urlscan.io logo urlscan.io
SecurityTrails logo

paint.toys Open in urlscan Pro
3.33.186.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
Effective URL: https://paint.toys/oil/
Submission: On October 26 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 3 countries across 17 domains to perform 58 HTTP transactions. The main IP is 3.33.186.135, located in United States and belongs to AMAZON-02, US. The main domain is paint.toys. The Cisco Umbrella rank of the primary domain is 639947.
TLS certificate: Issued by E5 on October 3rd 2024. Valid for: 3 months.
This is the only time paint.toys was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 67.198.205.86 35908 (VPLSNET)
1 9 3.33.186.135 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 142.250.185.130 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:267... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.213.165.236 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.230 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.24.111 13335 (CLOUDFLAR...)
2 130.211.23.194 396982 (GOOGLE-CL...)
2 108.138.6.136 16509 (AMAZON-02)
2 3.73.242.72 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
2 142.250.185.206 15169 (GOOGLE)
1 99.86.4.30 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.245.52.164 16509 (AMAZON-02)
1 216.239.32.36 15169 (GOOGLE)
58 28
2    67.198.205.86 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.198.205.86.static.krypt.com
sdfrti.gingercub.net
9    3.33.186.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: afa7f374f51cc8991.awsglobalaccelerator.com
paint.toys
8    2606:4700::6812:1538 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)
faucetfoot.com
3    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
5    2606:4700::6812:18f2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.intergi.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700::6812:1438 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
1    2600:9000:2670:7a00:b:99e7:bb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
impression-inferences-edge-prod.playwire.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    23.213.165.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-236.deploy.static.akamaitechnologies.com
px.moatads.com
1    2600:9000:223f:4000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
faucetfoot.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    3.73.242.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
cd836371f1d.cdn.intergient.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
fundingchoicesmessages.google.com
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    18.245.52.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-52-164.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 5309
cd836371f1d.cdn.intergient.com — Cisco Umbrella Rank: 6194
79 KB
9 paint.toys
paint.toys — Cisco Umbrella Rank: 639947
129 KB
5 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 6123
233 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
aax.amazon-adsystem.com — Cisco Umbrella Rank: 457
84 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
153 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
ad.doubleclick.net — Cisco Umbrella Rank: 150
182 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 883
api.btloader.com — Cisco Umbrella Rank: 1013
31 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
imasdk.googleapis.com — Cisco Umbrella Rank: 501
151 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
2 faucetfoot.com
faucetfoot.com — Cisco Umbrella Rank: 323582
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
197 KB
2 gingercub.net
sdfrti.gingercub.net
2 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 684
481 B
1 moatads.com
px.moatads.com — Cisco Umbrella Rank: 1027
27 B
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 6525
917 B
58 17
Domain Requested by
10 cdn.intergient.com paint.toys
cdn.intergient.com
9 paint.toys 1 redirects sdfrti.gingercub.net
paint.toys
5 cdn.intergi.com cdn.intergient.com
cdn.intergi.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
2 cd836371f1d.cdn.intergient.com cdn.intergient.com
2 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
2 api.btloader.com btloader.com
2 ad-delivery.net paint.toys
2 faucetfoot.com cdn.intergient.com
faucetfoot.com
2 www.googletagmanager.com paint.toys
www.googletagmanager.com
2 sdfrti.gingercub.net 1 redirects
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 imasdk.googleapis.com cdn.intergi.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 fonts.gstatic.com paint.toys
1 fonts.googleapis.com
1 ad.doubleclick.net paint.toys
1 static.adsafeprotected.com paint.toys
1 px.moatads.com paint.toys
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
58 23

This site contains links to these domains. Also see Links.

Domain
toms.toys
Subject Issuer Validity Valid
*.paint.toys
E5		 2024-10-03 -
2025-01-01		 3 months crt.sh
cdn.intergient.com
WE1		 2024-10-02 -
2024-12-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
faucetfoot.com
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cdn.intergi.com
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-01-12 -
2025-02-09		 a year crt.sh
btloader.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-27 -
2025-09-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
ad-delivery.net
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
api.btloader.com
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.cdn.intergient.com
Go Daddy Secure Certificate Authority - G2		 2024-04-17 -
2025-04-01		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://paint.toys/oil/
Frame ID: 0945549933AB8A52A8279FF3D44B4852
Requests: 55 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.68/iframe/iframe.html
Frame ID: 3BBC8C3EFAB65B6D9B6DA8812D62387C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.68/iframe/iframe.html
Frame ID: 4F4F25A9EC8A08CF742E8B4E3ECE04C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paint with Oils

