urlscan.io logo urlscan.io
SecurityTrails logo

paint.toys Open in urlscan Pro
15.197.167.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGp...
Effective URL: https://paint.toys/oil/
Submission: On November 26 via api from BE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 8 countries across 42 domains to perform 142 HTTP transactions. The main IP is 15.197.167.90, located in United States and belongs to AMAZON-02, US. The main domain is paint.toys. The Cisco Umbrella rank of the primary domain is 606652.
TLS certificate: Issued by E5 on October 3rd 2024. Valid for: 3 months.
This is the only time paint.toys was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.67.188.158 13335 (CLOUDFLAR...)
1 9 15.197.167.90 16509 (AMAZON-02)
8 104.18.20.56 13335 (CLOUDFLAR...)
2 216.58.206.40 15169 (GOOGLE)
2 104.18.24.111 13335 (CLOUDFLAR...)
7 142.250.181.226 15169 (GOOGLE)
5 104.18.24.242 13335 (CLOUDFLAR...)
2 104.18.21.56 13335 (CLOUDFLAR...)
1 18.66.102.34 16509 (AMAZON-02)
1 172.67.41.60 13335 (CLOUDFLAR...)
1 184.28.89.220 16625 (AKAMAI-AS)
3 216.58.212.142 15169 (GOOGLE)
1 18.172.112.90 16509 (AMAZON-02)
10 142.250.184.238 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 142.250.185.70 15169 (GOOGLE)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 178.250.1.3 44788 (ASN-CRITE...)
3 13.224.196.140 16509 (AMAZON-02)
2 3.73.242.72 16509 (AMAZON-02)
1 142.250.185.74 15169 (GOOGLE)
10 162.19.138.82 16276 (OVH OVH SAS)
2 108.128.75.152 16509 (AMAZON-02)
2 35.244.193.51 396982 (GOOGLE-CL...)
2 18.210.235.203 14618 (AMAZON-AES)
2 178.250.1.11 44788 (ASN-CRITE...)
1 2 52.54.248.128 14618 (AMAZON-AES)
1 65.9.66.90 16509 (AMAZON-02)
1 13.32.119.202 16509 (AMAZON-02)
3 184.28.88.244 16625 (AKAMAI-AS)
1 34.36.214.49 396982 (GOOGLE-CL...)
3 69.173.144.137 26667 (RUBICONPR...)
2 3 37.252.171.85 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 35.227.252.103 396982 (GOOGLE-CL...)
1 104.18.27.193 13335 (CLOUDFLAR...)
1 178.250.1.56 44788 (ASN-CRITE...)
6 3.120.249.250 16509 (AMAZON-02)
1 52.223.6.21 16509 (AMAZON-02)
1 178.250.1.4 44788 (ASN-CRITE...)
4 63.32.216.224 16509 (AMAZON-02)
1 52.222.236.4 16509 (AMAZON-02)
4 69.173.156.139 26667 (RUBICONPR...)
1 18.157.230.4 16509 (AMAZON-02)
4 23.205.176.78 16625 (AKAMAI-AS)
1 65.9.66.68 16509 (AMAZON-02)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 2 104.18.26.193 13335 (CLOUDFLAR...)
1 63.215.202.146 41041 (VCLK-EU-S...)
1 172.217.16.193 15169 (GOOGLE)
1 52.211.253.103 16509 (AMAZON-02)
1 3 35.244.159.8 396982 (GOOGLE-CL...)
1 104.18.24.18 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
1 13.248.245.213 16509 (AMAZON-02)
1 184.30.22.30 16625 (AKAMAI-AS)
1 3.33.220.150 16509 (AMAZON-02)
1 52.213.202.106 16509 (AMAZON-02)
1 18.195.234.25 16509 (AMAZON-02)
142 63
2    172.67.188.158 (United States)

ASN13335 (CLOUDFLARENET, US)
kfdk.formailing.com
9    15.197.167.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: afa7f374f51cc8991.awsglobalaccelerator.com
paint.toys
8    104.18.20.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
2    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f8.1e100.net
www.googletagmanager.com
2    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
faucetfoot.com
7    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5    104.18.24.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergi.com
2    104.18.21.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
1    18.66.102.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-34.fra56.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    184.28.89.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-220.deploy.static.akamaitechnologies.com
px.moatads.com
3    216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net
www.google-analytics.com
1    18.172.112.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-90.fra60.r.cloudfront.net
static.adsafeprotected.com
10    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
fundingchoicesmessages.google.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bt.dns-finder.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
static.criteo.net
3    13.224.196.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-140.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    3.73.242.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
cd836371f1d.cdn.intergient.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
10    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
2    108.128.75.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-75-152.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    18.210.235.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-235-203.compute-1.amazonaws.com
idx.liadm.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
2    52.54.248.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-248-128.compute-1.amazonaws.com
rp.liadm.com
1    65.9.66.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-90.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.32.119.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-202.fra60.r.cloudfront.net
aax.amazon-adsystem.com
3    184.28.88.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-244.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
3    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    178.250.1.56 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid.bidswitch.net
6    3.120.249.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-249-250.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
1    178.250.1.4 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid-bidder.criteo.com
4    63.32.216.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-216-224.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    52.222.236.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-4.fra56.r.cloudfront.net
hb.yellowblue.io
4    69.173.156.139 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    18.157.230.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-230-4.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    23.205.176.78 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-176-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    63.215.202.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams01-convex-float1.dotomi.com
proc.ad.cpe.dotomi.com
1    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net
9da2eac2167e8cfea5cbb159de04e39f.safeframe.googlesyndication.com
1    52.211.253.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-253-103.eu-west-1.compute.amazonaws.com
pbs-cs.yellowblue.io
3    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
playwire-d.openx.net
u.openx.net
1    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    52.213.202.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-202-106.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    18.195.234.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-234-25.eu-central-1.compute.amazonaws.com
match.sharethrough.com
Apex Domain
Subdomains		 Transfer
12 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 5664
cd836371f1d.cdn.intergient.com — Cisco Umbrella Rank: 6673
79 KB
10 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
77 KB
9 paint.toys
paint.toys — Cisco Umbrella Rank: 606652
129 KB
8 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 913
fastlane.rubiconproject.com — Cisco Umbrella Rank: 505
eus.rubiconproject.com — Cisco Umbrella Rank: 616
pixel.rubiconproject.com Failed
5 KB
8 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
33 KB
7 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 985
match.sharethrough.com — Cisco Umbrella Rank: 530
755 B
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 145
188 KB
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
rtb.gumgum.com — Cisco Umbrella Rank: 1533
5 KB
5 openx.net
pa.openx.net — Cisco Umbrella Rank: 3484
rtb.openx.net — Cisco Umbrella Rank: 552
playwire-d.openx.net — Cisco Umbrella Rank: 15510
u.openx.net — Cisco Umbrella Rank: 761
583 B
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
92 KB
5 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 6591
249 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
106 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
acdn.adnxs.com — Cisco Umbrella Rank: 643
3 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 570
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 494
109 B
4 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 1368
rp.liadm.com — Cisco Umbrella Rank: 966
1 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 496
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 521
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
844 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
grid-bidder.criteo.com — Cisco Umbrella Rank: 1731
4 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2708
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
13 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
9da2eac2167e8cfea5cbb159de04e39f.safeframe.googlesyndication.com
52 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
3 btloader.com
btloader.com — Cisco Umbrella Rank: 947
api.btloader.com — Cisco Umbrella Rank: 1068
32 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 551
eb2.3lift.com — Cisco Umbrella Rank: 429
691 B
2 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 1527
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 4285
622 B
2 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 2340
match.adsrvr.org — Cisco Umbrella Rank: 377
543 B
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1453
246 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
1 KB
2 faucetfoot.com
faucetfoot.com — Cisco Umbrella Rank: 374644
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
198 KB
2 formailing.com
kfdk.formailing.com
2 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 698
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3098
459 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1460
x.bidswitch.net — Cisco Umbrella Rank: 393 Failed
311 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 506
145 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 793
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2357
8 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700
1 KB
1 dns-finder.com
bt.dns-finder.com — Cisco Umbrella Rank: 277135
977 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 639
483 B
1 moatads.com
px.moatads.com — Cisco Umbrella Rank: 5613
27 B
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 7290
917 B
0 agkn.com Failed
fid.agkn.com Failed
142 42
Domain Requested by
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
10 cdn.intergient.com paint.toys
cdn.intergient.com
9 paint.toys 1 redirects kfdk.formailing.com
paint.toys
7 id5-sync.com cdn.intergi.com
paint.toys
cdn.id5-sync.com
6 btlr.sharethrough.com cdn.intergi.com
5 cdn.intergi.com cdn.intergient.com
cdn.intergi.com
5 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
4 secure.cdn.fastclick.net kfdk.formailing.com
secure.cdn.fastclick.net
4 fastlane.rubiconproject.com cdn.intergi.com
4 g2.gumgum.com cdn.intergi.com
3 ib.adnxs.com 2 redirects cdn.intergi.com
3 prebid-server.rubiconproject.com cdn.intergi.com
paint.toys
3 ads.pubmatic.com cdn.intergi.com
3 lb.eu-1-id5-sync.com cdn.intergi.com
cdn.id5-sync.com
3 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
2 playwire-d.openx.net 1 redirects cdn.intergi.com
2 ssum-sec.casalemedia.com 1 redirects cdn.intergi.com
2 rp.liadm.com 1 redirects paint.toys
2 gum.criteo.com static.criteo.net
cdn.intergi.com
2 idx.liadm.com cdn.intergi.com
2 lexicon.33across.com cdn.intergi.com
2 id.crwdcntrl.net cdn.intergi.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 cd836371f1d.cdn.intergient.com cdn.intergient.com
2 api.btloader.com btloader.com
2 ad-delivery.net paint.toys
2 faucetfoot.com cdn.intergient.com
faucetfoot.com
2 www.googletagmanager.com paint.toys
www.googletagmanager.com
2 kfdk.formailing.com 1 redirects
1 match.sharethrough.com paint.toys
1 u.openx.net cdn.intergi.com
1 rtb.gumgum.com cdn.intergi.com
1 match.adsrvr.org paint.toys
1 eus.rubiconproject.com cdn.intergi.com
1 eb2.3lift.com cdn.intergi.com
1 acdn.adnxs.com cdn.intergi.com
1 js-sec.indexww.com cdn.intergi.com
1 pbs-cs.yellowblue.io cdn.intergi.com
1 9da2eac2167e8cfea5cbb159de04e39f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cdn.id5-sync.com kfdk.formailing.com
1 tags.crwdcntrl.net kfdk.formailing.com
1 tlx.3lift.com cdn.intergi.com
1 hb.yellowblue.io cdn.intergi.com
1 grid-bidder.criteo.com cdn.intergi.com
1 direct.adsrvr.org cdn.intergi.com
1 grid.bidswitch.net cdn.intergi.com
1 htlb.casalemedia.com cdn.intergi.com
1 rtb.openx.net cdn.intergi.com
1 hbopenbid.pubmatic.com cdn.intergi.com
1 pa.openx.net cdn.intergi.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 imasdk.googleapis.com cdn.intergi.com
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 ad.doubleclick.net paint.toys
1 bt.dns-finder.com btloader.com
1 static.adsafeprotected.com paint.toys
1 px.moatads.com paint.toys
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
0 pixel.rubiconproject.com Failed paint.toys
0 x.bidswitch.net Failed paint.toys
0 fid.agkn.com Failed cdn.intergi.com
142 67

This site contains links to these domains. Also see Links.

