urlscan.io logo urlscan.io
SecurityTrails logo

paint.toys Open in urlscan Pro
3.33.186.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
Effective URL: https://paint.toys/oil/
Submission: On October 23 via api from BE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 5 countries across 42 domains to perform 134 HTTP transactions. The main IP is 3.33.186.135, located in United States and belongs to AMAZON-02, US. The main domain is paint.toys. The Cisco Umbrella rank of the primary domain is 639947.
TLS certificate: Issued by E5 on October 3rd 2024. Valid for: 3 months.
This is the only time paint.toys was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 67.198.205.86 35908 (VPLSNET)
1 8 3.33.186.135 16509 (AMAZON-02)
8 104.18.21.56 13335 (CLOUDFLAR...)
2 216.58.206.72 15169 (GOOGLE)
2 104.18.24.111 13335 (CLOUDFLAR...)
5 142.250.185.98 15169 (GOOGLE)
5 104.18.25.242 13335 (CLOUDFLAR...)
1 52.85.65.95 16509 (AMAZON-02)
2 104.18.20.56 13335 (CLOUDFLAR...)
1 18.245.46.126 16509 (AMAZON-02)
1 172.67.41.60 13335 (CLOUDFLAR...)
1 184.28.89.220 16625 (AKAMAI-AS)
13 142.250.186.78 15169 (GOOGLE)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 142.250.184.230 15169 (GOOGLE)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 178.250.1.3 44788 (ASN-CRITE...)
3 13.224.186.120 16509 (AMAZON-02)
2 3.73.242.72 16509 (AMAZON-02)
2 142.250.186.34 15169 (GOOGLE)
2 178.250.1.11 44788 (ASN-CRITE...)
1 216.58.206.74 15169 (GOOGLE)
4 141.95.98.64 16276 (OVH)
2 99.80.212.73 16509 (AMAZON-02)
2 35.244.193.51 15169 (GOOGLE)
2 3.228.148.82 14618 (AMAZON-AES)
2 162.19.138.119 16276 (OVH)
1 99.86.4.30 16509 (AMAZON-02)
1 13.33.173.196 16509 (AMAZON-02)
2 69.192.160.199 16625 (AKAMAI-AS)
1 34.199.122.88 ()
2 142.250.184.193 ()
2 142.250.186.33 ()
1 142.250.185.228 ()
1 2 35.244.159.8 ()
1 23.35.229.251 ()
1 13.248.245.213 ()
1 104.18.38.76 ()
1 151.101.193.108 ()
2 2 35.214.136.108 ()
1 3.33.220.150 ()
134 43
2    67.198.205.86 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.198.205.86.static.krypt.com
sdfeth.inducort.com
8    3.33.186.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: afa7f374f51cc8991.awsglobalaccelerator.com
paint.toys
8    104.18.21.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
2    216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f8.1e100.net
www.googletagmanager.com
2    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
faucetfoot.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
5    104.18.25.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergi.com
1    52.85.65.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-95.muc50.r.cloudfront.net
static.adsafeprotected.com
2    104.18.20.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
1    18.245.46.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-126.fra56.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    184.28.89.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-220.deploy.static.akamaitechnologies.com
px.moatads.com
13    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
fundingchoicesmessages.google.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    3.73.242.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
cd836371f1d.cdn.intergient.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f10.1e100.net
imasdk.googleapis.com
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    99.80.212.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-212-73.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    3.228.148.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-148-82.compute-1.amazonaws.com
idx.liadm.com
2    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.33.173.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-173-196.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    69.192.160.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    34.199.122.88 (None, )

ASN- ()
rp.liadm.com
2    142.250.184.193 (None, )

ASN- ()
21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com
2    142.250.186.33 (None, )

ASN- ()
tpc.googlesyndication.com
1    142.250.185.228 (None, )

ASN- ()
www.google.com
2    35.244.159.8 (None, )

ASN- ()
u.openx.net
1    23.35.229.251 (None, )

ASN- ()
eus.rubiconproject.com
1    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
1    104.18.38.76 (None, )

ASN- ()
js-sec.indexww.com
1    151.101.193.108 (None, )

ASN- ()
acdn.adnxs.com
2    35.214.136.108 (None, )

ASN- ()
x.bidswitch.net
1    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
12 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 5309
cd836371f1d.cdn.intergient.com — Cisco Umbrella Rank: 6194
78 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
www.google.com
76 KB
8 paint.toys
paint.toys — Cisco Umbrella Rank: 639947
130 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com
tpc.googlesyndication.com
20 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
ad.doubleclick.net — Cisco Umbrella Rank: 150
239 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
aax.amazon-adsystem.com — Cisco Umbrella Rank: 457
88 KB
5 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 6123
233 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
cdn.id5-sync.com Failed
2 KB
3 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 1307
rp.liadm.com Failed
723 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
73 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
3 btloader.com
btloader.com — Cisco Umbrella Rank: 883
api.btloader.com — Cisco Umbrella Rank: 1013
31 KB
2 bidswitch.net
grid.bidswitch.net Failed
x.bidswitch.net
821 B
2 openx.net
pa.openx.net Failed
rtb.openx.net Failed
u.openx.net
334 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 557
hbopenbid.pubmatic.com Failed
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
563 B
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1340
246 B
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2543
tags.crwdcntrl.net Failed
627 B
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
bidder.criteo.com Failed
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
2 faucetfoot.com
faucetfoot.com — Cisco Umbrella Rank: 323582
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
194 KB
2 inducort.com
sdfeth.inducort.com
2 KB
1 adsrvr.org
match.adsrvr.org
149 B
1 indexww.com
js-sec.indexww.com
1 adnxs.com
ib.adnxs.com Failed
acdn.adnxs.com
1 3lift.com
tlx.3lift.com Failed
eb2.3lift.com
1 rubiconproject.com
prebid-server.rubiconproject.com Failed
fastlane.rubiconproject.com Failed
eus.rubiconproject.com
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 501
145 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2261
8 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2648
1 KB
1 moatads.com
px.moatads.com — Cisco Umbrella Rank: 1027
27 B
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 6525
922 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 684
481 B
0 gumgum.com Failed
g2.gumgum.com Failed
0 casalemedia.com Failed
htlb.casalemedia.com Failed
0 sharethrough.com Failed
btlr.sharethrough.com Failed
0 yellowblue.io Failed
hb.yellowblue.io Failed
0 hadronid.net Failed
cdn.hadronid.net Failed
0 amazon.dev Failed
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Failed
0 fastclick.net Failed
secure.cdn.fastclick.net Failed
0 agkn.com Failed
fid.agkn.com Failed
134 42
Domain Requested by
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
10 cdn.intergient.com paint.toys
cdn.intergient.com
8 paint.toys 1 redirects sdfeth.inducort.com
paint.toys
5 cdn.intergi.com cdn.intergient.com
cdn.intergi.com
5 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
4 id5-sync.com cdn.intergi.com
3 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
3 static.criteo.net securepubads.g.doubleclick.net
cdn.intergi.com
static.criteo.net
3 www.google-analytics.com www.googletagmanager.com
2 x.bidswitch.net 2 redirects
2 u.openx.net 1 redirects cdn.intergi.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ads.pubmatic.com cdn.intergi.com
2 lb.eu-1-id5-sync.com cdn.intergi.com
2 idx.liadm.com cdn.intergi.com
2 lexicon.33across.com cdn.intergi.com
2 id.crwdcntrl.net cdn.intergi.com
2 gum.criteo.com static.criteo.net
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 cd836371f1d.cdn.intergient.com cdn.intergient.com
2 api.btloader.com btloader.com
2 ad-delivery.net paint.toys
2 faucetfoot.com cdn.intergient.com
faucetfoot.com
2 www.googletagmanager.com paint.toys
www.googletagmanager.com
2 sdfeth.inducort.com 1 redirects
1 match.adsrvr.org
1 acdn.adnxs.com cdn.intergi.com
1 js-sec.indexww.com cdn.intergi.com
1 eb2.3lift.com cdn.intergi.com
1 eus.rubiconproject.com cdn.intergi.com
1 www.google.com tpc.googlesyndication.com
1 rp.liadm.com cdn.intergi.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 imasdk.googleapis.com cdn.intergi.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 ad.doubleclick.net paint.toys
1 px.moatads.com paint.toys
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
1 static.adsafeprotected.com paint.toys
0 g2.gumgum.com Failed cdn.intergi.com
0 hbopenbid.pubmatic.com Failed cdn.intergi.com
0 htlb.casalemedia.com Failed cdn.intergi.com
0 bidder.criteo.com Failed cdn.intergi.com
0 btlr.sharethrough.com Failed cdn.intergi.com
0 rtb.openx.net Failed cdn.intergi.com
0 grid.bidswitch.net Failed cdn.intergi.com
0 fastlane.rubiconproject.com Failed cdn.intergi.com
0 hb.yellowblue.io Failed cdn.intergi.com
0 ib.adnxs.com Failed cdn.intergi.com
0 tlx.3lift.com Failed cdn.intergi.com
0 prebid-server.rubiconproject.com Failed cdn.intergi.com
0 pa.openx.net Failed cdn.intergi.com
0 cdn.id5-sync.com Failed sdfeth.inducort.com
0 cdn.hadronid.net Failed sdfeth.inducort.com
0 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Failed c.amazon-adsystem.com
0 tags.crwdcntrl.net Failed sdfeth.inducort.com
0 secure.cdn.fastclick.net Failed sdfeth.inducort.com
0 fid.agkn.com Failed cdn.intergi.com
134 62

This site contains links to these domains. Also see Links.

