-cs.yellowblue.io/ Frame 849B	0 0
GET		sodar ep1.adtrafficquality.google/getconfig/	0 0
GET H2	200	favicon.ico paint.toys/	615 B 748 B	216ms 55ms	Other image/vnd.microsoft.icon	3.33.186.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paint.toys/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.33.186.135 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afa7f374f51cc8991.awsglobalaccelerator.com Software Netlify / Resource Hash 30a007a99e491d9e1b2b72c02e4a8454334c6ea2b3a03316d50135b20464fccc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://paint.toys/oil/ Response headers strict-transport-security max-age=31536000 cache-control public,max-age=0,must-revalidate etag "6c77abc0123fbfdebbf702a90fb50938-ssl" age 33035 accept-ranges bytes content-length 615 x-nf-request-id 01JCP36YA38TFANY3X6NHXFG5S cache-status "Netlify Edge"; hit date Thu, 14 Nov 2024 19:43:11 GMT content-type image/vnd.microsoft.icon server Netlify

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

paint.toys

URL

blob:https://paint.toys/bc347d11-99ed-4a47-bbb2-165519896647

Domain

fid.agkn.com

URL

https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F

Domain

fid.agkn.com

URL

https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F

Domain

pbs-cs.yellowblue.io

URL

https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D

Domain

ep1.adtrafficquality.google

URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411110103&st=env