Domain
toms.toys
Subject Issuer Validity Valid
formailing.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.paint.toys
E5		 2024-10-03 -
2025-01-01		 3 months crt.sh
cdn.intergient.com
WE1		 2024-10-02 -
2024-12-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
faucetfoot.com
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cdn.intergi.com
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-01-12 -
2025-02-09		 a year crt.sh
btloader.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-27 -
2025-09-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
dns-finder.com
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
ad-delivery.net
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
api.btloader.com
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2024-10-15 -
2025-01-13		 3 months crt.sh
oa.openxcdn.net
WR3		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
*.cdn.intergient.com
Go Daddy Secure Certificate Authority - G2		 2024-04-17 -
2025-04-01		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
id5-sync.com
E6		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh
lexicon.33across.com
WR3		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
pa.openx.net
WR3		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
casalemedia.com
E6		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-23 -
2024-12-21		 3 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M03		 2024-07-02 -
2025-08-01		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-11		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
indexww.com
WE1		 2024-10-01 -
2024-12-31		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh

This page contains 20 frames:

Primary Page: https://paint.toys/oil/
Frame ID: 019D128C51B7742FB565B541A20258C3
Requests: 122 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.12.2/iframe/iframe.html
Frame ID: C1A36359D0BC11CA8A468A98B37C52A4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: B2ACC1BCCE384A95CCC88F593402E3F1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.12.2/iframe/iframe.html
Frame ID: F6D392F68258175B0844DC34D8070207
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Frame ID: 941B093275C4A21149B002F32144F647
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: F59CCD34DCFEF358DA1529A7A25350A5
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: DE5F1DD6963BE4B3F59E2A9A19DE070A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Frame ID: CC74168B0EF346CAE16062BA5D21B924
Requests: 1 HTTP requests in this frame

Frame: https://9da2eac2167e8cfea5cbb159de04e39f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A90347078974396260FE849621C92BE
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Frame ID: 9FD7D3FF7D6BD68F54E4CF4D55636009
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Frame ID: F90634B1B9E396ECAFF25D57FDB63E88
Requests: 1 HTTP requests in this frame

Frame: https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Frame ID: 0E9C8DEF3BB0840CAE178E0D8B04161C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 28CFE71B017EC9C0F49A23B354E33519
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 40BB5658A52B7E5FB5DC4E3F444477D5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 36369FCCE94847C3FD0E336621DE66DA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 826FB340CA9316963963EA6DC40A541A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paint.toys&gpp=
Frame ID: 68BFA83A463D0C0E72FE6D96E03529BA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: D75ADC664145AC9930015C598C873809
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: FE69CA6B971D12D2385D5F38EE6ED38A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: E2CC2943F3B03917D82F36FED7C3987F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paint with Oils

Page URL History Show full URLs

  1. https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1... Page URL
  2. http://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1... HTTP 307
    https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1... HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

142
Requests

95 %
HTTPS

0 %
IPv6

42
Domains

67
Subdomains

63
IPs

8
Countries

1469 kB
Transfer

4304 kB
Size

65
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521 Page URL
  2. http://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521?in=1 HTTP 307
    https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521?in=1 HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://rp.liadm.com/j?dtstmp=1732656927474&did=did-0046&se=e30&duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&cd=.paint.toys HTTP 302
  • https://rp.liadm.com/j?dtstmp=1732656927474&did=did-0046&se=e30&duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&cd=.paint.toys&n3pc=true
Request Chain 105
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Request Chain 113
  • https://playwire-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent= HTTP 302
  • https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Request Chain 126
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=130&ssp_id=themediagrid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Df9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553%26partner_url%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D465%2526user_id%253Df9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D465%26user_id%3Df9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D465%26user_id%3Df9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=465&user_id=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 139
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-server.rubiconproject.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526gpp%253D%2526gpp_sid%253D%2526account%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=8952230492646727208

142 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
7024713873521
kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbien... 		755 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.188.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
021d5e81fa95c76f1aab8dd2d3a5dc58988a3e066f73d9a0dcea4ce0779d2d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e8d0200bf62c938-IAD
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:21 GMT
developed-by
Mohamed Amine El Attabi
email
mohamed.amine.elattabi@gmail.com
expires
Sat, 2 Aug 1980 15:15:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKmBbORn54NhJCsacl1MgUIaip0Rc0efZnyijfYxWdXgNJf1B231IGXMGqFxQxk4zUbmsTbIJ31M%2F90rFDkJUcMajd7a78Zl7Xa4SAdc7s6TPHG0P79Re8X0wstSTuxbH5%2BOl4%2Fz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=122115&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3933&recv_bytes=2447&delivery_rate=39952&cwnd=34&unsent_bytes=0&cid=1dc2cc1ae46e0bd3&ts=297&x=0"
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-xss-protection
1; mode=block
Primary Request /
paint.toys/oil/
Redirect Chain
  • http://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuy...
  • https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhu...
  • https://paint.toys/oil
  • https://paint.toys/oil/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/
Requested by
Host: kfdk.formailing.com
URL: https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
126869
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
1669
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:23 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JDN6D0BWH0SCJ6KD9S9N7GNR

Redirect headers

accept-ranges
bytes
age
126868
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-length
1668
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:22 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
location
/oil/
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01JDN6D0A6GZXDEBPJPHF5TMAS
ramp_config.js
cdn.intergient.com/1024872/74068/ 		38 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024872/74068/ramp_config.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4c437da084a03fd046e831a9ce4ff57338c1dec029c49f18c597bbbb4f78d05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

last-modified
Tue, 26 Nov 2024 21:33:54 GMT
hw-country-code
IT
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
HIT
via
1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
cf-ray
8e8d020dcc065d3c-FRA
x-cache
Hit from cloudfront
x-amz-cf-id
9uDHYgrp4UZrWadNSLkW0sngjX3daDSsF6Fynnh1T32hnO9bJ-1djA==
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
FRA56-P9
apps.css
paint.toys/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paint.toys/apps.css
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"58d01e65c6625681e8891f6fbc8c18f5-ssl-df"
age
68245
accept-ranges
bytes
content-length
1395
x-nf-request-id
01JDN6D0FFE7PSGV681YH7EBF9
cache-status
"Netlify Edge"; hit
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
Netlify
index.js
paint.toys/oil/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/index.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"687211e2ced405124b38663a13c97091-ssl-df"
age
126868
accept-ranges
bytes
content-length
1190
x-nf-request-id
01JDN6D0FFZGFXG6K3W2JDC873
cache-status
"Netlify Edge"; hit
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
art-icon.png
paint.toys/assets/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/art-icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"1394f8469f2ca5750397e3d7b6ec70a1-ssl"
age
131158
accept-ranges
bytes
content-length
33562
x-nf-request-id
01JDN6D0FFV8GSKGHP8GJT8488
cache-status
"Netlify Edge"; hit
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
image/png
server
Netlify
icon-hand.png
paint.toys/assets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-hand.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"a0822110a4671ffdf710da1467460fba-ssl"
age
68245
accept-ranges
bytes
content-length
27394
x-nf-request-id
01JDN6D0FF6T7V3FFMYMDWNXM3
cache-status
"Netlify Edge"; hit
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
image/png
server
Netlify
icon-disk.png
paint.toys/assets/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-disk.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"26852fa1548a91e004629b01e4abf1dd-ssl"
age
68245
accept-ranges
bytes
content-length
13766
x-nf-request-id
01JDN6D0QP93TT7BHKK7XVTKS3
cache-status
"Netlify Edge"; hit
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
image/png
server
Netlify
icon-trash.png
paint.toys/assets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-trash.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"e91ef5e34b5154d392e8560031eaaa4c-ssl"
age
68246
accept-ranges
bytes
content-length
51680
x-nf-request-id
01JDN6D0QWKJRBC1QZR8ZFRJJJ
cache-status
"Netlify Edge"; hit
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
image/png
server
Netlify
ramp_core.js
cdn.intergient.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558a10c9bb85310540937a64ae489ed9dbaf78d582a4791c07c7ab77913444c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
IT
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
via
1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront)
cf-ray
8e8d020dec2a5d3c-FRA
x-cache
Miss from cloudfront
x-amz-cf-id
YorW8hBqdfZFnm5hM3870lfbZ6m1_d5mLWmLJHQDYCciwD6J5tkY1A==
date
Tue, 26 Nov 2024 21:35:23 GMT
x-lambda-function
us-east-1.pageos_production:750
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
FRA56-P9
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
767d04353410d111a0795e098132e2c02a8e309a64e24391bbdaffb70e834828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 21:35:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108234
x-xss-protection
0
server
Google Tag Manager
art-icon.png
paint.toys/assets/ 		33 KB
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/art-icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"1394f8469f2ca5750397e3d7b6ec70a1-ssl"
age
131158
accept-ranges
bytes
content-length
33562
x-nf-request-id
01JDN6D0QW8SRYXBRNNWG6RHFD
cache-status
"Netlify Edge"; hit
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
image/png
server
Netlify
1a1_54176f8daa6f5b35900282f15c6c8.vendor.js
faucetfoot.com/assets/e53596/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/assets/e53596/1a1_54176f8daa6f5b35900282f15c6c8.vendor.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db923ce8bb5894251489b6814a732f201700e5256865bcfb5fab34c912f8f697
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"4f3dd58eaebb356a9c6fc15f26544bbddbd472fad0261642015501de7e7b3d87"
x-buildname
hoothoot
x-hostname
fen-hoothoot-europe-west1-test-wtl1
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8e8d0212597ad2d2-FRA
x-buildnumber
1553448542
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
aa705b80cce2ab13554e4362c886b11a9e0c793caa77bdf283015727fbf0fb34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
931 / 20053 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 21:35:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33689
x-xss-protection
0
server
cafe
prebid.js.br
cdn.intergi.com/prebid/ 		536 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8429294dbe104afeafcde686898d55472274252021dc9e068ea8f3f23ae98a5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
RsSvKuHpf4VS0lvS3yHraZ7eDlmwsOkV
etag
W/"28347b2131c172e8cbc65cdd1f06f8d3"
age
5600
x-cache
Hit from cloudfront
x-amz-cf-id
vFEvWlKYPjc3Kzc2bWlsRthOaLMFyUvIQtLhaTSPHCtkn4AOc6ldvg==
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 15:48:53 GMT
vary
Accept-Encoding
via
1.1 27c8fa1293b3ecca6804886739b2d020.cloudfront.net (CloudFront)
cf-ray
8e8d02120a8b6955-FRA
x-amz-cf-pop
HEL50-C2
server
cloudflare
x-amz-server-side-encryption
AES256
pageos.js
cdn.intergient.com/pageos/1.12.2/ 		397 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a66b049eecbddfd608523251a04d8912c8906b8fd336ae444289b9cc645c863b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0c29bc3554c6275412a58bf053466cda"
age
540018
x-cache
Hit from cloudfront
x-amz-cf-id
c1MGeASiWYR3AOc1MU0TzFVdKgsFvEs_B9KIoc6YbNQ0SnhHZ_YitQ==
date
Tue, 26 Nov 2024 21:35:23 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 468a26e83787e0c68005b09431f5baa4.cloudfront.net (CloudFront)
cf-ray
8e8d020ecccd5d3c-FRA
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
runtime.ee4a1bbf1a033c794a6a.js
cdn.intergient.com/pageos/1.12.2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/runtime.ee4a1bbf1a033c794a6a.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1a40585937ac293816334f359c71006be388c977e647dcf5270a8a75313639