Domain
toms.toys
Subject Issuer Validity Valid
*.paint.toys
E5		 2024-10-03 -
2025-01-01		 3 months crt.sh
cdn.intergient.com
WE1		 2024-10-02 -
2024-12-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
faucetfoot.com
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cdn.intergi.com
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-01-12 -
2025-02-09		 a year crt.sh
btloader.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-27 -
2025-09-27		 a year crt.sh
ad-delivery.net
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
api.btloader.com
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2024-10-15 -
2025-01-13		 3 months crt.sh
oa.openxcdn.net
WR3		 2024-09-16 -
2024-12-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.cdn.intergient.com
Go Daddy Secure Certificate Authority - G2		 2024-04-17 -
2025-04-01		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh
lexicon.33across.com
WR3		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-09-01 -
2024-11-30		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-11		 a year crt.sh
indexww.com
WE1		 2024-10-01 -
2024-12-31		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh

This page contains 18 frames:

Primary Page: https://paint.toys/oil/
Frame ID: F799C61A48E366CD94D261703C5EC90D
Requests: 115 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.67/iframe/iframe.html
Frame ID: D1AD18931E0BBA076C90E0C4066B1E53
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 75D03769DF920676CCA78CF2AF0CB8E5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.67/iframe/iframe.html
Frame ID: DD81F33E9A79D95FF7D8B0BE11ACFFD4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Frame ID: 0B3A64D91B4C039855869FE66DA5CB73
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 30FF7AF8B58B418B2334B96747D03D26
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 4C24566F216E87B82CA40D869D7D7BFF
Requests: 1 HTTP requests in this frame

Frame: https://21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17381DDD82D075EEC7516CFEDB95A946
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=paint.toys&gdpr=0&gdpr_consent=
Frame ID: DC68C144C613B6CB63E34B856ACDB4AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 91F3CE901C7D859DDCB74791A265D784
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 073CD6B8927CEE244581BC4596875851
Requests: 1 HTTP requests in this frame

Frame: https://21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 351328A816F3540A0A106E5A85BD44BE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: FB84BBFEF32D3D5CB07C73497F035B33
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: EE8EA31F68D2027AF5D96FB9BF9BBFFF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Frame ID: 7DBAD907C833DDCD343CF1F580481675
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9C791955CCC10E3D362FF5C0B7C9224F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 485940F292401A0E934D8210AEB17EC1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 267B4A441A9C1662BDD429FB58AA417B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paint with Oils

Page URL History Show full URLs

  1. http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UF... HTTP 307
    https://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UF... HTTP 307
    http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UF... Page URL
  2. http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UF... HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

134
Requests

71 %
HTTPS

0 %
IPv6

42
Domains

62
Subdomains

43
IPs

5
Countries

1350 kB
Transfer

3877 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24 HTTP 307
    https://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24 HTTP 307
    http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24 Page URL
  2. http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24?in=1 HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24 HTTP 307
  • https://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24 HTTP 307
  • http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
Request Chain 117
  • https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Request Chain 128
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=

134 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
sdfeth.inducort.com/r/
Redirect Chain
  • http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
  • https://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
  • http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
539 B
944 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
Protocol
HTTP/1.1
Server
67.198.205.86 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.198.205.86.static.krypt.com
Software
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 / PHP/7.4.33
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
305
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Oct 2024 08:17:25 GMT
Developed-by
Mohamed Amine El Attabi
Email
mohamed.amine.elattabi@gmail.com
Expires
Sat, 2 Aug 1980 15:15:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33
X-XSS-Protection
1; mode=block

Redirect headers

Location
http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
paint.toys/oil/
Redirect Chain
  • http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24?in=1
  • https://paint.toys/oil
  • https://paint.toys/oil/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/
Requested by
Host: sdfeth.inducort.com
URL: http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://sdfeth.inducort.com/r/aHRLclJZMXFWUHpMVUF1bm9aRFEtMjYtMjY3NDczMDYtMGI0NzAyMGMtNzItQzZldEE1WnY3UFdTUUVKSXdkU24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
150473
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
1669
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 08:17:28 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JAW77J61BMHFCHCK5WWTT0TZ

Redirect headers

accept-ranges
bytes
age
150473
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-length
1668
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 08:17:28 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
location
/oil/
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01JAW77HYMN538Z2YA1WGZPEX8
ramp_config.js
cdn.intergient.com/1024872/74068/ 		37 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024872/74068/ramp_config.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd2f090274785f63f2aae032d12f644a5733842b34dca315af30ce7d733c0f9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

last-modified
Wed, 23 Oct 2024 08:17:23 GMT
hw-country-code
IT
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
HIT
age
7
via
1.1 69b8255864bcbab6fa21e4a2a96c169e.cloudfront.net (CloudFront)
cf-ray
8d704a848bca524f-MXP
x-cache
Hit from cloudfront
x-amz-cf-id
iz9yk2IKkSjYs5ygjE30DQXA61TQwS0l1b8WxDSi-9LWlanyBU52HQ==
date
Wed, 23 Oct 2024 08:17:30 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
MXP63-P2
apps.css
paint.toys/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paint.toys/apps.css
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"58d01e65c6625681e8891f6fbc8c18f5-ssl-df"
age
5049
accept-ranges
bytes
content-length
1405
x-nf-request-id
01JAW77JGEVGQ6P03V8PBC71GM
cache-status
"Netlify Edge"; hit
date
Wed, 23 Oct 2024 08:17:29 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
Netlify
index.js
paint.toys/oil/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/index.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"687211e2ced405124b38663a13c97091-ssl-df"
age
150474
accept-ranges
bytes
content-length
1206
x-nf-request-id
01JAW77JGEVCKN94G500HDN5RZ
cache-status
"Netlify Edge"; hit
date
Wed, 23 Oct 2024 08:17:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
art-icon.png
paint.toys/assets/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/art-icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"1394f8469f2ca5750397e3d7b6ec70a1-ssl"
age
119651
accept-ranges
bytes
content-length
33562
x-nf-request-id
01JAW77JGE1KJKGM2Y457S68GT
cache-status
"Netlify Edge"; hit
date
Wed, 23 Oct 2024 08:17:29 GMT
content-type
image/png
server
Netlify
icon-hand.png
paint.toys/assets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-hand.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"a0822110a4671ffdf710da1467460fba-ssl"
age
5049
accept-ranges
bytes
content-length
27394
x-nf-request-id
01JAW77JGEQSDWBBJ03YD3AHMY
cache-status
"Netlify Edge"; hit
date
Wed, 23 Oct 2024 08:17:29 GMT
content-type
image/png
server
Netlify
icon-disk.png
paint.toys/assets/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-disk.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"26852fa1548a91e004629b01e4abf1dd-ssl"
age
5049
accept-ranges
bytes
content-length
13766
x-nf-request-id
01JAW77JTX53K24V4EKX0XCWEK
cache-status
"Netlify Edge"; hit
date
Wed, 23 Oct 2024 08:17:29 GMT
content-type
image/png
server
Netlify
icon-trash.png
paint.toys/assets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-trash.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"e91ef5e34b5154d392e8560031eaaa4c-ssl"
age
144344
accept-ranges
bytes
content-length
51680
x-nf-request-id
01JAW77JTX2BHR5487C73EFX6F
cache-status
"Netlify Edge"; hit
date
Wed, 23 Oct 2024 08:17:29 GMT
content-type
image/png
server
Netlify
ramp_core.js
cdn.intergient.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f7948083a475d3ed2873b7fd282c55c8aacab039efe53d22e024fe8f1dd201