Page URL History Show full URLs

  1. http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWk... HTTP 307
    https://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWk... HTTP 307
    http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWk... Page URL
  2. http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWk... HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js

Page Statistics

58
Requests

95 %
HTTPS

48 %
IPv6

17
Domains

23
Subdomains

28
IPs

3
Countries

1315 kB
Transfer

4274 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn HTTP 307
    https://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn HTTP 307
    http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn Page URL
  2. http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn?in=1 HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn HTTP 307
  • https://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn HTTP 307
  • http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
sdfrti.gingercub.net/r/
Redirect Chain
  • http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
  • https://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
  • http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
543 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
Protocol
HTTP/1.1
Server
67.198.205.86 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.198.205.86.static.krypt.com
Software
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 / PHP/7.4.33
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
307
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Oct 2024 11:21:32 GMT
Developed-by
Mohamed Amine El Attabi
Email
mohamed.amine.elattabi@gmail.com
Expires
Sat, 2 Aug 1980 15:15:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33
X-XSS-Protection
1; mode=block

Redirect headers

Location
http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
paint.toys/oil/
Redirect Chain
  • http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn?in=1
  • https://paint.toys/oil
  • https://paint.toys/oil/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/
Requested by
Host: sdfrti.gingercub.net
URL: http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://sdfrti.gingercub.net/r/Rzd0MmZZSGc4QXF6bk5OamxJbEktNTItMjY4MDAwMzItMGIxMDAxZmQtMTIyLWhKenhRdW5DWkZObTZYWTRiOTVn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
142961
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
1632
content-type
text/html; charset=UTF-8
date
Sat, 26 Oct 2024 11:21:33 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JB48YRX5C37Q74WY0PTRA7Y7

Redirect headers

accept-ranges
bytes
age
18863
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-length
1647
content-type
text/html; charset=UTF-8
date
Sat, 26 Oct 2024 11:21:33 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
location
/oil/
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01JB48YRVTQQVA7TYWQ2PTF2JC
ramp_config.js
cdn.intergient.com/1024872/74068/ 		37 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024872/74068/ramp_config.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb190434fc05ed9e8226f330f36d1591bee66452ccde2f6aa3d317439a191b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

last-modified
Sat, 26 Oct 2024 11:12:26 GMT
hw-country-code
DE
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
HIT
age
547
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
cf-ray
8d8a1040ad3adba5-FRA
x-cache
Hit from cloudfront
x-amz-cf-id
bQEzfHNCIBBPnu4GqC6E_8bJSdk3TBF6wUNvxcI-H6c6rZSVBalWGQ==
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
FRA60-P2
apps.css
paint.toys/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paint.toys/apps.css
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"58d01e65c6625681e8891f6fbc8c18f5-ssl-df"
age
147580
accept-ranges
bytes
content-length
1395
x-nf-request-id
01JB48YRZQK43QR7BMYHXWHN7P
cache-status
"Netlify Edge"; hit
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
Netlify
index.js
paint.toys/oil/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/index.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"687211e2ced405124b38663a13c97091-ssl-df"
age
35704
accept-ranges
bytes
content-length
1190
x-nf-request-id
01JB48YRZQSSMQGPR8WGS3CE9Z
cache-status
"Netlify Edge"; hit
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
art-icon.png
paint.toys/assets/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/art-icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"1394f8469f2ca5750397e3d7b6ec70a1-ssl"
age
65101
accept-ranges
bytes
content-length
33562
x-nf-request-id
01JB48YRZRA3CFQKJHFDHG0NW8
cache-status
"Netlify Edge"; hit
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
image/png
server
Netlify
icon-hand.png
paint.toys/assets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-hand.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"a0822110a4671ffdf710da1467460fba-ssl"
age
140526
accept-ranges
bytes
content-length
27394
x-nf-request-id
01JB48YRZR8S01SGW7Z5ZQS18G
cache-status
"Netlify Edge"; hit
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
image/png
server
Netlify
icon-disk.png
paint.toys/assets/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-disk.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"26852fa1548a91e004629b01e4abf1dd-ssl"
age
140526
accept-ranges
bytes
content-length
13766
x-nf-request-id
01JB48YS18NFQ9QDGX1728RFYM
cache-status
"Netlify Edge"; hit
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
image/png
server
Netlify
icon-trash.png
paint.toys/assets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-trash.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"e91ef5e34b5154d392e8560031eaaa4c-ssl"
age
138747
accept-ranges
bytes
content-length
51680
x-nf-request-id
01JB48YS18SM6Q2NF3HQE6VXP5
cache-status
"Netlify Edge"; hit
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
image/png
server
Netlify
ramp_core.js
cdn.intergient.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec165ec6b34d64442c69d05c28f498f5a390886bc8313932131b27b54886bc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
DE
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
cf-ray
8d8a1040ad45dba5-FRA
x-cache
Miss from cloudfront
x-amz-cf-id
O7Z6PJTJmZaqkm1LU8N_PfWRd05NciphdRWPLEz_M7j57lZA6XiHZw==
date
Sat, 26 Oct 2024 11:21:33 GMT
x-lambda-function
us-east-1.pageos_production:671
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
FRA60-P2
js
www.googletagmanager.com/gtag/ 		315 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13c0af8cfbf50a24c34d7d288ed9651261e62db5ecc7d89ff1e74b2abad3fa39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 26 Oct 2024 11:21:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107433
x-xss-protection
0
server
Google Tag Manager
413b0472e4b7_7a48634bb769c757449f64e69c.min.js
faucetfoot.com/build/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/build/413b0472e4b7_7a48634bb769c757449f64e69c.min.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d9ac511d4ade54f59dead58761fc74104a73005cc7da151ce4a38edcdf8424
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"95431848bb7b5a1c07d6ea5c509e12853aae9a6c193b4715113e4d539ba9b098"
x-buildname
hoothoot
x-hostname
fen-hoothoot-europe-west1-4lzd
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8d8a1041b9303654-FRA
x-buildnumber
1507459579
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3e025b4fd896548851a9114d22ff47def478fc8df672c84f84ecf730f72d2d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
568 / 20022 / m202410210101 / config-hash: 7111543634931288829
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 11:21:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33733
x-xss-protection
0
server
cafe
prebid.js.br
cdn.intergi.com/prebid/ 		515 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f60a61a733d55b12c3ff307923c91a15374956ae10e56aa9ed9e9a0e9286860