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61099087308e4d59d42eeb6e0a0d00b4"
age
455974
x-cache
Hit from cloudfront
x-amz-cf-id
SKcFy0lgYVu1uEVGUAUzHP7QMQGwbWDv6jNvqCFKbYYcaovkFo74qw==
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
vary
accept-encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 03989e0a7def97f8cd0c031a3672342a.cloudfront.net (CloudFront)
cf-ray
8e8d020f2d085d3c-FRA
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
main.adcfb3cb78ca97b4e5f1.js
cdn.intergient.com/pageos/1.12.2/ 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ad3b1490c18aa8bd0866e056d8eba4d936b73d68d959fe9ccb4f9b4b09c8b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0da83f703e4b65564ff337f99214473a"
age
540042
x-cache
Hit from cloudfront
x-amz-cf-id
3zFJdtBKxIMkvVEV9LYHHTwGCm74z3sqQIb_wmkf2-p6co3V5LAg3A==
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
vary
accept-encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 468a26e83787e0c68005b09431f5baa4.cloudfront.net (CloudFront)
cf-ray
8e8d020f2d095d3c-FRA
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/1.12.2/ 		559 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/runtime.ee4a1bbf1a033c794a6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6880c1609e3243c11c7b4f1285e14d89"
age
540041
x-cache
Hit from cloudfront
x-amz-cf-id
hy3w8297Sfs23MS_24mper2_m5xRNjFQsoxxf-fE5hVVMSr1zKWhrQ==
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 a659f7836f37684fda1f390ef3140e5a.cloudfront.net (CloudFront)
cf-ray
8e8d02101dc45d3c-FRA
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
iframe.html
cdn.intergient.com/pageos/1.12.2/iframe/ Frame C1A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
540041
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8e8d0213a9f89ba6-FRA
content-encoding
br
content-type
text/html
date
Tue, 26 Nov 2024 21:35:24 GMT
hw-country-code
IT
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 4fb57eae12b36ac210ac39c8de044a44.cloudfront.net (CloudFront)
x-amz-cf-id
QEvGi1wJOcfKtb2jwBWCRGTJtalH2GC9sMeh0SssPH5GKzeFVuj7xQ==
x-amz-cf-pop
MXP63-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
gdpr.1b960cdd1c148987c402.js
cdn.intergient.com/pageos/1.12.2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/gdpr.1b960cdd1c148987c402.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/runtime.ee4a1bbf1a033c794a6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa98ee205d0ed7ab5765a57a2652a721657b0afe77539306b4d2c2e582587cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f4fb0f395e7b6363ec6a36d7e3603696"
age
537827
x-cache
Hit from cloudfront
x-amz-cf-id
BhdfQSH428tDqA68qbAXYPme-docI-sFyngocqFMSCSFa-Na1ANIqg==
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
vary
accept-encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
cf-ray
8e8d02103dd45d3c-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
GDPR
impression-inferences-edge-prod.playwire.com/websites/74068/v1/Tue/16/desktop/Chrome/ 		582 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Tue/16/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-34.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
aab1f82bbee7d4c96e4144f14c91cb11238acedebb052230c92f44f22c5f466e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600, public, must-revalidate
access-control-expose-headers
*
age
1927
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
582
x-amz-cf-id
tgjh8wYaHNJtAnmFIPbai1Oqiu3R6Ra-H7V2maBn_N8MagkVEesJrg==
date
Tue, 26 Nov 2024 21:03:17 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P2
server
CloudFront
tag
btloader.com/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272fa9f6f409c84f90ee8997eb2db86a9ab6db32c7716b7b572b85da822937cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"2426ccd9b6e7de47572e5313054642e9"
age
441
via
1.1 google
cf-ray
8e8d0214e9d371ac-FRA
accept-ranges
bytes
content-length
31666
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 21:27:07 GMT
vary
Origin, Accept-Encoding
server
cloudflare
pixel.gif
px.moatads.com/ 		27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Tue, 26 Nov 2024 21:35:24 GMT
Content-Length
27
Date
Tue, 26 Nov 2024 21:35:24 GMT
AK-GRN
0.12b31402.1732656924.3c74df58
Content-Type
text/html
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je4bk0v9101576445za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f0cbebd6d020d015159985d8b48d8621014584bdbce2fb31231f5adfd586f974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 21:35:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94087
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4bk0v9101576445za200&_p=1732656923118&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=445059518.1732656924&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732656924&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2252
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je4bk0v9102396898za200zb9101576445&_p=1732656923118&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=445059518.1732656924&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732656924&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1732656923118&tfd=2451
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je4bk0v9101576445za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:24 GMT
content-type
text/plain
server
Golfe2
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?ab=1&zoneid=8001271_advertisement_
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
18399
x-cache
Hit from cloudfront
x-amz-cf-id
vv1Y6MLv9OhRu88x6ZvQXYgcU7wJ9OTYDYqxoEXq68YxqinI8lzGSA==
date
Tue, 26 Nov 2024 16:28:47 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
FRA60-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 		492 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
1421939719645060458
age
21515
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 15:36:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 26 Nov 2024 15:36:49 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
154013155
fundingchoicesmessages.google.com/i/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
2023334324d8c97da0548ef57396aab4eef6ceccb3b56eaa80f296bc2d05b945
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z5sWuQouOIqPzR91ri0Aqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:25 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIh2Puvxm72AR2bJvcyaykkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmhoaKlnYBhfYAAA1e89QQ"
content-security-policy
script-src 'report-sample' 'nonce-Z5sWuQouOIqPzR91ri0Aqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
px.gif
bt.dns-finder.com/ 		43 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.dns-finder.com/px.gif
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
44
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pXkS%2B0RGvV27lymmV%2FTP9fcs7gtBypbfpBx0AV1uFSXqf8vbSsxZCVzhqFMzqG8NFt79DqDWtkUPWbFfflzn2a4HPLvVnbzrE%2BX6ob011jGPADmsSe567%2F1cn%2Fr4mooSImxzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 26 Nov 2024 22:34:41 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43
server-timing
cfL4;desc="?proto=TCP&rtt=31106&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3967&recv_bytes=2147&delivery_rate=106926&cwnd=240&unsent_bytes=0&cid=26fb3f63936330df&ts=391&x=0"
date
Tue, 26 Nov 2024 21:35:25 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 16:36:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2XT5gNg2m2RPd306tjSxZ_IL0IZC1Ruhe9YILR-0JZjJZ9yW4J64hccqXng2JWtZagK9J4dH8qyA
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8e8d021a7e4e5d94-FRA
accept-ranges
bytes
x-goog-generation
1721406977485562
content-length
43
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
54394
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJZGK3pC%2BhS8LyMTvNlilaK4LayXZNj%2ByHTYZGiQCb3mcUgNU8XIrFjGJcrMz6V4%2BQOi7xHyzEFtuxv%2Fy%2Fwxp%2FZPzieSKQ4whr6mvSPLL1B1cKfg1fuug5uiT%2FISzjJFkg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 26 Nov 2024 06:43:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=13137&sent=8&recv=6&lost=0&retrans=0&sent_bytes=5110&recv_bytes=2328&delivery_rate=256454&cwnd=252&unsent_bytes=0&cid=05a23c5f02319cdb&ts=316&x=0"
x-goog-stored-content-length
43
date
Tue, 26 Nov 2024 21:35:25 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7RA-H9DGZHEfpbeAGdy2ORzEL87tonY_T1X3L9G2Cl6ME0kkMjzXSFQRtTGat1Tzz6PZM
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e8d0219d8cf718b-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
age
36839
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 11:21:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 11:21:26 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.15840019102684955
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
54394
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lk%2BAc0mbzUcbc0IBZ%2FHE78qi3osHUAqwxP7ivha5CeR1%2FeeXNgxtgjfD1sXPYBQm52UyqO2kjCK2K%2BSjeqAuRKePoBiPQUGN14RxxfMMBS0vPej1FsXKknCrRcNbjZPaXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 26 Nov 2024 06:43:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=13137&sent=6&recv=6&lost=0&retrans=0&sent_bytes=4002&recv_bytes=2328&delivery_rate=256454&cwnd=252&unsent_bytes=0&cid=05a23c5f02319cdb&ts=315&x=0"
x-goog-stored-content-length
43
date
Tue, 26 Nov 2024 21:35:25 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7RA-H9DGZHEfpbeAGdy2ORzEL87tonY_T1X3L9G2Cl6ME0kkMjzXSFQRtTGat1Tzz6PZM
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e8d0219d8d0718b-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
7b74783_76a32149e0ef75ada356d67adc1804d47edf433ec61c180
faucetfoot.com/create/ 		303 B
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/create/7b74783_76a32149e0ef75ada356d67adc1804d47edf433ec61c180
Requested by
Host: faucetfoot.com
URL: https://faucetfoot.com/assets/e53596/1a1_54176f8daa6f5b35900282f15c6c8.vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee1eaafed1059a4e32ba211a6e9a967321111364904106d74899d325784a9ab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-europe-west1-test-wtl1
expires
Tue, 26 Nov 2024 21:35:24 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 21:35:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8e8d021b3ab9d2a5-FRA
access-control-allow-origin
https://paint.toys
x-buildnumber
1553448542
server
cloudflare
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9c4520b262bf8198e3c3e55a8d927867838f0376f11e37e0729221ba79a40a93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
application/json
vary
Origin
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=1xZDWNjn3-BMRKvdGSib-936a66896c&w=5096819819806720&o=5150306120761344&cv=2.1.66&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=3WDsfoP8-sanxXaJb-936a66896c&pm=false&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:26 GMT
vary
Origin
AGSKWxVUeI4UJVzeW5REb0HVZ3RZEFpQDFYxEvik0T5mmdLQxzxHlNizcVpKMICC_6UDEcazBl1GEwljgPxA_Ox5eSE3nk9WCIZxNBbvaPhSofMMzof40TsqpiN6tfnwlqftkmqGhgCr8A==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVUeI4UJVzeW5REb0HVZ3RZEFpQDFYxEvik0T5mmdLQxzxHlNizcVpKMICC_6UDEcazBl1GEwljgPxA_Ox5eSE3nk9WCIZxNBbvaPhSofMMzof40TsqpiN6tfnwlqftkmqGhgCr8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNjU2OTI2LDQ3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3BhaW50LnRveXMvb2lsLyIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksIml0Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
fbb368e2140eec1a8b17c26ce2654dac4c0ac35db3b5d2f896a23c3358924fc5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-G80_eltIxDQaaFIr18AQaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIm2Pevxm72AQm3NtqpKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGhoqWdgGF9gAACeJj0K"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-G80_eltIxDQaaFIr18AQaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame B2AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1959
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28994
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 21:02:47 GMT
expires
Tue, 26 Nov 2024 21:52:47 GMT
last-modified
Mon, 18 Nov 2024 20:43:40 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