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
IT
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
via
1.1 ea387b850914681ced817b614bc2da7c.cloudfront.net (CloudFront)
cf-ray
8d704a848bcd524f-MXP
x-cache
Miss from cloudfront
x-amz-cf-id
DKuVexyhW2nZB2PkCXYg8p3-0dU8xJivApU09XKUeLeO7MtWcRO5wg==
date
Wed, 23 Oct 2024 08:17:30 GMT
x-lambda-function
us-east-1.pageos_production:664
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
MXP63-P2
js
www.googletagmanager.com/gtag/ 		311 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ec63ec19b23e1f9c27b7cd73765060e043ae4cfe54f4917252919a2516b8d235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 23 Oct 2024 08:17:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106175
x-xss-protection
0
server
Google Tag Manager
7d9e02c6cf48_a139431ec6b72aa6cb1abfb988.index.js
faucetfoot.com/static/js/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/static/js/7d9e02c6cf48_a139431ec6b72aa6cb1abfb988.index.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9767e24157e1619037cce4ee290f10f683bdbb8020c57371eff5fef65fbb4ba1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"67517cbe9d209e0c91ea2bd750ea7d81d3b2ed10a00499071a812dd42772c3eb"
x-buildname
hoothoot
x-hostname
fen-hoothoot-europe-west1-test-wtl1
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 08:17:31 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8d704a8b192fbab5-MXP
x-buildnumber
1507459579
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9943fc1b4ca255241d4ca66cbc285d44218e16d3d0e03f21d76e7427dcdf6f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
547 / 20019 / m202410170101 / config-hash: 9041127730022771751
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 08:17:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 23 Oct 2024 08:17:31 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33720
x-xss-protection
0
server
cafe
prebid.js.br
cdn.intergi.com/prebid/ 		521 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b22add6e87c4f2dda0208221cf5d82670ca739f91ac91827d390894538aacf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
tijubuJvcERDyjc9eOgsc_1oOwfrljZy
etag
W/"922890e5c3714427691aa4b5d75bc0e4"
age
2744
x-cache
Hit from cloudfront
x-amz-cf-id
tMyCTn-oM4unRyYdwpfmyV_L0hb_-V6DakxScxYd0cy9AqOvBbGqMQ==
date
Wed, 23 Oct 2024 08:17:31 GMT
content-type
text/javascript
last-modified
Wed, 28 Aug 2024 15:24:21 GMT
vary
Accept-Encoding
via
1.1 de6671ea5841a2036c9c6a7b40daeba0.cloudfront.net (CloudFront)
cf-ray
8d704a8e189cbaaf-MXP
x-amz-cf-pop
WAW51-P5
server
cloudflare
x-amz-server-side-encryption
AES256
pageos.js
cdn.intergient.com/pageos/1.10.67/ 		399 B
492 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18ddb1f69f784b5dafbad5bcc129742da512c833389abf342c5f7ea4d606ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0002fba0ce684141dd399cfa3542b272"
age
115836
x-cache
Hit from cloudfront
x-amz-cf-id
n8gaLWzeKcvSvloLHUpL_wC8aHW4zNfznKiLCbia1wmcLRtlGzb6SA==
date
Wed, 23 Oct 2024 08:17:30 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 1941d7a64ce4dc55d14b445963586a6e.cloudfront.net (CloudFront)
cf-ray
8d704a86bed5524f-MXP
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
runtime.e77e9997f1a1cc1e6a49.js
cdn.intergient.com/pageos/1.10.67/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/runtime.e77e9997f1a1cc1e6a49.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8889f827ffc16be31b00b9f5ddaea886371d5f4976b01932eaef9f0e798614b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"8f49d9d87cba82f66554e489219154ce"
age
124746
x-cache
Hit from cloudfront
x-amz-cf-id
Ka-bAisRJmcqfmoIZrsxLxvHydGdGXi3h529k76etFePIPWBsuS7Pg==
date
Wed, 23 Oct 2024 08:17:31 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 66a9d30cb1014679858f80448b50159c.cloudfront.net (CloudFront)
cf-ray
8d704a891ad2524f-MXP
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
main.4f0ace9dbf5a630f9f87.js
cdn.intergient.com/pageos/1.10.67/ 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b605186a14717eac9cbfb80b17b1d5f5039d89b22315b9bc01fa87dc473b1966

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"8fc2ec857fda773b48ecd159c8306493"
age
558170
x-cache
Hit from cloudfront
x-amz-cf-id
fuhAPF_i4-Z9ROmdtU5s5JJ81AYIpq2l7QOCjuGJm2f_agFN1g7e4A==
date
Wed, 23 Oct 2024 08:17:31 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 892b64cb4f7d422e3a1221397ea1a546.cloudfront.net (CloudFront)
cf-ray
8d704a891ada524f-MXP
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=wboqnn&adnum=418283
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-95.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
38595
x-cache
Hit from cloudfront
x-amz-cf-id
noxzTKMNCqZ3BlLDD-PE6geLsih5yYufIOAAoB6Ht-P4MFI8Y3f0Jg==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0ef755569b0bb31a32a90b7cdddb6f18.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/1.10.67/ 		559 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/runtime.e77e9997f1a1cc1e6a49.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6880c1609e3243c11c7b4f1285e14d89"
age
554408
x-cache
Hit from cloudfront
x-amz-cf-id
VqnY5MMIH-5vq7L_VvJHgd5Lr4_OeNaRXuh5H3zKOF0w3_Q1dICatQ==
date
Wed, 23 Oct 2024 08:17:32 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 03989e0a7def97f8cd0c031a3672342a.cloudfront.net (CloudFront)
cf-ray
8d704a910fd6524f-MXP
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
iframe.html
cdn.intergient.com/pageos/1.10.67/iframe/ Frame D1AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
36158
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8d704a97ad46bb31-MXP
content-encoding
br
content-type
text/html
date
Wed, 23 Oct 2024 08:17:33 GMT
hw-country-code
IT
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
x-amz-cf-id
rs_ucXFUUuQn3RDQHd7e-OWqNDfpdGDAS2qlMfWaSYzSgK-wPDFahw==
x-amz-cf-pop
MXP63-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
gdpr.b7df989d2c34f043bd1f.js
cdn.intergient.com/pageos/1.10.67/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/gdpr.b7df989d2c34f043bd1f.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/runtime.e77e9997f1a1cc1e6a49.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104dcec54a944fe02fd14d43b601fe3a00d9280e3d151b12e138579234e6ac14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5900cba46df6d75031d9e06319c89a97"
age
1189127
x-cache
Hit from cloudfront
x-amz-cf-id
73ScDJmRmL9dJKf52kQCeznFkI6c5Iib9paJPujHaCj1a4FwVKqyRA==
date
Wed, 23 Oct 2024 08:17:32 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 468a26e83787e0c68005b09431f5baa4.cloudfront.net (CloudFront)
cf-ray
8d704a919896524f-MXP
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
GDPR
impression-inferences-edge-prod.playwire.com/websites/74068/v1/Wed/4/desktop/Chrome/ 		585 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Wed/4/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-126.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
bc7b9eaeb532ad161116ab01d8cc1d8b13a97ccd0c9b7c9115a9998595feca09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600, public, must-revalidate
access-control-expose-headers
*
age
942
via
1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
585
x-amz-cf-id
M88RGKOPQ9uTBMRmmGEmL5s6195zEAY7kO28jvBI4PDW3RaMk-e_OQ==
date
Wed, 23 Oct 2024 08:01:51 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P9
server
CloudFront
tag
btloader.com/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faff0a25623880a82da08b8d7fda0165581b542b76659dae667ecc648c4da08d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"2a7b9848da795b88a9782cc67d02eab3"
age
2193
via
1.1 google
cf-ray
8d704a9abdc85277-MXP
accept-ranges
bytes
content-length
31508
date
Wed, 23 Oct 2024 08:17:33 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 07:39:21 GMT
vary
Origin, Accept-Encoding
server
cloudflare
pixel.gif
px.moatads.com/ 		27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 23 Oct 2024 08:17:34 GMT
Content-Length
27
Date
Wed, 23 Oct 2024 08:17:34 GMT
AK-GRN
0.0ab31402.1729671454.33715a33
Content-Type
text/html
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/ 		480 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
916a3cdac03baac007633a6ef2b6824372a2f43bb9c1f25a29832995134db667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
3246870745169537564
age
79352
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 10:15:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 22 Oct 2024 10:15:00 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152590
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7c39ddd403483a72747343e409ba8ea364b62de9f95ac5abc70019e761817cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 23 Oct 2024 08:17:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92129
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4ah0v9101576445za200&_p=1729671448951&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737~101823848&cid=1386509195.1729671453&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729671452&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fsdfeth.inducort.com%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6556
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:34 GMT
content-type
text/plain
server
Golfe2
aea9a60ee757bacd89c6c0686bc1c2363fa818bc3fdd
faucetfoot.com/submit/fa815f9e94/ 		303 B
769 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/submit/fa815f9e94/aea9a60ee757bacd89c6c0686bc1c2363fa818bc3fdd
Requested by
Host: faucetfoot.com
URL: https://faucetfoot.com/static/js/7d9e02c6cf48_a139431ec6b72aa6cb1abfb988.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb38ff9cf9dc1dff9b2add92e4c98d980d09f2099068c01d00204cc6394eceb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-europe-west1-test-wtl1
expires
Wed, 23 Oct 2024 08:17:33 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 08:17:34 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8d704aa06a4f4beb-MXP
access-control-allow-origin
https://paint.toys
x-buildnumber
1507459579
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1713821
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLp6GPMDtemO7meJX%2F9ayOqvOkA%2F5%2BvsHMqDW2aLeLxsVEeb0etM3pWC%2FwEZsBZVHo6gCOO7QkLcn0fXSY0ud%2BbM30M1YC%2BSlNdt0LrHXWY1Gbdnvhho2wOrMyK3IJ4Ztg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 24 Oct 2024 08:17:35 GMT
x-goog-stored-content-length
43
date
Wed, 23 Oct 2024 08:17:35 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljsC5oQdI-C-65a6izUApyvIBiau3a8TEQHCte52nPPiu8s4u005Bmq2kVPcqEYOgm508v4
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d704aa6eebcbaab-MXP
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
age
56645
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 16:33:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:33:30 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.43940491296320805
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1713821
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6RRKuOM8G72xwq6X8l47dZRMe%2BdnohpzlUw7iMz%2BWOsqkEWnGD39iPhesZaTThRGFngnkevKKBWF4Hein4xQjOia27g6t0VYSGIaGU3hzcIM8zyjoR%2FXR001yt0nNMLvYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 24 Oct 2024 08:17:35 GMT
x-goog-stored-content-length
43
date
Wed, 23 Oct 2024 08:17:35 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljsC5oQdI-C-65a6izUApyvIBiau3a8TEQHCte52nPPiu8s4u005Bmq2kVPcqEYOgm508v4
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d704aa6eeb9baab-MXP
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je4ah0v9102396898za200zb9101576445&_p=1729671448951&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823847&cid=1386509195.1729671453&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729671455&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fsdfeth.inducort.com%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1729671448951&tfd=8921
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:35 GMT
content-type
text/plain
server
Golfe2
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9c4520b262bf8198e3c3e55a8d927867838f0376f11e37e0729221ba79a40a93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Wed, 23 Oct 2024 08:17:36 GMT
content-type
application/json
vary
Origin
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=kLLfsOwVIY&w=5096819819806720&o=5150306120761344&cv=2.1.60-1-gb71443f&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=CWk7RY2NK&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:36 GMT
vary
Origin
154013155
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
de93c8d0aa95686c1d9438a2f983e99049bbf91a004658a4faec7ab86b1c4a19
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YzxZ66XPmTssJU_q9FvV7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNaQYjh56zbTRSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUHYkOFS6zOQOxYdInVE4hVey6xmgPx_XWXWJ8D8d6Pl1iPAnGRxBXWFiC-3XSF9TEQM3y9wsoBxEI8HAsfPdrBJvCg_eMFRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjQz0Dw_gCAwBoz06v"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YzxZ66XPmTssJU_q9FvV7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXu9SIXdY4wr16M3p2Rq2am3LvAvK4_zqF3KxjOyuxJ6qn_wjgLDBZPPsRL7hOonm2QSj36foxICynPjwd6SSBPQQVtBC9mCz69SLyHuNZaWKJ2YDUnZHvu8K6TRemGihlo0LKfjA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXu9SIXdY4wr16M3p2Rq2am3LvAvK4_zqF3KxjOyuxJ6qn_wjgLDBZPPsRL7hOonm2QSj36foxICynPjwd6SSBPQQVtBC9mCz69SLyHuNZaWKJ2YDUnZHvu8K6TRemGihlo0LKfjA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NjcxNDU3LDc4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJJVkFYOWFwYl82ayJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
4afa0bbac9ab766d609749b8ea9b3410d84b192c31de5c546636f7de849d4daa
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lHiTVc4ZyKJcLl2FGdcqyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw15BiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_Hej5dYjwJxkcQV1hYgvt10hfUxEDN8vcLKAcRCPBwLHz3awSbwYF__WmYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDI0M9A8P4AgMA661JXg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lHiTVc4ZyKJcLl2FGdcqyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 75D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2594
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29523
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 07:34:24 GMT
expires
Wed, 23 Oct 2024 08:24:24 GMT
last-modified
Mon, 21 Oct 2024 19:45:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