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
7Tf1PvpOURccZbsGhpz01Z8ra0VUhiYq
etag
W/"0e0a28fe6ade527af1f896eed2cff85f"
age
5808
x-cache
Hit from cloudfront
x-amz-cf-id
EGYwg2z7P36mXXRso4w5t3bl6NmnBYaVqVuMLbJTodM_igQGJfUPQw==
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 15:45:19 GMT
vary
Accept-Encoding
via
1.1 c51b1d593cf50fce374b03c237f8fd44.cloudfront.net (CloudFront)
cf-ray
8d8a1041c8a6d2be-FRA
x-amz-cf-pop
WAW51-P5
server
cloudflare
x-amz-server-side-encryption
AES256
pageos.js
cdn.intergient.com/pageos/1.10.68/ 		399 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62bd364acbcb0868473e3b8f433520af212445da273d16d337ba05b447353a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e586aa17b59e2b1b143622c45d403956"
age
238862
x-cache
Hit from cloudfront
x-amz-cf-id
AMMNrKsZyESDuOcd5505PsAoWXFW4Z4fcPXkSRm1YGc85v5VJ2026Q==
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cf-ray
8d8a10413ecadba5-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
runtime.0469779f96c584e1bf22.js
cdn.intergient.com/pageos/1.10.68/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/runtime.0469779f96c584e1bf22.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c229bf0397343c4290664548181f6d845fd152227ab647d99f8a30fee16c5542