etag
96161c00fc10ad819c09e1314f0ae5b4
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1213
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 14 Nov 2024 17:54:21 GMT
server
Google Frontend
x-cloud-trace-context
489646a89d24b20437b797cd1f352f7a
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
219523
x-goog-stored-content-encoding
gzip
expires
Mon, 24 Nov 2025 08:36:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Sun, 24 Nov 2024 08:36:43 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AFiumC4NPTCCmb_R21QvOeimShT2NF6YFq7LmX0wWsYlMKX1_GD-2Yy-S6fV9kLPwxjJD4bckixu71JN5w
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Wed, 27 Nov 2024 21:35:27 GMT
access-control-allow-origin
*
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
AGSKWxVKXPrlSvAEZQlyqKcvTj9G0SxJIgsRtvCZh2OGyuz-IuRng0OqySX5I66tsQKSVNMk3J6qK0qWiYMhPWNbB770DIpWEqB53dyupHNdoD_apFXPLlMbYm-MKs9E96Gn3yAWNHCfeQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVKXPrlSvAEZQlyqKcvTj9G0SxJIgsRtvCZh2OGyuz-IuRng0OqySX5I66tsQKSVNMk3J6qK0qWiYMhPWNbB770DIpWEqB53dyupHNdoD_apFXPLlMbYm-MKs9E96Gn3yAWNHCfeQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNjU2OTI2LDE0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGFpbnQudG95cy9vaWwvIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiaXQiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
541404fe1f887a88c475779efe00b14fb5339eba0bc4e0a5a6547d6b1b86c6e3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2-GizklDhGQWee5K2b8rVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIm2Pevxm72AQu7G3OVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAACiMj0q"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2-GizklDhGQWee5K2b8rVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
iframe.html
cdn.intergient.com/pageos/1.12.2/iframe/ Frame F6D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
540041
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8e8d0213a9f89ba6-FRA
content-encoding
br
content-type
text/html
date
Tue, 26 Nov 2024 21:35:24 GMT
hw-country-code
IT
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 4fb57eae12b36ac210ac39c8de044a44.cloudfront.net (CloudFront)
x-amz-cf-id
QEvGi1wJOcfKtb2jwBWCRGTJtalH2GC9sMeh0SssPH5GKzeFVuj7xQ==
x-amz-cf-pop
MXP63-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
apstag.js
c.amazon-adsystem.com/aax2/ 		345 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-140.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f4218dbb17ff2c3421282ef9135e5375"
age
3311
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
SfvbHrw6WIDAT-hyobWKssWEzYBmeHZ2chDU3FISaNqC4MblKoUguw==
date
Tue, 26 Nov 2024 20:40:17 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
x-amz-server-side-encryption
AES256
0392510f-01e2-4807-9cb0-2c2cef06a44e
https://paint.toys/ Frame 		0
0
474.9e5e7d94b0ad365e11fa.js
cdn.intergient.com/pageos/1.12.2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.12.2/474.9e5e7d94b0ad365e11fa.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/runtime.ee4a1bbf1a033c794a6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f32f7966b1a24d5db4c7e8891271dc87"
age
540042
x-cache
Hit from cloudfront
x-amz-cf-id
xdd2wE49Kxeyn8iAUTHKd1qXTVncdIhzy5omjix1vdQYlvV_GdsM0g==
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
text/javascript
last-modified
Wed, 20 Nov 2024 14:24:59 GMT
vary
accept-encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 25f1ad183c71100308ee04e280ebedb0.cloudfront.net (CloudFront)
cf-ray
8e8d021def555d3c-FRA
x-amz-cf-pop
FCO50-P5
server
cloudflare
x-amz-server-side-encryption
AES256
tyche.js
cdn.intergi.com/hera/releases/4.12.3/ 		484 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.12.3/tyche.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e5b270206e2acc3802bc7fa2ce38356bf1745cb80de44300e8006923c900f99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
ap1eMCZ1i9iclLIooQnp2vem4QO2Yw3C
etag
W/"b0f716cd9f656a0c124eb394dd64cb87"
age
454364
x-cache
Miss from cloudfront
x-amz-cf-id
vXq9PQqfnAXvtdFXSToHpqagh2Vs9EkIwVclorCe91ZorJwjWZeg6g==
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 15:09:46 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
cf-ray
8e8d021de9856955-FRA
x-amz-cf-pop
VIE50-C2
server
cloudflare
x-amz-server-side-encryption
AES256
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/octet-stream
server
nginx/1.24.0
runtime.89faceeed3ca361d62a9.js
cdn.intergi.com/hera/releases/4.12.3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.12.3/runtime.89faceeed3ca361d62a9.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.12.3/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9111aa9337ebd5fd6255ae8cddcb6186c18008d2491f298fe6b3a2f44c2667a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"db2fcc737b1739379ed08e583dadbc6d"
x-amz-version-id
sBID0cB24P7xcUmhlYCoqH7shLXViMv6
age
454363
x-cache
Miss from cloudfront
x-amz-cf-id
b1gmXp0b_VlM4T8TuH4zwOuHe0Q-4GtaNJYLMMQUm4ZDtVDQy-FDhw==
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 15:09:46 GMT
vary
accept-encoding
cache-control
public, max-age=31536000
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
cf-ray
8e8d021f3a686955-FRA
x-amz-cf-pop
FRA56-P3
server
cloudflare
x-amz-server-side-encryption
AES256
main.d76ddf148f40624c51a1.js
cdn.intergi.com/hera/releases/4.12.3/ 		239 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.12.3/main.d76ddf148f40624c51a1.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.12.3/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b49f7f3b1695d725da86ed2140d0ee23ff0b3680006dbae16305f864827f1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"e6c656fbab2cf892f0e1b514fa53a25c"
x-amz-version-id
Y8m_hggcZIFCze_ky0kiKooiH8hQc11Q
age
454363
x-cache
Miss from cloudfront
x-amz-cf-id
xWw4ZG7c51lehaOVvgnfef_aT5oXM4lBkNghS7hm35B-tIQzavGAsA==
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 15:09:46 GMT
vary
accept-encoding
cache-control
public, max-age=31536000
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cf-ray
8e8d021f3a696955-FRA
x-amz-cf-pop
FRA56-P3
server
cloudflare
x-amz-server-side-encryption
AES256
lib.82225ced52a6390e480c.js
cdn.intergi.com/hera/releases/4.12.3/lib/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.12.3/lib/lib.82225ced52a6390e480c.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.12.3/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"26c007e785f82a765ec40fc9a32b0b3c"
x-amz-version-id
EIGBhlYUzYRwy0WSu6d04oJjPS4Yl40n
age
454363
x-cache
Miss from cloudfront
x-amz-cf-id
nhNCaY6zsRhw3SyWvgaQt7ZXO0AXaNJlodPWGDUpzt-6PC5cE_lNnA==
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 15:09:46 GMT
vary
accept-encoding
cache-control
public, max-age=31536000
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cf-ray
8e8d021f3a6a6955-FRA
x-amz-cf-pop
FRA56-P3
server
cloudflare
x-amz-server-side-encryption
AES256
_728x90a_
fundingchoicesmessages.google.com/f/AGSKWxUDQmgtSslHIXmBNkmnH4eyxL80w-pRgxkhvgtCy6LD_RT0GmfiUlzz44TWnK-HHtZId-_IToz9SIHES0OLr61vcn1Pf0MpnSPIfOXFKUqn9mDd9oG8L2wXzr-X07xQv-QziJG8hS9k6I-Oa5rLXlpNqX3Tj... 		54 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUDQmgtSslHIXmBNkmnH4eyxL80w-pRgxkhvgtCy6LD_RT0GmfiUlzz44TWnK-HHtZId-_IToz9SIHES0OLr61vcn1Pf0MpnSPIfOXFKUqn9mDd9oG8L2wXzr-X07xQv-QziJG8hS9k6I-Oa5rLXlpNqX3TjqEwrAAQp9iCiLZrcEk7ML2QOWCX-KpI/_/NativeAdManager./amzn_ads./ad_rectangle_-468x60/_728x90a_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxQNYPAKXJyEJP2UfAWdgN9GMDNZw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
761c85b4efc334c6ff68c9333bccd2005c36f704a060639bf6770c5ec614ff0b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kXgK8vhnqXgNfSspJPt9dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIh2Pevxm72AROzHm1l1lJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxNDQ0FLPwDC-wAAA7KM9ww"
content-security-policy
script-src 'report-sample' 'nonce-kXgK8vhnqXgNfSspJPt9dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxQNYPAKXJyEJP2UfAWdgN9GMDNZw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
518a9e5070ca33b596738e47be8f68cb3ff2cbfc327f51de6cb2014a94305f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
16097243071201713223
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 21:35:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 26 Nov 2024 21:35:26 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53350
x-xss-protection
0
server
cafe
AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
fundingchoicesmessages.google.com/el/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AkzljtVmL6Z-An6YiIenEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BicEqfwRoCxAxfr7ByALEQD8f8fzN2sQk0fL9_m1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAAEE5Jr8"
content-security-policy
script-src 'report-sample' 'nonce-AkzljtVmL6Z-An6YiIenEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		424 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.12.3/main.d76ddf148f40624c51a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 21:35:27 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148132
date
Tue, 26 Nov 2024 21:35:27 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
prebid
id5-sync.com/api/config/ 		194 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
p3p
CP="CAO PSA OUR"
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.75.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-75-152.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json;charset=utf-8
x-server
10.45.25.48
server
Jetty(9.4.38.v20210224)
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		49 B
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json
vary
origin
any
idx.liadm.com/idex/did-0046/ 		0
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.235.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-235-203.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3599, private
trace-id
ed97ab3518762b34
request-time
1
access-control-allow-credentials
true
expires
Tue, 26 Nov 2024 22:35:27 GMT
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:27 GMT
vary
Origin
AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
fundingchoicesmessages.google.com/el/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-U8W9CYEwFsuPykos7FgGzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoCxAxfr7ByALEQD8f8fzN2sQm8mLvmNqOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAADSyJpQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-U8W9CYEwFsuPykos7FgGzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
fundingchoicesmessages.google.com/el/ 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IGBHFWvj4m0le6-xWV7_pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BicEqfwRoCxAxfr7ByALEQD8f8fzN2sQks2LrmNqOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAACW6JmI"
content-security-policy
script-src 'report-sample' 'nonce-IGBHFWvj4m0le6-xWV7_pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
fundingchoicesmessages.google.com/el/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWJ4QqlWwgebGhXBcXgmmXsfyY1cAzhmbH2r4d3YAE0Swmon2WGAu59JJTY0SaSgh6ORnOTfpQvvrA94JjXXs5cgZ16mD4hIPNMD7B5vLaoGtNxvCznoYq5enw3GHnyrpLEuf1Sdw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-13GXhFUzxGJh5ELLsU9w7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoCxAxfr7ByALEQD8f8fzN2sQl8uHH-NqOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAFITJvo"
content-security-policy
script-src 'report-sample' 'nonce-13GXhFUzxGJh5ELLsU9w7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVEKL_hLg4bzRcU4VQNJCxNuazefiGNRGkCLCZkXyrSMZrvXHB85As2xld0yS4h71AdJ6S61ecHoQ6H7KI39Pbb1-UJ_ZOW6e9v9QldOqGO0Z3zVZs-6bZ15dpZKYvzbQh-VHO7Zw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVEKL_hLg4bzRcU4VQNJCxNuazefiGNRGkCLCZkXyrSMZrvXHB85As2xld0yS4h71AdJ6S61ecHoQ6H7KI39Pbb1-UJ_ZOW6e9v9QldOqGO0Z3zVZs-6bZ15dpZKYvzbQh-VHO7Zw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNjU2OTI3LDg3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3BhaW50LnRveXMvb2lsLyIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksIml0Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
32602b7d029764a28e5e5f7222f84fa5f596d4e1d32aa4f433a2b431581e6ba0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6tx0Y7R3Nw4Fab-7ZcO99g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0CYoavV1g5gFiIm2P-vxm72AQW3HznoqSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGhoqWdgGF9gAACsmD1g"
content-security-policy
script-src 'report-sample' 'nonce-6tx0Y7R3Nw4Fab-7ZcO99g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
syncframe
gum.criteo.com/ Frame 941B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 21:35:27 GMT
server
Kestrel
server-processing-duration-in-ticks
379419
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
AGSKWxWc6f4VlSO71i6GzlhNQZp2wh4XYnDZH5sy1Iq-zhpM3ByinYXoZRHzS2kMAoaKNfelKMVo7H_o9kYz793IvI1LUGOh4wUgJaKX34dV0fMBgkX_VvgUb3pUOIyZahRHpMbrnFvwLg==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWc6f4VlSO71i6GzlhNQZp2wh4XYnDZH5sy1Iq-zhpM3ByinYXoZRHzS2kMAoaKNfelKMVo7H_o9kYz793IvI1LUGOh4wUgJaKX34dV0fMBgkX_VvgUb3pUOIyZahRHpMbrnFvwLg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzJWx86huJBz40pgWBONi3F-gGWTg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NQk6__ROrME6-Ma1dRtdqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBicEqfwRoCxAxfr7ByALEQD8f8fzN2sQmceNVxm1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAADqQJqU"
content-security-policy
script-src 'report-sample' 'nonce-NQk6__ROrME6-Ma1dRtdqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
2ef90dee2a1d4fde6d07b7a1c7d64393c71287e6c35756b3b044d8fbcac98992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
j
rp.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1732656927474&did=did-0046&se=e30&duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&cd=.paint.toys
  • https://rp.liadm.com/j?dtstmp=1732656927474&did=did-0046&se=e30&duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&cd=.paint.toys&n3pc=true
13 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1732656927474&did=did-0046&se=e30&duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&cd=.paint.toys&n3pc=true
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Server
52.54.248.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-248-128.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-pixel-event-id
91158688-7d40-4d71-8ba2-19b93b2441ff
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
content-length
13
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json