etag
cd19e0900da0cdbc6697310fd9330fb6
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
x-cloud-trace-context
6fcfc3f9bd4c65238101866971085518
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
16553
x-goog-stored-content-encoding
gzip
expires
Thu, 23 Oct 2025 03:41:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Wed, 23 Oct 2024 03:41:45 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AHmUCY0ME2jKuca6qBesy1jmU2R_p_H9bPLwb0t37uuNOe_ijZ9evD7NuKmGDUs52IDoh11_pvkI9ekJ7w
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Thu, 24 Oct 2024 08:17:38 GMT
access-control-allow-origin
*
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
AGSKWxX3zPEB9rpmlgBdxPGRN3SLvurnlAV1h4-AFEbgfHPwdnHrG93uZUF5npXcAmCNwe9KND6E9JT09a6OOttdnEpz1sI5ovixyDmhcLlpYZ9TCiCvTO3GgCBA2wEZAJXri0m-QyquHw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX3zPEB9rpmlgBdxPGRN3SLvurnlAV1h4-AFEbgfHPwdnHrG93uZUF5npXcAmCNwe9KND6E9JT09a6OOttdnEpz1sI5ovixyDmhcLlpYZ9TCiCvTO3GgCBA2wEZAJXri0m-QyquHw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NjcxNDU4LDMwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMixudWxsLCJlbiJdLCJodHRwczovL3BhaW50LnRveXMvb2lsLyIsbnVsbCxbWzgsIklWQVg5YXBiXzZrIl0sWzksIml0Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
f0673f20e98ced61c2f8b4ef33fd57b87e709b5e98ff0d85770e11d3855f68c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mYCBRUgvyUEGbRr7bSEDHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_Hej5dYjwJxkcQV1hYgvt10hfUxEDN8vcLKAcRC3ByLHj3awSawY_l0GyWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjQz0Dw_gCAwCOlkis"
content-security-policy
script-src 'report-sample' 'nonce-mYCBRUgvyUEGbRr7bSEDHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4ah0v9101576445za200&_p=1729671448951&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737~101823848&cid=1386509195.1729671453&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729671452&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fsdfeth.inducort.com%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=77&tfd=11692
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/plain
server
Golfe2
iframe.html
cdn.intergient.com/pageos/1.10.67/iframe/ Frame DD81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
36158
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8d704a97ad46bb31-MXP
content-encoding
br
content-type
text/html
date
Wed, 23 Oct 2024 08:17:33 GMT
hw-country-code
IT
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
x-amz-cf-id
rs_ucXFUUuQn3RDQHd7e-OWqNDfpdGDAS2qlMfWaSYzSgK-wPDFahw==
x-amz-cf-pop
MXP63-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
apstag.js
c.amazon-adsystem.com/aax2/ 		324 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"b3da0d59872bd7a86984a426ca256adc"
age
854
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
cVPudzXJSVaf0n5vpiSt18HsHjx0KSc3q18Y-C-mh3bspaCU1NR0LQ==
date
Wed, 23 Oct 2024 08:03:26 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 15:05:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
x-amz-server-side-encryption
AES256
4aa06915-c3c4-4b74-8437-2e36629cc7c3
https://paint.toys/ Frame 		0
0
474.a06f43d51aa26adc277d.js
cdn.intergient.com/pageos/1.10.67/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.67/474.a06f43d51aa26adc277d.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/runtime.e77e9997f1a1cc1e6a49.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aebb66b197fa09f062d3c39fc4b841cea9b1e9e85146218cf19d526078af4dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4e40df765c4b2340e48e0a0795cd7b6b"
age
1189132
x-cache
Hit from cloudfront
x-amz-cf-id
4wjsH94uxnHXN7YDhScNuhSgRaHXG_l1uuuW5Ack7rq3Agsv-sIKLw==
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 13:18:59 GMT
vary
Accept-Encoding
hw-country-code
IT
cache-control
public, max-age=31536000
via
1.1 e358da22fa4c7897bb31c3c67470d266.cloudfront.net (CloudFront)
cf-ray
8d704ab8fa49524f-MXP
x-amz-cf-pop
MXP63-P2
server
cloudflare
x-amz-server-side-encryption
AES256
tyche.js
cdn.intergi.com/hera/releases/4.10.44/ 		487 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.44/tyche.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e151d1f1b73c1de1b0d5a339a821d27b2b6a6f10b312f8b6e1da39c7bfdbc570

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
9hlIPOgi9sx8mLJqsTbA33KXRukvwunF
etag
W/"f8c72e5f424a4d38813010b38ca933f4"
age
558987
x-cache
Hit from cloudfront
x-amz-cf-id
23419sikJWvahtHAjYKQzcsg1VTe82Y6IK6OYeZMX5PH1JmtoLMzRQ==
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 14:54:00 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 f9e7fd4b74156e78a449b2e846941478.cloudfront.net (CloudFront)
cf-ray
8d704ab8fac5baaf-MXP
x-amz-cf-pop
HAM50-P1
server
cloudflare
x-amz-server-side-encryption
AES256
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
application/octet-stream
server
nginx/1.24.0
runtime.846660e32bbb2ec4e3d1.js
cdn.intergi.com/hera/releases/4.10.44/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.44/runtime.846660e32bbb2ec4e3d1.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.44/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4960de9b8cf434603e91823e5747ad01a6424a9ace3ef02aaa5ba92fea656ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
pGF1zMF42IVlomO6DfCkGpGfiGe6ikak
etag
W/"b733b9ddf5279b3580932e6dc7c4cd40"
age
1099235
x-cache
Miss from cloudfront
x-amz-cf-id
5OhO6z83kPho8MciqORU4ZxnDCFBNEsdTWoE3fADdrjF1hA2ak9KzQ==
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 14:54:00 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 9d26481a7f37b9dc40bb6ae05a5281ca.cloudfront.net (CloudFront)
cf-ray
8d704aba1c59baaf-MXP
x-amz-cf-pop
HAM50-P1
server
cloudflare
x-amz-server-side-encryption
AES256
main.d79e05e919f108136dfc.js
cdn.intergi.com/hera/releases/4.10.44/ 		213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.44/main.d79e05e919f108136dfc.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.44/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba3557cb59d9bb7d5f6e972099750fac6869ff618cfd50924e9fc99c324d03b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
2srNZUxAZKMvfjSI8cTVySUiKnBnxqPM
etag
W/"6f5f95aadd4efc4a71cf30a427b441a5"
age
124287
x-cache
Miss from cloudfront
x-amz-cf-id
PSbCG5ULHqfKPhTdky3Nmet3cxp2auOh6K-g0CuT-JrbGK4-xbe1Mw==
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 14:54:00 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cf-ray
8d704aba7ce2baaf-MXP
x-amz-cf-pop
FRA56-P3
server
cloudflare
x-amz-server-side-encryption
AES256
lib.82225ced52a6390e480c.js
cdn.intergi.com/hera/releases/4.10.44/lib/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.44/lib/lib.82225ced52a6390e480c.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.44/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
IXRg.L7CEbXV8GSf.1lGEdTqdxkq.Z_y
etag
W/"26c007e785f82a765ec40fc9a32b0b3c"
age
37019
x-cache
Hit from cloudfront
x-amz-cf-id
kp24V-SOknz2zblhnEemiF8nmReJSVr_Q3iIOt2fRjXUZFTda9GlOw==
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 14:54:00 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
cf-ray
8d704aba7ce6baaf-MXP
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256
globalAdTag.
fundingchoicesmessages.google.com/f/AGSKWxWN8X3rzrm5ba00NMGbO4kD7XwVFd0JURKHazMLmngSPq5as7E-B5LB1AAtpyHo85hkpJu_duSYheJkveorBpboQFRhfBZ_ZaW8O6hQQRj2EyfD_z2XoeueynOLcTXlFSI85ZFIsqRsT-g6DBtjapT_NSE_j... 		54 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWN8X3rzrm5ba00NMGbO4kD7XwVFd0JURKHazMLmngSPq5as7E-B5LB1AAtpyHo85hkpJu_duSYheJkveorBpboQFRhfBZ_ZaW8O6hQQRj2EyfD_z2XoeueynOLcTXlFSI85ZFIsqRsT-g6DBtjapT_NSE_jw_TMp7nKUINhQr7N13ytdfhvVUNp5m3/_/advertisingbanner./adsm2./ad_refresh./cpx_ads./globalAdTag.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwsHiqIvYnkiQg7yuPd4y3F5Ucy5A/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
4285e133db8796d719bf1740b6c76625bc4daac7933972ed9c2c833ebd60d98b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dqldCJzKrb9DerxT5l38zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw15BiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_Hej5dYjwJxkcQV1hYgvt10hfUxEDN8vcLKAcRC3ByLHz3awSawY8t8LSWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjQz0Dw_gCAwCOwkiv"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dqldCJzKrb9DerxT5l38zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwsHiqIvYnkiQg7yuPd4y3F5Ucy5A/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
16023549773543154165
age
1974
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 08:44:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 07:44:45 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
51
x-xss-protection
0
server
cafe
AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
fundingchoicesmessages.google.com/el/ 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z8O88gwr-gvwffhGpzpYWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhWPzo0Q42gRPX9k5kUnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgZGhnoGpvEFBgByyC5O"
content-security-policy
script-src 'report-sample' 'nonce-z8O88gwr-gvwffhGpzpYWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
syncframe
gum.criteo.com/ Frame 0B3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 08:17:39 GMT
server
Kestrel
server-processing-duration-in-ticks
356030
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		423 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.44/main.d79e05e919f108136dfc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f10.1e100.net
Software
sffe /
Resource Hash
3c782c22111e19f40582e08353f33f78fc0b10bbaeec1a782636838b416851b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 08:17:39 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147824
date
Wed, 23 Oct 2024 08:17:39 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
prebid
id5-sync.com/api/config/ 		167 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
baf14cae61eb2467fe4accc76bb464b2487622d4a6f87426f6bdd83e4235e385
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:38 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.212.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-212-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
application/json;charset=utf-8
x-server
10.45.15.118
server
Jetty(9.4.38.v20210224)
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		49 B
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=8.45.0&coppa=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
application/json
vary
origin
any
idx.liadm.com/idex/did-0046/ 		0
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jaw77wesfwpx8b81xf8x0r5c&gdpr=0&did=did-0046&cd=.paint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.148.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-148-82.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3599, private
trace-id
c2371a2a01cff5b1
request-time
23
access-control-allow-credentials
true
expires
Wed, 23 Oct 2024 09:17:39 GMT
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:39 GMT
vary
Origin
AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
fundingchoicesmessages.google.com/el/ 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SKBbI3vFfZm5IyZMui2kXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhWPzo0Q42gQ-X1kxkUnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgZGhnoGpvEFBgB_Dy5v"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SKBbI3vFfZm5IyZMui2kXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
fundingchoicesmessages.google.com/el/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2gLW83yzpLHgcaYANc-rmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhWPzo0Q42gQUtBycyKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjQz0D0_gCAwBQCC3X"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2gLW83yzpLHgcaYANc-rmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVbQNFj8tC1SCy2cpx2E9P8dXz-Wrui9DBs8afrmwlnXwqLStnr97zvHm4mfYZPXNwkGIWoIbS83YwAJwWv5UzqnV3WTJEcAg8rYP0_wgE0zqJWgscla_q2LEw9Et57GXTzogWvng==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nGQykVWONPbTP7K3LEeqEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhWPzo0Q42gQm9yycwKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjQz0D0_gCAwBMWC3C"
content-security-policy
script-src 'report-sample' 'nonce-nGQykVWONPbTP7K3LEeqEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWnblQc-ZPSslqbdnuPYvkgtqnA_MJX3I7wN0sbTiJe6ynIasBtxqTJREHTt-tdWWB_l-ymuwmoiR5ZvEG5-2Sp7FWTpmX3ds95aX9gYlOnTrY-nUavSPVdZye6YskIDEvjLMK3iQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWnblQc-ZPSslqbdnuPYvkgtqnA_MJX3I7wN0sbTiJe6ynIasBtxqTJREHTt-tdWWB_l-ymuwmoiR5ZvEG5-2Sp7FWTpmX3ds95aX9gYlOnTrY-nUavSPVdZye6YskIDEvjLMK3iQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NjcxNDU5LDUzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJJVkFYOWFwYl82ayJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
d267e393761b7b0c9c2e6de64e4dc70ac92523babc0e4532220325473a35c443
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gvNH6bvmpgjFavSx6zMVUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_Hej5dYjwJxkcQV1hYgvt10hfUxEDN8vcLKAcRCPByLHz3awSbQsPXCRCYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDI0M9A8P4AgMA2JNJEQ"
content-security-policy
script-src 'report-sample' 'nonce-gvNH6bvmpgjFavSx6zMVUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWCGKrCbepM9HLFr_rjnM6A7Rm8zGUXhtETyabFGI0liXeUQaDNZJaqimo2Z_r5-YwZbe5_UP3UoMV19RTNo5yn5j371lqx2K_rwCnEtAKZzWtUKwBuQ0L3UE_4esZBkupn0lNF-A==
fundingchoicesmessages.google.com/el/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCGKrCbepM9HLFr_rjnM6A7Rm8zGUXhtETyabFGI0liXeUQaDNZJaqimo2Z_r5-YwZbe5_UP3UoMV19RTNo5yn5j371lqx2K_rwCnEtAKZzWtUKwBuQ0L3UE_4esZBkupn0lNF-A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.IVAX9apb_6k.es5.O/am=DAY/d=1/rs=AJlcJMxLQb4MWqEoFPFvxnM0zWH3Ou1FdQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pcU1Ptu2hUGEshW7qrhqhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLhWPzo0Q42gQNrNu5nUnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgZGhnoGpvEFBgBy-C5J"
content-security-policy
script-src 'report-sample' 'nonce-pcU1Ptu2hUGEshW7qrhqhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e9c83319825a9335e46167e9d9ca73ffa6548c58e4ec07bb5c5473f23f4638fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
11168
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
6TDLT_2x6NDWWqkWvv6v6guzofms6tWl_oTbOLhyyR6BF51skbYHtQ==
date
Wed, 23 Oct 2024 06:05:14 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
0a24226b810811def317ee02bf0703399b08e300afe117f3df37beb24b25e2bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600
age
147
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
hnHPutzH8frPRelpG3kXOwo1vuyDsxMP_QDgPPDZHaC04Lw4t32t6g==
date
Wed, 23 Oct 2024 08:15:13 GMT
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
Server /
Resource Hash
57234c0361bef55cff0569a18aa6d5be13af21f714f8eea3d56e4a35badf0ff0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
1807
access-control-allow-credentials
true
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Hit from cloudfront
content-length
3516
x-amz-cf-id
lYytwV3PP1ulspSpErwDGJd0BXE7Tig4MkVlLe7Dlzi-9Q8LvcUiXg==
date
Wed, 23 Oct 2024 07:47:31 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA2-C1
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=http%3A%2F%2Fsdfeth.inducort.com%2F&pid=xOUeQ77wZMplV&cb=0&ws=1600x1200&v=24.910.1025&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-173-196.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
lel_KfnK3kOPgBo3FUXnLfHlH4R-HlyWM6Bjer95z5sAXVB5aFY4bQ==
date
Wed, 23 Oct 2024 08:17:40 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA60-P9
server
Server
j
rp.liadm.com/ 		0
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		0
0
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		0
0
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0
hadron.js
cdn.hadronid.net/ 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		0
0
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		0
0
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
0
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 30FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=161942
content-encoding
gzip
content-length
859
content-type
text/html
date
Wed, 23 Oct 2024 08:17:41 GMT
expires
Fri, 25 Oct 2024 05:16:43 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topics_frame.html
pa.openx.net/ Frame 4C24 		0
0
cookie_sync
prebid-server.rubiconproject.com/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
hb-multi
hb.yellowblue.io/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
hbjson
grid.bidswitch.net/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
cdb
bidder.criteo.com/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
483.json
id5-sync.com/g/v2/ 		251 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
5dbfb057ec3d435a5f7165053bb6457abcd6d82255104cd1e82457e87ffab322
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:40 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpaint.toys%2Foil%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 08:17:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
35
date
Wed, 23 Oct 2024 08:17:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
j
rp.liadm.com/ 		13 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1729671460037&did=did-0046&se=e30&duid=8e413bd09c43--01jaw77wesfwpx8b81xf8x0r5c&tv=8.45.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fsdfeth.inducort.com%2F&cd=.paint.toys
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.122.88 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