Redirect headers

access-control-max-age
86400
access-control-expose-headers
*
location
/j?dtstmp=1732656927474&did=did-0046&se=e30&duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&cd=.paint.toys&n3pc=true
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
content-length
0
date
Tue, 26 Nov 2024 21:35:28 GMT
483.json
id5-sync.com/g/v2/ 		251 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
9285cb4fa93f7c044587b2e8d6da26cd367aa6856160ba1b29854acb1046acae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-140.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
55765
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Z2xbLqcqLUieLAuDwYnlJR8vYYsdO1gywbpnyc-VQDjxeadcZ6eyrQ==
date
Tue, 26 Nov 2024 06:50:02 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		563 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-90.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
0a24226b810811def317ee02bf0703399b08e300afe117f3df37beb24b25e2bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600
age
2271
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
UZXRhI7dJmUh2Mp_13BTkZB4FzL6s_rAEbw_RLLMInJpmI_kyntWwQ==
date
Tue, 26 Nov 2024 20:57:37 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-140.fra2.r.cloudfront.net
Software
Server /
Resource Hash
0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
12869
access-control-allow-credentials
true
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Hit from cloudfront
content-length
2862
x-amz-cf-id
AK0j1RPJOPC6ivNP0-tox2ngf4Yb-cRdiKXJTtDaQCLXGfd1krpHwg==
date
Tue, 26 Nov 2024 18:00:58 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA2-C1
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pid=SGBx1Xpv1slsP&cb=0&ws=1600x1200&v=24.1105.2150&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-202.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
KBeCEFiIjbzLcnRq0NdzerL45IfMMCFzuZ8aNB6rqzBaYD10zACq0g==
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA60-P1
server
Server
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpaint.toys%2Foil%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 21:35:28 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
35
date
Tue, 26 Nov 2024 21:35:28 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame F59C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=167759
content-encoding
gzip
content-length
859
content-type
text/html
date
Tue, 26 Nov 2024 21:35:28 GMT
expires
Thu, 28 Nov 2024 20:11:27 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topics_frame.html
pa.openx.net/ Frame DE5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Tue, 26 Nov 2024 21:01:06 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AFiumC6gN7Fwneui9b0iMIPCdhY_PXPL8oY_nyei3g_Sk1ZeEiWIDz02D1vfQYu1cf04aydJQ030FfMsVg
cookie_sync
prebid-server.rubiconproject.com/ 		3 KB
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a9b95cb96437b1868627cc84651080dc5afabce0b5df77fe634df2ee6cd26783

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
641
content-type
application/json
vary
origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		616 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
1278c4cf185df7d945dbb204a60d816050248c3c327b2d7877a94ee8d82d0d9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
0
access-control-allow-origin
https://paint.toys
content-length
308
x-prebid
pbs-java/3.15.0
content-type
application/json
vary
origin
prebid
ib.adnxs.com/ut/v3/ 		468 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7a845fc454eb41e28c4e099d098c18402c0d581d40c182cc9e7027ab3ca6c224
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
185.198.62.83; 185.198.62.83; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://paint.toys
an-x-request-uuid
8c07c8ec-8ef0-43a6-bec8-761bf0b81712
content-length
468
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 26 Nov 2024 21:35:28 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
translator
hbopenbid.pubmatic.com/ 		0
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:26 GMT
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e140cb7a6086625817ba4d8e9da4649d4f1d76e466b810b6e4c2ad663b218f46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-forwarded-for
185.198.62.83
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
text/plain
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031634
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90702677b39fa606364aef7073b1bb0e7e3cf3b9619c91327e4d87f2827e90f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xswK2PLl35xPA9ePwCNqVYbMQ%2BNcg4rXc5t2q%2FT5nQg89jh0P6xaW5y%2Bphu%2BtrEtQ%2F31S93s1FQgHCBEwrwMKoOX3ZNsaJRXpVVO%2B%2F3YkIH84GmFcW7KbM9Eou0GoUxmI8NBU%2FFh"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d022a7ffa383d-FRA
expires
0
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
hbjson
grid.bidswitch.net/ 		24 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d520b08522d05e82041252dd9af6faf60aff6c750808f8850bfc35578654cdbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store, must-revalidate, no-cache
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.249.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-249-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.249.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-249-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.249.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-249-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.249.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-249-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.249.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-249-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.249.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-249-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
playwire
direct.adsrvr.org/bid/bidder/ 		0
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/playwire
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
0
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.11.0&cb=99969559880&lsavail=1&networkId=6163
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.4 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
698125dce2d65453fb75b00be2dbe5a190b4d34db82aac2501518eff75b86500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1732656928050&to=-60&id5Id=0&id5IdLinkType=null&aun=pw-160x600_atf&id5id=0&pubcid=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-224.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
65176f0a7c48d6a98e3a92b0c24b44ff496e7245003e836e36a6d5d02e43ced6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1732656928050&to=-60&id5Id=0&id5IdLinkType=null&aun=pw-160x600_btf&id5id=0&pubcid=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e&gpid=pw-160x600_btf&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-224.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7cb542345d9dc44cc11c98b3d96ddf725cdf55da9592e0935da512aff9e31814

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1732656928051&to=-60&id5Id=0&id5IdLinkType=null&aun=leaderboard_atf&id5id=0&pubcid=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e&gpid=leaderboard_atf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-224.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7c69d44c776710c70f5f749a5e6b2e53615226df767d3aa0227d70d22603de77