x-pixel-event-id
f00621c2-e17f-496c-8cec-3ac2827df4a1
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
content-length
13
date
Wed, 23 Oct 2024 08:17:41 GMT
content-type
application/json
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
cc342ba8e8bf94bcf662f63ea8ac20c687c1499a51004b94bb6511464f94b2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13062
date
Wed, 23 Oct 2024 08:17:41 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		159 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1044433548327441&correlator=3411155680281968&eid=31087813%2C95344999&output=ldjh&gdfp_req=1&vrg=202410170101&ptt=17&impl=fifs&gdpr=0&iu_parts=154013155%2C1024872%2C74068%2Cpublisher%3A1024872-website%3A74068-160x600%2Cpublisher%3A1024872-website%3A74068-160x600-CP%2Cpublisher%3A1024872-website%3A74068-160x600-CP-160x600&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=160x600%7C120x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1729671461292&lmt=1729671461&adxs=20&adys=614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=http%3A%2F%2Fsdfeth.inducort.com%2F&vis=1&psz=180x1097&msz=160x-1&fws=4&ohw=180&td=1&egid=25339&tan=dcac4750-7cbe-42a5-89e8-1719bacb9035&tdf=2&topics=1&tps=1&htps=10&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJDNiZTQwMDI0LTQ3YTItNDQ0ZS05ZDMyLTM1M2U4YWY2NWVhNlgBEh0KDmVzcC5jcml0ZW8uY29tGJXYz8OrMkgAUgIIZBIUCgVvcGVueBjx3s_DqzJIAFICCG8SFwoIcnRiaG91c2UYs-HPw6sySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729671448859&idt=7480&prev_scp=pos%3Datf%26slot_id%3Dpw-160x600_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3D160x600%26lld_id%3D64fc4ca6e512443493cfbed22bc3bcb871459908%26price_floor%3Dna%26amznbid%3D2%26amznp%3D2&cust_params=pf_src%3Dml%26li-module-enabled%3Dt1-e0%26salad%3Dchef%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_casual%26referrer%3Dhttp%253A%252F%252Fsdfeth.inducort.com%252F%26tyche_code%3D4.10.44%26pageos_code%3D1.10.67%26hour%3D10%26day%3DWednesday%26referrer_domain%3Dsdfeth.inducort.com%26OS%3DLinux%2520null%26browser%3DChrome%2520129%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26website_id%3D74068%26refresh_count%3D0%26tyche_version%3D4.10.44%26ab_test%3Dna_A%26page_focus%3Dtrue&adks=2747221344&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
6f707c671e09fdd536de6385986a543321ac8c173de6552acce0cca2b40a71c0
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Standard_1c_160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Standard_1c_160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO3tpqiIpIkDFdy__QcdIl0Reg&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/Standard_1c_160x600.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 23 Oct 2024 08:17:43 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Standard_1c_160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/Standard_1c_160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO3tpqiIpIkDFdy__QcdIl0Reg&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/Standard_1c_160x600.html
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
55609
x-xss-protection
0
server
cafe
container.html
21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1738 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 08:17:42 GMT
expires
Wed, 23 Oct 2024 08:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 08:17:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:43 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
publishertag.prebid.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
560a389565d68e5a251b7cd0be0d46c37a4de810690330f2cd125bd6332d16c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-174c2"
cross-origin-resource-policy
cross-origin
expires
Thu, 24 Oct 2024 08:17:42 GMT
access-control-allow-origin
*
date
Wed, 23 Oct 2024 08:17:42 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
syncframe
gum.criteo.com/ Frame DC68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=paint.toys&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 08:17:42 GMT
server
Kestrel
server-processing-duration-in-ticks
807158
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.159.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.159.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
560a389565d68e5a251b7cd0be0d46c37a4de810690330f2cd125bd6332d16c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-174c2"
cross-origin-resource-policy
cross-origin
expires
Thu, 24 Oct 2024 08:17:43 GMT
access-control-allow-origin
*
date
Wed, 23 Oct 2024 08:17:43 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 91F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 07:32:47 GMT
expires
Wed, 23 Oct 2024 08:22:47 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 073C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vuoPvpIu0Nkn8SIUPMU0fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vuoPvpIu0Nkn8SIUPMU0fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 08:17:44 GMT
expires
Wed, 23 Oct 2024 08:17:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
container.html
21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3513 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 08:17:42 GMT
expires
Wed, 23 Oct 2024 08:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
u.openx.net/w/1.0/ Frame FB84
Redirect Chain
  • https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
  • https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
491
content-type
text/html
date
Wed, 23 Oct 2024 08:17:43 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 23 Oct 2024 08:17:44 GMT
location
https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame EE8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 08:17:44 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7DBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=32066
content-encoding
gzip
content-length
5633
content-type
text/html
date
Wed, 23 Oct 2024 08:17:43 GMT
expires
Wed, 23 Oct 2024 17:12:09 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 9C79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 23 Oct 2024 08:17:44 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 4859 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
1066
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8d704adbdd730d57-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 08:17:44 GMT
expires
Wed, 23 Oct 2024 12:17:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 267B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
76135
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 23 Oct 2024 08:17:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4275707, 294382
X-Served-By
cache-lga21993-LGA, cache-mxp6976-MXP
X-Timer
S1729671464.296215,VS0,VE0
prebid
id5-sync.com/api/config/ 		167 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
baf14cae61eb2467fe4accc76bb464b2487622d4a6f87426f6bdd83e4235e385
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:43 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.212.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-212-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Wed, 23 Oct 2024 08:17:43 GMT
content-type
application/json;charset=utf-8
x-server
10.45.10.216
server
Jetty(9.4.38.v20210224)
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		49 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=8.45.0&coppa=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
date
Wed, 23 Oct 2024 08:17:39 GMT
content-type
application/json
vary
origin
any
idx.liadm.com/idex/did-0046/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jaw77wesfwpx8b81xf8x0r5c&gdpr=0&did=did-0046&cd=.paint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.148.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-148-82.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
max-age=3599, private
trace-id
c2371a2a01cff5b1
request-time
23
access-control-allow-credentials
true
expires
Wed, 23 Oct 2024 09:17:39 GMT
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:39 GMT
vary
Origin
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-length
70
date
Wed, 23 Oct 2024 08:17:44 GMT
content-type
image/gif
server
Kestrel

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:17:44 GMT
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.67/main.4f0ace9dbf5a630f9f87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Wed, 23 Oct 2024 08:17:43 GMT
content-type
application/octet-stream
server
nginx/1.24.0
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
3b5c748b85a6cb7acb743c349d946dbf356f3b64c9412ecf163a0425b6cf6193
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:43 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
483.json
id5-sync.com/g/v2/ 		251 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
6ae66e6b0843c2bf3f1b7b406dac4f7a27ff6ec690455ddae12fc16382ffdd13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Wed, 23 Oct 2024 08:17:44 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paint.toys
URL
blob:https://paint.toys/4aa06915-c3c4-4b74-8437-2e36629cc7c3
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
rp.liadm.com
URL
https://rp.liadm.com/j?dtstmp=1729671460037&did=did-0046&se=e30&duid=8e413bd09c43--01jaw77wesfwpx8b81xf8x0r5c&tv=8.45.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=http%3A%2F%2Fsdfeth.inducort.com%2F&cd=.paint.toys
Domain
secure.cdn.fastclick.net
URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Domain
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Domain
cdn.hadronid.net
URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=http%3A%2F%2Fsdfeth.inducort.com%2F&_it=amazon&partner_id=403
Domain
cdn.id5-sync.com
URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Domain
secure.cdn.fastclick.net
URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Domain
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Domain
pa.openx.net
URL
https://pa.openx.net/topics_frame.html?bidder=openx
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/cookie_sync
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.45.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&gdpr=false&fledge=true
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb-multi
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=3be40024-47a2-444e-9d32-353e8af65ea6%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fsdfeth.inducort.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.m_data=0&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v8.45.0&x_source.tid=c063902f-0c2a-4d50-a245-11548acd3369&l_pb_bid_id=67b92c057f8c551&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=422c20f5-fca0-49d7-aad1-f02c3293eae1&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.7343487640417241
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=3be40024-47a2-444e-9d32-353e8af65ea6%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fsdfeth.inducort.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.m_data=0&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_btf&tg_i.pbadslot=pw-160x600_btf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=c063902f-0c2a-4d50-a245-11548acd3369&l_pb_bid_id=68f3ff4c80c9c3a&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=7221cd76-1809-4ab4-952f-1e2155158652&rp_maxbids=1&p_gpid=pw-160x600_btf&m_ch_mobile=%3F0&slots=1&rand=0.658320958655392
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=3be40024-47a2-444e-9d32-353e8af65ea6%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fsdfeth.inducort.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.m_data=0&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_atf&tg_i.pbadslot=leaderboard_atf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=c063902f-0c2a-4d50-a245-11548acd3369&l_pb_bid_id=693af564e04c109&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=d1ef5ca3-b5df-4e65-b32d-61ca5239c47c&rp_maxbids=1&p_gpid=leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.8257724941288782
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=3be40024-47a2-444e-9d32-353e8af65ea6%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=http%3A%2F%2Fsdfeth.inducort.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.m_data=0&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_btf&tg_i.pbadslot=leaderboard_btf&tk_flint=pbjs_lite_v8.45.0&x_source.tid=c063902f-0c2a-4d50-a245-11548acd3369&l_pb_bid_id=705ee9332fc6ff8&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=4393f32c-2a77-403a-a733-686c93e92c79&rp_maxbids=1&p_gpid=leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.5087736816434141
Domain
grid.bidswitch.net
URL
https://grid.bidswitch.net/hbjson
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=10303357766&lsavail=1&bundle=E_4psF9iJTJCUXU3M0FBUUlzRHhzblhrTDNSc3FWd3Fxb2dGWFFuOHp4dUpsUG1pNFBJN0k4eEwlMkZuU0huOVVZaEFYb0N0cG9UV1FCZXB4VnFKaDRiallTbHFGcVRXQnJSVHpNNWE2OE5YRlJSeUxZMjRsRyUyQnF4NlY1Z1RoMzFoaTk5VWtkUXJQZkJKYiUyRkM0WUFJODJXMnZOWFkwdyUzRCUzRA
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031634
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1729671460284&to=-120&aun=pw-160x600_atf&pubcid=3be40024-47a2-444e-9d32-353e8af65ea6&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=null&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1729671460286&to=-120&aun=pw-160x600_btf&pubcid=3be40024-47a2-444e-9d32-353e8af65ea6&gpid=pw-160x600_btf&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=null&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1729671460290&to=-120&aun=leaderboard_atf&pubcid=3be40024-47a2-444e-9d32-353e8af65ea6&gpid=leaderboard_atf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=null&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1729671460291&to=-120&aun=leaderboard_btf&pubcid=3be40024-47a2-444e-9d32-353e8af65ea6&gpid=leaderboard_btf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.45.0%22%7D&ogu=null&ns=10240
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410170101&jk=1044433548327441&bg=!Li2lLWLNAAbl67hexes7ADQBe5WfOC4FCj_2acs12QzYFVShu2L_KOpZDo1pzqnvhbHSrSqXfJlZTM0Mjw9yyM9uWz9zAgAAAXBSAAAABWgBB34ANovwXGpPsrmSLBuqMNs9MjKhfayPWUIg-q64tjIic9-LF5JefPi28QsTOrYvgmVBxzu3IzZ3pgoAbstBin4cNthSoBj6P1VzBavs3eMm0Q9DgQXR4sMmdsVwtOCyxi1guAklrrZBnEGCMyAk8sIW9yIjtmsJCeLCyy5G34Jge1QzhZobJxeFfekNOt9-PK0g0TyRGfcybpzjj8HBYUsB6NDw5ryWgwO3mQKWcvpeonL7K2j5L2w6VVF3MdQERZdqj96Pbg1DKiaQfGU5z8mhT8yRZC3S586pslk6ro5rsNiBleeBDqFJJ4S4iwETRAnkvpZFJyjqeiMt8Q2wyGiC8OwHkDVfB4mY24mTyaryIm327ChbgagnZz1V5XMAPIzdiwxck8ot25nclP6AOXrIa5M83x7TuVk3nVmzhe9JXdHN7gX66UVPZfSleDDWJyOoV7_FB9UJouimFeiIdcUtnmtWYMhqRpnj9Y5FKJQKWHp8dWCNTDovmOGgp_LkWikbP1BkTS5TfG77jN6jZsGukFdZjIgdR1fFs7czJjDl4vssS35MtbQ_27gVo_IBBNoEJq1IdPVmA8wN6SjsCmYYqc2YrVXI7BpBHDS4uXYNMnH_pkmcT4HSQEWy-T8Yxxt3EVq5ya14v4h1C3zgz361ijtNXSJBAgwd_ZOCyWo0UOqqKw_vr1FxJj0RDEB4mDFqapfOEPBq3dX87OHBq0Nj3bQp_JWmHp7Ddbw9DO-Flr6rnTYJl-j4b-yp7lQ_k4gjxpz2kl9xRS8WQnWlbFSlkvfIvutr8qMBVajJT_QLs7JPKzK5h8V36FRxPvl4lrrxxeN5OIhyEfiH84D7y6lxfeQqhacTK-D_seY6Qe1h7lajh_vAFgQhQXlFaQ2Tt8KFc7ba9lCHQlK1GL0b73Zqa8PR9MGluAFkiWfCeDaxgvWg_MeBF2b2T7EVyMCKcg3-nKPx9j9t1L3csspOJfCOXk29CMy1ciP45Zbv8Jfy7SCjjY3bFQmwwaoOQfFgcub80f23Ma4d0Rb2Dx1vRLr_BejmBFQYGVnR_SQJFxRH1PXQNzeSRfnTtiqa_4iiOzNW8GNTqDaBeIyf6h4lKSnqJvo

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| reflect function| OilPainting object| app function| save object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR number| _adImpressionSR object| _pwLogger string| _pwKassandraVer number| _pwFpSampling string| _pwUserCC string| _pwUserContentEncoding object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| PageOS object| tyche function| admiral object| googletag boolean| pwRAMPInitiated object| webpackChunkpageos function| 4dm1r11545242527 object| pageos object| __core-js_shared__ object| core object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime object| __bt object| __bt_intrnl object| __bt_tag_d boolean| __bt_already_invoked object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| apstag object| ox_esp object| webpackChunkTyche object| Tyche object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| kinesis object| pbjs object| __pwhbjs boolean| liModuleEnabled object| liQ_instances boolean| c5332316-94dd-4776-8406-9e2b85c5399c object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha object| cnvr_launcher_options object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event number| google_unique_id