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1732656928051&to=-60&id5Id=0&id5IdLinkType=null&aun=leaderboard_btf&id5id=0&pubcid=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e&gpid=leaderboard_btf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-224.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c05ce757883491a00705f8f5b4c95fc2a14c0ffdcdf4bd1318cb1bffbf932cac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json;charset=UTF-8
server
nginx
hb-multi
hb.yellowblue.io/ 		83 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-4.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b90e07dcbb1c150d43d1bfe04baede6d942f656b7007677676b8eef05d1013cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
108
x-amz-cf-id
6-FEQ4fH-zdqFJgbUCionHz4oC3D6-l0Z-0RZRvTjPcRyx4jWBxkGg==
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P4
server
istio-envoy
x-reason
domain is blacklisted
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		648 B
993 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v9.11.0&x_source.tid=a39b5785-e185-4e93-b972-d6427670282e&l_pb_bid_id=1033c1ca695d9c0f&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=47878911-1af3-463b-82a3-dd6a8f587a6c&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.01327546587988282
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
71fc8d942e2f2abc06fda6bd2de4fbffd77584250d2c3628cddc677d2a7aabb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		480 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_btf&tg_i.pbadslot=pw-160x600_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=a39b5785-e185-4e93-b972-d6427670282e&l_pb_bid_id=10459552ae4b2bf8&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=a0c1d6ae-40bc-4afe-b548-2a711a514770&rp_maxbids=1&p_gpid=pw-160x600_btf&m_ch_mobile=%3F0&slots=1&rand=0.029103754075777477
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
784b2363f8f9257c8bad5f3e5cd0641412d6081d2b518df7e97994596df19286

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
480
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		486 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_atf&tg_i.pbadslot=leaderboard_atf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=a39b5785-e185-4e93-b972-d6427670282e&l_pb_bid_id=105096254d857d43&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=2869f7d4-a744-4e5c-a1e3-4ffe2cdb5f00&rp_maxbids=1&p_gpid=leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.012759808133371964
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
c14ab753159be3aa4554ebec66c6ed97205cecf6a6ed03bd934de9d4160e85ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
486
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		486 B
997 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=ed60e4a7-c0e8-4faf-88fa-5c67b797c54e%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_btf&tg_i.pbadslot=leaderboard_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=a39b5785-e185-4e93-b972-d6427670282e&l_pb_bid_id=1064251e024cd6c&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=1c99569b-7502-4423-a7f7-4e1db544bfcd&rp_maxbids=1&p_gpid=leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.2987724879261964
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
3bded2f81a4be99edd457a2867440796fe680c4bc4fc0813b739dabeca493aa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
486
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
auction
tlx.3lift.com/header/ 		19 B
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.11.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&gdpr=false&fledge=true
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.230.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-230-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
access-control-allow-credentials
true
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://paint.toys
x-auction-status
29, 29
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: kfdk.formailing.com
URL: https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Tue, 26 Nov 2024 21:50:28 GMT
accept-ranges
bytes
content-length
17407
date
Tue, 26 Nov 2024 21:35:28 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: kfdk.formailing.com
URL: https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
66275
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3zgVNhlih0r_8WjEu_BAwT1uX-GF4SmI84SFSRotJ_fdQzQ_E0O2Lg==
date
Tue, 26 Nov 2024 03:10:54 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
id5-api.js
cdn.id5-sync.com/api/1.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: kfdk.formailing.com
URL: https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"14cd899b51c2c37c71fbf5e1ae6fe38b"
age
24
expires
Tue, 26 Nov 2024 22:35:28 GMT
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 13 Nov 2024 11:06:09 GMT
vary
Accept-Encoding
x-amz-id-2
ApEIBw45d15Fk7aTdYCA0S299ZybqBlcRO7mYPwTWdSSKwCiU396Z6NXFx/tcJJNdo+ynQfYhJ4aHsJkPDLBT/7ngvJCdbd0p8+hpX2wYvE=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
JMATKJTDEW6MGPHX
cf-ray
8e8d022dbd801c30-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: kfdk.formailing.com
URL: https://kfdk.formailing.com/pkichmjvqiqvRQmJVejQxVUMyV0NWWWNDZ2RRY0UtMzEzLTI2NzQ1MDg4LTBkNTUwMjQwLTU1NS1NeExBRkxpOWFKQWtFdGphZ3c0Nw/xkaitjnbflwpaqcpejftcifm/0t4mu20z0wz/gvlaiwqereng/fuilgneouhpayhuyjitbienoxgncc/7024713873521
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Tue, 26 Nov 2024 21:50:28 GMT
accept-ranges
bytes
content-length
5252
date
Tue, 26 Nov 2024 21:35:28 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame CC74
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e8d022d6eb6974b-FRA
content-encoding
br
content-type
text/html
date
Tue, 26 Nov 2024 21:35:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8asfk1j1pApNqfTzra4pHUlLPm6%2F58r178C30NutyngG6zQPRxTIaefjDtJ7fSyBaCfv4U4U2y8lD7GaPAx4iyQKz5nRy0gNaHP6mUwZk%2BBftyVD6c2xVV1qNoCkFFqtdPY%2BmxyQWhU%2BYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e8d022cae32974b-FRA
content-length
0
date
Tue, 26 Nov 2024 21:35:28 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nufRQpw6Nue1s0KzmSowP1nDA6i8d8ZWdEsANULdkg%2BUbUg%2Br5vb5l%2FvlmkQfx%2FvjpV58oefeRMyHQiKKdCr4wsqZ50kpngf3EtklcKikPLAf22jni966iGLoSi%2B3W2FBLK4eS2Zp3D1og%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Tue, 26 Nov 2024 21:50:28 GMT
accept-ranges
bytes
content-length
17042
date
Tue, 26 Nov 2024 21:35:28 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
ams01-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Tue, 26 Nov 2024 22:05:29 GMT
access-control-allow-origin
https://paint.toys
content-length
190
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
application/json
vary
Origin
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ 		962 B
789 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4395587832815257&correlator=1441629177196944&eid=95344999%2C83320950&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&gdpr=0&npa=1&iu_parts=154013155%2C1024872%2C74068%2Cpublisher%3A1024872-website%3A74068-160x600%2Cpublisher%3A1024872-website%3A74068-160x600-CP%2Cpublisher%3A1024872-website%3A74068-160x600-CP-160x600&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=160x600%7C120x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732656929101&lmt=1732656929&adxs=20&adys=614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpaint.toys%2Foil%2F&vis=1&psz=180x1097&msz=160x-1&fws=4&ohw=180&td=1&egid=41401&tan=5e805258-a304-43c4-9322-70568c891158&tdf=2&topics=5&tps=5&htps=5&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJGVkNjBlNGE3LWMwZTgtNGZhZi04OGZhLTVjNjdiNzk3YzU0ZVgBEh0KDmVzcC5jcml0ZW8uY29tGOOamtO2MkgAUgIIZBIUCgVvcGVueBjynprTtjJIAFICCG8SFwoIcnRiaG91c2UYvJ-a07YySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732656923078&idt=1877&prev_scp=pos%3Datf%26slot_id%3Dpw-160x600_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3D160x600%26lld_id%3Da6054daf1b344f2295beff26a2d7dace56927881%26price_floor%3Dna%26amznbid%3D2%26amznp%3D2&cust_params=pf_src%3Dml%26li-module-enabled%3Dt1-e0%26salad%3Dchef%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_casual%26tyche_code%3D4.12.3%26pageos_code%3D1.12.2%26hour%3D22%26day%3DTuesday%26OS%3DLinux%2520null%26browser%3DChrome%2520131%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26website_id%3D74068%26refresh_count%3D0%26tyche_version%3D4.12.3%26ab_test%3Dna_A%26page_focus%3Dtrue&adks=2747221344&frm=20&eoidce=1&gblpids=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2ceb245956058cf6382430232bebba47699f66d2f22d81eb2644e0e1c0e75c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
422
x-xss-protection
0
server
cafe
container.html
9da2eac2167e8cfea5cbb159de04e39f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9da2eac2167e8cfea5cbb159de04e39f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 21:35:30 GMT
expires
Tue, 26 Nov 2024 21:35:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4bk0v9101576445za200&_p=1732656923118&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=445059518.1732656924&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732656924&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=2&tfd=7256
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
text/plain
server
Golfe2
pbs-iframe
pbs-cs.yellowblue.io/ Frame 9FD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.211.253.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-253-103.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://paint.toys/
content-length
0
content-type
text/html
date
Tue, 26 Nov 2024 21:35:30 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to compliance policy: gdpr is not applied
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F906 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=79920
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 26 Nov 2024 21:35:29 GMT
expires
Wed, 27 Nov 2024 19:47:29 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
playwire-d.openx.net/w/1.0/ Frame 0E9C
Redirect Chain
  • https://playwire-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
  • https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
491
content-type
text/html
date
Tue, 26 Nov 2024 21:35:30 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 26 Nov 2024 21:35:29 GMT
location
https://playwire-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 28CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
722
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8e8d02356f1e5d84-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:30 GMT
expires
Wed, 27 Nov 2024 01:35:30 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 40BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
57050
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 26 Nov 2024 21:35:30 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3410305, 290177
X-Served-By
cache-lga21993-LGA, cache-mxp6926-MXP
X-Timer
S1732656930.170249,VS0,VE0
sync
eb2.3lift.com/ Frame 3636 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 26 Nov 2024 21:35:30 GMT
usync.html
eus.rubiconproject.com/ Frame 826F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:30 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 68BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paint.toys&gpp=
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 21:35:29 GMT
server
Kestrel
server-processing-duration-in-ticks
882412
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
prebid
id5-sync.com/api/config/ 		195 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
7e4d2c9111e1ca31b5e2e4bfd5a66925f07c0c232672f31481c6b66a89b26f16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:28 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.75.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-75-152.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
application/json;charset=utf-8
x-server
10.45.30.98
server
Jetty(9.4.38.v20210224)
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		49 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
date
Tue, 26 Nov 2024 21:35:27 GMT
content-type
application/json
vary
origin
any
idx.liadm.com/idex/did-0046/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.235.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-235-203.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
max-age=3599, private
trace-id
ed97ab3518762b34
request-time
1
access-control-allow-credentials
true
expires
Tue, 26 Nov 2024 22:35:27 GMT
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:27 GMT
vary
Origin
usersync
match.adsrvr.org/track/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-length
70
date
Tue, 26 Nov 2024 21:35:30 GMT
content-type
image/gif
server
Kestrel
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=130&ssp_id=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D465%26user_id...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D465%26u...
  • https://x.bidswitch.net/sync?dsp_id=465&user_id=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&gdpr=0&gdpr_consent=&us_privacy=
0
0
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Tue, 26 Nov 2024 21:50:29 GMT
accept-ranges
bytes
content-length
67550
date
Tue, 26 Nov 2024 21:35:29 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
bounce
id5-sync.com/ 		30 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
249ef7c2670b0352e54b7ecd2d8b53399ff7743fd228228eccd3f8b32a204441
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
f759e346d2449ed2bc73692cf8b14238b90b46def17ea46d7276906c87c8ef45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v3
id5-sync.com/gm/ 		319 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
c9b432fd668d5fc394c5c89fe68737bbf153ed1bd89b2c3b64c13fd95b668a59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
483.json
id5-sync.com/g/v2/ 		251 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
558aad94740a37912fc8e136fd49e7226e1a613c2719f42713da0117060112a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Tue, 26 Nov 2024 21:35:29 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers
prbds2s
rtb.gumgum.com/usync/ Frame D75A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.202.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-202-106.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 26 Nov 2024 21:35:31 GMT
etag
W/"0e34f2dc4025cc5f0147410539e4c4def"
server
nginx
timing-allow-origin
*
cm
u.openx.net/w/1.0/ Frame FE69 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
440
content-type
text/html
date
Tue, 26 Nov 2024 21:35:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.12.2/main.adcfb3cb78ca97b4e5f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Tue, 26 Nov 2024 21:35:31 GMT
content-type
application/octet-stream
server
nginx/1.24.0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E2CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=79917
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 26 Nov 2024 21:35:32 GMT
expires
Wed, 27 Nov 2024 19:47:29 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
match.sharethrough.com/FGMrCMMc/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.234.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-234-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-server.rubiconproject.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526gpp%253D%25...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=8952230492646727208
86 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=8952230492646727208
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
content-type
image/png

Redirect headers

cache-control
no-store, no-cache, private
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=8952230492646727208
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
185.198.62.83; 185.198.62.83; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
b60d3ee4-b52d-40e1-8535-8a9e0c7a0a95
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 26 Nov 2024 21:35:33 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
sync.php
pixel.rubiconproject.com/exchange/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paint.toys
URL
blob:https://paint.toys/0392510f-01e2-4807-9cb0-2c2cef06a44e
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=465&user_id=f9543dc8-fa91-40fd-8c99-0a25d1fbd70a-67463f24-5553&gdpr=0&gdpr_consent=&us_privacy=
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=0&gdpr_consent=&account=12556&us_privacy=&gpp_sid=&gpp=

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| reflect function| OilPainting object| app function| save function| admiral object| googletag string| _pwUserContentEncoding object| PageOS boolean| pwRAMPInitiated object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR number| _adImpressionSR object| _pwLogger string| _pwKassandraVer number| _pwFpSampling string| _pwUserCC object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| tyche object| webpackChunkpageos object| pageos object| __core-js_shared__ object| core object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| 4dm1r11545242527 object| ggeac object| google_js_reporting_queue object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime object| google_reactive_ads_global_state object| __bt object| __bt_intrnl object| __bt_tag_d boolean| __bt_already_invoked object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| apstag object| ox_esp object| Tyche object| webpackChunkTyche object| kinesis object| pbjs object| __pwhbjs boolean| liModuleEnabled object| liQ_instances boolean| 5226ecba-5cdc-42ca-9b5c-73e895c08a84 number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| adsbygoogle string| google_user_agent_client_hint object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| _aps boolean| apstagLOADED object| apscustom object| _google_rum_ns_ number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| lotame_sync_16576 object| cnvr_launcher_options function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_B object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| conversant object| PublisherCommonId number| google_unique_id object| __id5_finalization_registry object| ID5 object| publink_options object| coreid

65 Cookies

Domain/Path Name / Value
.criteo.com/openrtb_2_5/pbjs/auction Name: cto_bundle
Value: OxZNKF9LZXdwem5OWFJkMyUyQkt4eHEwR3AlMkZqWW5GUThaSFVYYVg2eDdlME9ObVAzU1lHM3FSdEs2RjA5OGJqcVdFbDdzaFE4Z3Vubm9WYkx6UlNtRE5DbHhFT3FQNDRuM2dRQWdXaFJkWGpoSk05WEElM0Q
.smartadserver.com/api Name: pid
Value: 4137627595042680685
.liadm.com/j Name: lidid
Value: f149870c-14f1-409f-ad93-3f2e1db8c48d
paint.toys/ Name: usprivacy
Value: 1---
.paint.toys/ Name: _ga
Value: GA1.1.445059518.1732656924
.paint.toys/ Name: _ga_VJBRK9986D
Value: GS1.1.1732656924.1.0.1732656924.0.0.0
.paint.toys/ Name: _ga_CEFZJ359V8
Value: GS1.1.1732656924.1.0.1732656924.0.0.0
.intergi.com/ Name: __cf_bm
Value: VohqsbusXQz2FJjLNjWi7RZzhwnZ4BG9RHYdWfvkYOo-1732656924-1.0.1.1-bJ5A4V8ezp5ekfxHZLhjpz3F.a0mkonoYi18O3xAMmXBBofDXkuoa6sm1dmyCp7p2O7mSfokLQqGb4WHWBvJMg
.paint.toys/ Name: _awl
Value: 2.1732656925.5-152ef7715f3a4c5bd2e09359ac04c8e5-6763652d6575726f70652d7765737431-0
.intergient.com/ Name: __cf_bm
Value: xoMLM4lfmkC44NerTzq4F5AqR.3qjvbPnfTiX710uA8-1732656926-1.0.1.1-TPLhDwNpWEv4uPEVBYjC406Lrj0GPQePpF6cIj27vDmwIN8MuR175UvJKqCpt4iGAMkQJn5vIbKiF04hggQrcg
.paint.toys/ Name: _sharedid
Value: ed60e4a7-c0e8-4faf-88fa-5c67b797c54e
.paint.toys/ Name: _sharedid_cst
Value: kSylLAssaw%3D%3D
.paint.toys/ Name: _li_dcdm_c
Value: .paint.toys
.paint.toys/ Name: _lc2_fpi
Value: 8e413bd09c43--01jdn6d47mmhx40j7wg9w92p07
.paint.toys/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1732656926964%7D
.paint.toys/ Name: FCNEC
Value: %5B%5B%22AKsRol8R9vDFIk4ixjh81nQRt3kACQZ7gq3wQCWOvpfows_hXDuLEwQbs3SHNQpNzSWYBtcmZEZ73yMYef2SW4-ZUwEmLXt-irADxdrLxpoW1oS4DLvgT1vs981eA5uQ3ZqhA0fK6Gtucz-RN-LttpzlAp5b_ni4iA%3D%3D%22%5D%5D
.id5-sync.com/ Name: id5
Value: c1a1dfb8-3d2a-7b25-b3bc-3710cb7f3103#1732656927391#1
.criteo.com/ Name: uid
Value: 4076a7d0-8280-4df3-b5e0-2d074bc68e10
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.paint.toys/ Name: cto_bundle
Value: gOCePF9pM2ZZdXdjVWVlWE0lMkJrU0NZT3R6bGQzVUQlMkJpUTRMVm5qZ3U1YmJyV2tQQ0xIWWZ2UmxIWlp1b1hLcSUyRng2R0RJNmRXcVlySjM5NmpTTVpIWG81Tk9sNU9Qc3MwenJOQzJkb0hoekM1VFhKS2NReXdnbnV4WXREek9uUVEwJTJGUGdUM0VDNHhyazkzbVUlMkJ3VUUxNmV4Q3ZRJTNEJTNE
.liadm.com/ Name: lidid
Value: f149870c-14f1-409f-ad93-3f2e1db8c48d
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: Z0Y-ILmqPtEAAH7rBJOI8gAA
.casalemedia.com/ Name: CMPS
Value: 4467
.casalemedia.com/ Name: CMPRO
Value: 4467
.rubiconproject.com/ Name: khaos
Value: M3YZ76JQ-S-I0CL
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrKmkuSL8erT9BK0vlZCx9RWO+myZ340Brp4bTbo3eCv9UtwqHhHUJQSBx2P3in8zPh6cqIxiLHfyKPLRELhl3xIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.adsby.bidtheatre.com/ Name: __kuid
Value: a137a657-7d86-4d53-921a-c66bee1da98c.501870929
.simpli.fi/ Name: suid
Value: BD8B5619C8854C0EA24E1AB679756B89
.doubleclick.net/ Name: IDE
Value: AHWqTUlXon-kCB8eM5n5shciNetrzmlZoskkfyKe7wu9pHFl_w-u2dPQvtMv_7_SZEQ
.paint.toys/ Name: __gads
Value: ID=2c60785529642b71:T=1732656929:RT=1732656929:S=ALNI_MYGRhNbpNgzJqvmkw-kksbDwtYd3Q
.paint.toys/ Name: __gpi
Value: UID=00000f5acaf05b38:T=1732656929:RT=1732656929:S=ALNI_MZ4hMTvelgvZl-yLS7lO19XPs28vQ
.creativecdn.com/ Name: g
Value: P5GuOU69xozJzdtoSPsr_1732656929482
.creativecdn.com/ Name: ts
Value: 1732656929
.paint.toys/ Name: __eoi
Value: ID=96be167f1e86d22b:T=1732656929:RT=1732656929:S=AA-AfjZfSRJCWGDF-3zkjzfA4snC
.openx.net/ Name: i
Value: e7af86b5-0db0-0553-0481-cd4fd68cc5f4|1732656930
paint.toys/ Name: cto_bundle
Value: cZsRrl9pM2ZZdXdjVWVlWE0lMkJrU0NZT3R6bGZzeVRiMVdxUlZTVDd1ZUQwNVE3SDgyWE1OaXYlMkJMJTJGMWVHUkZuWnlNckplcXJmczZLTEE0eFVXMCUyRjd2UUp0VGI1ZGNwelJQa0tGbjRyZGl5b083bUZINmU4eklXQWNMVExvMXU4OXJIZ01RQ1pkbnBISHJzQTlMc3ZQRElwZUpIdyUzRCUzRA
.amazon-adsystem.com/ Name: ad-id
Value: A7wjj2hZ10TjjY-Bs70XPus
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid
Value: 93717122-2f58-4ccf-bd06-1b91f0429cce
.bidswitch.net/ Name: c
Value: 1732656930
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid_lu
Value: 1732656931
.gumgum.com/ Name: vst
Value: e_3dc20535-3a92-4e04-8315-006aa433bbf4
.adform.net/ Name: uid
Value: 4663833802282342066
.openx.net/ Name: pd
Value: v2|1732656930.1|iyvQvNgun0gi.gqwksLmOgesf
.contextweb.com/ Name: VP
Value: part_ABa0maTvHgmt
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1uzs|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 175c6d05d661b3de
.blismedia.com/ Name: b
Value: 67463F23E5AFF5B4109D9F06_
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bec4e422-e5d3-5bc0-71aa-57074dfc6ee5.fRz61Bu3N1uYVSwOq3tDfQKGrPj5SJC1VsRBD7KULSI
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bec4e422-e5d3-5bc0-71aa-57074dfc6ee5.fRz61Bu3N1uYVSwOq3tDfQKGrPj5SJC1VsRBD7KULSI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvsTkIuXTW8BxqlcHTfxu5bnGPlM.bbSy%2FbTtvd1PlHodijQmnDCkFCRB5ElM0XCEvjnpkAU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvsTkIuXTW8BxqlcHTfxu5bnGPlM.bbSy%2FbTtvd1PlHodijQmnDCkFCRB5ElM0XCEvjnpkAU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdS_BAcUEZdTtQT8fuA0amTEel01bqbIJ18ln6kLmPOEAMYAyCj_pi6BjABOgSAOSS3QgQAuXrP.poisJOP%2FhONX%2BSR6v6CvV2MNzF09o%2BFHH2z5s7ntykQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdS_BAcUEZdTtQT8fuA0amTEel01bqbIJ18ln6kLmPOEAMYAyCj_pi6BjABOgSAOSS3QgQAuXrP.poisJOP%2FhONX%2BSR6v6CvV2MNzF09o%2BFHH2z5s7ntykQ
.ipredictive.com/ Name: cu
Value: 703a6bbc-8c63-4527-b1c0-57d2c26415eb|1732656931987
.sitescout.com/ Name: ssi
Value: f9543dc8-fa91-40fd-8c99-0a25d1fbd70a#1732656932661
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTczMjY1NjkzMjc1OSwiNyI6MTczMjY1NjkzMjc1OX0
.adnxs.com/ Name: XANDR_PANID
Value: lSIz-kNXy8v09rvsQ6hJjjEOUWte2QX2sDIhlV08qhW-4slhU0JGryr-Hj5s4QAe3d3ZmyJj4n_rF1tkEAXudsvDchJmeXtLeEttRo6Gm4I.
.adnxs.com/ Name: uuid2
Value: 8952230492646727208
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI4OTUyMjMwNDkyNjQ2NzI3MjA4IiwiZXhwaXJlcyI6IjIwMjQtMTItMTBUMjE6MzU6MzMuMTM3MTQ4MTY3WiJ9LCJydWJpY29uIjp7InVpZCI6Ik0zWVo3NkpRLVMtSTBDTCIsImV4cGlyZXMiOiIyMDI0LTEyLTEwVDIxOjM1OjI5LjMzMjM4MjA2MVoifSwib3BlbngiOnsidWlkIjoiMGRkZDM2MjMtMWRhOC0wOTRkLTM1ZGItYzViMjMzZjAzNDg0IiwiZXhwaXJlcyI6IjIwMjQtMTItMTBUMjE6MzU6MzEuNDMzMTc2NzY3WiJ9LCJndW1ndW0iOnsidWlkIjoiZV8zZGMyMDUzNS0zYTkyLTRlMDQtODMxNS0wMDZhYTQzM2JiZjQiLCJleHBpcmVzIjoiMjAyNC0xMi0xMFQyMTozNTozMS4yMDM4NDg4NDFaIn0sIml4Ijp7InVpZCI6IlowWS1JTG1xUHRFQUFIN3JCSk9JOGdBQSY0NDY3IiwiZXhwaXJlcyI6IjIwMjQtMTItMTBUMjE6MzU6MjkuMzMyNDM5MDI2WiJ9fX0=
.tapad.com/ Name: TapAd_TS
Value: 1732656933506
.tapad.com/ Name: TapAd_DID
Value: b0baf5b0-476e-4418-bec1-46eff2de291a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