17 Cookies

Domain/Path Name / Value
.intergi.com/ Name: __cf_bm
Value: 5lvF8bZ3VQsh4_dim69amTWXGVr4TmP8FNuGbxOrV.U-1729671451-1.0.1.1-koVQCEMca9yan_YJ1lW7sXanjkZ5syVSCu2xWn_BbuiJjZhBMzGLouUzvugXzBl7sq9uKsEvxqwUN6vIGwoTAw
paint.toys/ Name: usprivacy
Value: 1---
.paint.toys/ Name: _ga
Value: GA1.1.1386509195.1729671453
.paint.toys/ Name: _ga_VJBRK9986D
Value: GS1.1.1729671452.1.0.1729671452.0.0.0
.paint.toys/ Name: _awl
Value: 2.1729671454.5-f133317e059ce553e91b5ad8f673b08a-6763652d6575726f70652d7765737431-0
.paint.toys/ Name: _ga_CEFZJ359V8
Value: GS1.1.1729671455.1.0.1729671455.0.0.0
.intergient.com/ Name: __cf_bm
Value: TPgEYWggn44Fn7ZAtXzRJ2KlmfvuZ3Q8z5GLNrCeChI-1729671458-1.0.1.1-_guks081Etzfo9MuT8oESlXNfFXZ9Nop50vywloC9_2H9vwk1OLaYFzr5tN0rgsGB5sscfGPbTRPR9pf3Mjveg
.paint.toys/ Name: _sharedid
Value: 3be40024-47a2-444e-9d32-353e8af65ea6
.paint.toys/ Name: _sharedid_cst
Value: kSylLAssaw%3D%3D
.paint.toys/ Name: _li_dcdm_c
Value: .paint.toys
.paint.toys/ Name: _lc2_fpi
Value: 8e413bd09c43--01jaw77wesfwpx8b81xf8x0r5c
.paint.toys/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1729671459290%7D
.paint.toys/ Name: FCNEC
Value: %5B%5B%22AKsRol9U9xlholxzqEuiZFegUYFSGslXMrGMcZqT1KT8uCwlm_htZYmRsdbUes8E2sWaWn7A36Q8IhH4sq05J-sVisHubO7NQ5vHgrh0r9Z4KFBOuuGRKDu9eJ-q5YSATfxp-CE9RMHsxRiSqZ-MPoMHczi1Lneaog%3D%3D%22%5D%5D
.criteo.com/ Name: uid
Value: 70d525a1-e6af-46f9-9093-d8c09fc3113c
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.liadm.com/ Name: lidid
Value: c59cb60d-ab89-4b03-9fd6-cc5384446651
.paint.toys/ Name: cto_bundle
Value: E_4psF9iJTJCUXU3M0FBUUlzRHhzblhrTDNSc3FWd3Fxb2dGWFFuOHp4dUpsUG1pNFBJN0k4eEwlMkZuU0huOVVZaEFYb0N0cG9UV1FCZXB4VnFKaDRiallTbHFGcVRXQnJSVHpNNWE2OE5YRlJSeUxZMjRsRyUyQnF4NlY1Z1RoMzFoaTk5VWtkUXJQZkJKYiUyRkM0WUFJODJXMnZOWFkwdyUzRCUzRA

5 Console Messages

Source Level URL
Text
network error URL: https://px.moatads.com/pixel.gif
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21a1436730d37a8193dee3b532b186cb.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cd836371f1d.cdn.intergient.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.intergi.com
cdn.intergient.com
config.aps.amazon-adsystem.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
faucetfoot.com
fid.agkn.com
fundingchoicesmessages.google.com
g2.gumgum.com
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
oa.openxcdn.net
pa.openx.net
pagead2.googlesyndication.com
paint.toys
prebid-server.rubiconproject.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.moatads.com
rp.liadm.com
rtb.openx.net
sdfeth.inducort.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
bidder.criteo.com
btlr.sharethrough.com
cdn.hadronid.net
cdn.id5-sync.com
fastlane.rubiconproject.com
fid.agkn.com
g2.gumgum.com
grid.bidswitch.net
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
pa.openx.net
pagead2.googlesyndication.com
paint.toys
prebid-server.rubiconproject.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
rp.liadm.com
rtb.openx.net
secure.cdn.fastclick.net
tags.crwdcntrl.net
tlx.3lift.com
104.18.20.56
104.18.21.56
104.18.24.111
104.18.25.242
104.18.38.76
13.224.186.120
13.248.245.213
13.33.173.196
130.211.23.194
141.95.98.64
142.250.184.193
142.250.184.230
142.250.185.228
142.250.185.98
142.250.186.33
142.250.186.34
142.250.186.78
151.101.193.108
162.19.138.119
172.67.41.60
172.67.69.19
178.250.1.11
178.250.1.3
18.245.46.126
184.28.89.220
216.58.206.72
216.58.206.74
23.35.229.251
3.228.148.82
3.33.186.135
3.33.220.150
3.73.242.72
34.102.146.192
34.199.122.88
34.96.70.87
35.214.136.108
35.244.159.8
35.244.193.51
52.85.65.95
67.198.205.86
69.192.160.199
99.80.212.73
99.86.4.30
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a24226b810811def317ee02bf0703399b08e300afe117f3df37beb24b25e2bd
104dcec54a944fe02fd14d43b601fe3a00d9280e3d151b12e138579234e6ac14
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1aebb66b197fa09f062d3c39fc4b841cea9b1e9e85146218cf19d526078af4dd
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572
1cb38ff9cf9dc1dff9b2add92e4c98d980d09f2099068c01d00204cc6394eceb
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
3b22add6e87c4f2dda0208221cf5d82670ca739f91ac91827d390894538aacf7
3b5c748b85a6cb7acb743c349d946dbf356f3b64c9412ecf163a0425b6cf6193
3c782c22111e19f40582e08353f33f78fc0b10bbaeec1a782636838b416851b2
4285e133db8796d719bf1740b6c76625bc4daac7933972ed9c2c833ebd60d98b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
4afa0bbac9ab766d609749b8ea9b3410d84b192c31de5c546636f7de849d4daa
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
560a389565d68e5a251b7cd0be0d46c37a4de810690330f2cd125bd6332d16c4
57234c0361bef55cff0569a18aa6d5be13af21f714f8eea3d56e4a35badf0ff0
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35
5dbfb057ec3d435a5f7165053bb6457abcd6d82255104cd1e82457e87ffab322
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
6ae66e6b0843c2bf3f1b7b406dac4f7a27ff6ec690455ddae12fc16382ffdd13
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
6f707c671e09fdd536de6385986a543321ac8c173de6552acce0cca2b40a71c0
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7c39ddd403483a72747343e409ba8ea364b62de9f95ac5abc70019e761817cf7
84f7948083a475d3ed2873b7fd282c55c8aacab039efe53d22e024fe8f1dd201
8889f827ffc16be31b00b9f5ddaea886371d5f4976b01932eaef9f0e798614b3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
916a3cdac03baac007633a6ef2b6824372a2f43bb9c1f25a29832995134db667
9767e24157e1619037cce4ee290f10f683bdbb8020c57371eff5fef65fbb4ba1
9943fc1b4ca255241d4ca66cbc285d44218e16d3d0e03f21d76e7427dcdf6f09
9c4520b262bf8198e3c3e55a8d927867838f0376f11e37e0729221ba79a40a93
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
b18ddb1f69f784b5dafbad5bcc129742da512c833389abf342c5f7ea4d606ad6
b605186a14717eac9cbfb80b17b1d5f5039d89b22315b9bc01fa87dc473b1966
baf14cae61eb2467fe4accc76bb464b2487622d4a6f87426f6bdd83e4235e385
bc7b9eaeb532ad161116ab01d8cc1d8b13a97ccd0c9b7c9115a9998595feca09
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4960de9b8cf434603e91823e5747ad01a6424a9ace3ef02aaa5ba92fea656ed
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
cc342ba8e8bf94bcf662f63ea8ac20c687c1499a51004b94bb6511464f94b2ad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d267e393761b7b0c9c2e6de64e4dc70ac92523babc0e4532220325473a35c443
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dba3557cb59d9bb7d5f6e972099750fac6869ff618cfd50924e9fc99c324d03b
dd2f090274785f63f2aae032d12f644a5733842b34dca315af30ce7d733c0f9e
de93c8d0aa95686c1d9438a2f983e99049bbf91a004658a4faec7ab86b1c4a19
e151d1f1b73c1de1b0d5a339a821d27b2b6a6f10b312f8b6e1da39c7bfdbc570
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c83319825a9335e46167e9d9ca73ffa6548c58e4ec07bb5c5473f23f4638fa
ec63ec19b23e1f9c27b7cd73765060e043ae4cfe54f4917252919a2516b8d235
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0673f20e98ced61c2f8b4ef33fd57b87e709b5e98ff0d85770e11d3855f68c3
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
faff0a25623880a82da08b8d7fda0165581b542b76659dae667ecc648c4da08d
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99