6 Console Messages

Source Level URL
Text
rendering warning URL: https://paint.toys/oil/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0BD1554270000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://px.moatads.com/pixel.gif
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9da2eac2167e8cfea5cbb159de04e39f.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
bt.dns-finder.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cd836371f1d.cdn.intergient.com
cdn.id5-sync.com
cdn.intergi.com
cdn.intergient.com
config.aps.amazon-adsystem.com
direct.adsrvr.org
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
faucetfoot.com
fid.agkn.com
fundingchoicesmessages.google.com
g2.gumgum.com
grid-bidder.criteo.com
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
invstatic101.creativecdn.com
js-sec.indexww.com
kfdk.formailing.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.sharethrough.com
oa.openxcdn.net
pa.openx.net
pagead2.googlesyndication.com
paint.toys
pbs-cs.yellowblue.io
pixel.rubiconproject.com
playwire-d.openx.net
prebid-server.rubiconproject.com
proc.ad.cpe.dotomi.com
px.moatads.com
rp.liadm.com
rtb.gumgum.com
rtb.openx.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tlx.3lift.com
u.openx.net
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
fid.agkn.com
paint.toys
pixel.rubiconproject.com
x.bidswitch.net
104.18.20.56
104.18.21.56
104.18.24.111
104.18.24.18
104.18.24.242
104.18.26.193
104.18.27.193
108.128.75.152
13.224.196.140
13.248.245.213
13.32.119.202
130.211.23.194
142.250.181.226
142.250.184.238
142.250.185.70
142.250.185.74
15.197.167.90
151.101.193.108
162.19.138.82
172.217.16.193
172.67.188.158
172.67.38.106
172.67.41.60
172.67.69.19
178.250.1.11
178.250.1.3
178.250.1.4
178.250.1.56
18.157.230.4
18.172.112.90
18.195.234.25
18.210.235.203
18.66.102.34
184.28.88.244
184.28.89.220
184.30.22.30
185.64.189.112
188.114.96.3
216.58.206.40
216.58.212.142
23.205.176.78
3.120.249.250
3.33.220.150
3.73.242.72
34.102.146.192
34.36.214.49
34.96.70.87
35.227.252.103
35.244.159.8
35.244.193.51
37.252.171.85
52.211.253.103
52.213.202.106
52.222.236.4
52.223.6.21
52.54.248.128
63.215.202.146
63.32.216.224
65.9.66.68
65.9.66.90
69.173.144.137
69.173.156.139
021d5e81fa95c76f1aab8dd2d3a5dc58988a3e066f73d9a0dcea4ce0779d2d81
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a24226b810811def317ee02bf0703399b08e300afe117f3df37beb24b25e2bd
0aa98ee205d0ed7ab5765a57a2652a721657b0afe77539306b4d2c2e582587cf
0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69
1278c4cf185df7d945dbb204a60d816050248c3c327b2d7877a94ee8d82d0d9f
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658
2023334324d8c97da0548ef57396aab4eef6ceccb3b56eaa80f296bc2d05b945
249ef7c2670b0352e54b7ecd2d8b53399ff7743fd228228eccd3f8b32a204441
272fa9f6f409c84f90ee8997eb2db86a9ab6db32c7716b7b572b85da822937cc
2ceb245956058cf6382430232bebba47699f66d2f22d81eb2644e0e1c0e75c26
2ee1eaafed1059a4e32ba211a6e9a967321111364904106d74899d325784a9ab
2ef90dee2a1d4fde6d07b7a1c7d64393c71287e6c35756b3b044d8fbcac98992
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
32602b7d029764a28e5e5f7222f84fa5f596d4e1d32aa4f433a2b431581e6ba0
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
3bded2f81a4be99edd457a2867440796fe680c4bc4fc0813b739dabeca493aa7
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
518a9e5070ca33b596738e47be8f68cb3ff2cbfc327f51de6cb2014a94305f75
541404fe1f887a88c475779efe00b14fb5339eba0bc4e0a5a6547d6b1b86c6e3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
558a10c9bb85310540937a64ae489ed9dbaf78d582a4791c07c7ab77913444c7
558aad94740a37912fc8e136fd49e7226e1a613c2719f42713da0117060112a2
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
65176f0a7c48d6a98e3a92b0c24b44ff496e7245003e836e36a6d5d02e43ced6
698125dce2d65453fb75b00be2dbe5a190b4d34db82aac2501518eff75b86500
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
71fc8d942e2f2abc06fda6bd2de4fbffd77584250d2c3628cddc677d2a7aabb1
72b49f7f3b1695d725da86ed2140d0ee23ff0b3680006dbae16305f864827f1c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
761c85b4efc334c6ff68c9333bccd2005c36f704a060639bf6770c5ec614ff0b
767d04353410d111a0795e098132e2c02a8e309a64e24391bbdaffb70e834828
784b2363f8f9257c8bad5f3e5cd0641412d6081d2b518df7e97994596df19286
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7a845fc454eb41e28c4e099d098c18402c0d581d40c182cc9e7027ab3ca6c224
7c69d44c776710c70f5f749a5e6b2e53615226df767d3aa0227d70d22603de77
7cb542345d9dc44cc11c98b3d96ddf725cdf55da9592e0935da512aff9e31814
7e4d2c9111e1ca31b5e2e4bfd5a66925f07c0c232672f31481c6b66a89b26f16
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795
8429294dbe104afeafcde686898d55472274252021dc9e068ea8f3f23ae98a5f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90702677b39fa606364aef7073b1bb0e7e3cf3b9619c91327e4d87f2827e90f9
9285cb4fa93f7c044587b2e8d6da26cd367aa6856160ba1b29854acb1046acae
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
9c4520b262bf8198e3c3e55a8d927867838f0376f11e37e0729221ba79a40a93
9e5b270206e2acc3802bc7fa2ce38356bf1745cb80de44300e8006923c900f99
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a66b049eecbddfd608523251a04d8912c8906b8fd336ae444289b9cc645c863b
a9111aa9337ebd5fd6255ae8cddcb6186c18008d2491f298fe6b3a2f44c2667a
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9b95cb96437b1868627cc84651080dc5afabce0b5df77fe634df2ee6cd26783
aa705b80cce2ab13554e4362c886b11a9e0c793caa77bdf283015727fbf0fb34
aab1f82bbee7d4c96e4144f14c91cb11238acedebb052230c92f44f22c5f466e
ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b90e07dcbb1c150d43d1bfe04baede6d942f656b7007677676b8eef05d1013cb
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
c05ce757883491a00705f8f5b4c95fc2a14c0ffdcdf4bd1318cb1bffbf932cac
c14ab753159be3aa4554ebec66c6ed97205cecf6a6ed03bd934de9d4160e85ef
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c7ad3b1490c18aa8bd0866e056d8eba4d936b73d68d959fe9ccb4f9b4b09c8b2
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
c9b432fd668d5fc394c5c89fe68737bbf153ed1bd89b2c3b64c13fd95b668a59
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d520b08522d05e82041252dd9af6faf60aff6c750808f8850bfc35578654cdbb
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db923ce8bb5894251489b6814a732f201700e5256865bcfb5fab34c912f8f697
e140cb7a6086625817ba4d8e9da4649d4f1d76e466b810b6e4c2ad663b218f46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c437da084a03fd046e831a9ce4ff57338c1dec029c49f18c597bbbb4f78d05
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0cbebd6d020d015159985d8b48d8621014584bdbce2fb31231f5adfd586f974
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
f759e346d2449ed2bc73692cf8b14238b90b46def17ea46d7276906c87c8ef45
fbb368e2140eec1a8b17c26ce2654dac4c0ac35db3b5d2f896a23c3358924fc5
ff1a40585937ac293816334f359c71006be388c977e647dcf5270a8a75313639