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"71aabb00f38c219227cb02921dd0be60"
age
239093
x-cache
Hit from cloudfront
x-amz-cf-id
1VWQKf0LXKwsaNC3oPc8YtS_-djbW_969OwGODakpwNmhqBnNX6_-g==
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
cf-ray
8d8a10418f92dba5-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
main.0184ca53f52ae3147289.js
cdn.intergient.com/pageos/1.10.68/ 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d52ef53d74405d52d924e34720e3b1876095b3c3406871a6f657346c08f2f47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"8f4a51e65dbb3b8edc0e939cfb7e783c"
age
235318
x-cache
Hit from cloudfront
x-amz-cf-id
39TuN9CI5tfs7iyuEcq1XfXCEVva16GWT7ip8KZQF6TuxdFnvIol1Q==
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
cf-ray
8d8a10418f94dba5-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		257 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f53b4eaf372c39ffa26d4a4068316968b0ef91cfee865779861825e94aa93882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 26 Oct 2024 11:21:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93280
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4ao0v9101576445za200&_p=1729941693444&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1144442579.1729941694&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729941693&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fsdfrti.gingercub.net%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1159
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/plain
server
Golfe2
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/1.10.68/ 		559 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/runtime.0469779f96c584e1bf22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6880c1609e3243c11c7b4f1285e14d89"
age
238511
x-cache
Hit from cloudfront
x-amz-cf-id
w0b0jq7kjfiHsxSilI1tKel025x-qzSYv8yNWCy8mlwBy0u3zX9Uag==
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
cf-ray
8d8a1042aa39dba5-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
iframe.html
cdn.intergient.com/pageos/1.10.68/iframe/ Frame 3BBC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
239446
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8d8a10438cb0d2db-FRA
content-encoding
br
content-type
text/html
date
Sat, 26 Oct 2024 11:21:34 GMT
hw-country-code
DE
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 aec01f265f362fdc0246b1de1723a19e.cloudfront.net (CloudFront)
x-amz-cf-id
dV8PZPOm60fbXKB-5phLwnMcvQHvX_TxikOnSiFTq6ql_P_X55i60A==
x-amz-cf-pop
MRS52-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
gdpr.1b960cdd1c148987c402.js
cdn.intergient.com/pageos/1.10.68/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/gdpr.1b960cdd1c148987c402.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/runtime.0469779f96c584e1bf22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa98ee205d0ed7ab5765a57a2652a721657b0afe77539306b4d2c2e582587cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f4fb0f395e7b6363ec6a36d7e3603696"
age
228324
x-cache
Hit from cloudfront
x-amz-cf-id
vFQDlu22H7SL-MBR8WKjSNqqbM_hIt9h_2Xna_3B6dF2MLUT1yK_aw==
date
Sat, 26 Oct 2024 11:21:33 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
cf-ray
8d8a1042fadbdba5-FRA
x-amz-cf-pop
AMS58-P6
server
cloudflare
x-amz-server-side-encryption
AES256
GDPR
impression-inferences-edge-prod.playwire.com/websites/74068/v1/Sat/7/desktop/Chrome/ 		583 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Sat/7/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:7a00:b:99e7:bb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
45704993fbf4d0a5347a1aa01ca7a912f94c51ab0c288b42082ff105d0a64a0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600, public, must-revalidate
access-control-expose-headers
*
age
1285
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
583
x-amz-cf-id
fFC2X3o5zAmErec9cL81i-of-P36DOp3QZAZj5kQjgc5knJfKz_7dg==
date
Sat, 26 Oct 2024 11:00:09 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P9
server
CloudFront
tag
btloader.com/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b64755d6b76e46085aeb802ac190fba16cc57e227cecf83494a7bd1b0e3d183

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"05b314ef9e018dad73f6d83ff6ca0f20"
age
351
via
1.1 google
cf-ray
8d8a1043aa41698f-FRA
accept-ranges
bytes
content-length
31415
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
application/javascript
last-modified
Sat, 26 Oct 2024 11:13:18 GMT
vary
Origin, Accept-Encoding
server
cloudflare
pixel.gif
px.moatads.com/ 		27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 26 Oct 2024 11:21:34 GMT
Content-Length
27
Date
Sat, 26 Oct 2024 11:21:34 GMT
AK-GRN
0.552b3517.1729941694.85af040
Content-Type
text/html
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=zaaegs&adnum=234701
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
131961
x-cache
Hit from cloudfront
x-amz-cf-id
OiF7B2zFu8gRLJXApYukoYcgnbKjgu4nZtV6mFITjzc0rQndEpD7Fg==
date
Thu, 24 Oct 2024 22:42:14 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/ 		481 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
14283833466912019972
age
4703
x-content-type-options
nosniff
expires
Sun, 26 Oct 2025 10:03:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Oct 2024 10:03:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152738
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je4ao0v9102396898za200zb9101576445&_p=1729941693444&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1144442579.1729941694&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729941694&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fsdfrti.gingercub.net%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1729941693444&tfd=1398
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
text/plain
server
Golfe2
px.gif
ad-delivery.net/ 		43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
32
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6C1DG%2F5HbWyf1jLN3yvXVR7Q0yVwhh6Li8Uk26%2Byo3sRpJlIcu%2F2ww6sLFFHoXBHiA5KgadxKghJlpPMl77jalM8hFhWazmMD50atI1sDT9xL4s%2FMXLwq2rYqCeiIW7UOPRWaySHdqcmZ04Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sun, 27 Oct 2024 11:21:34 GMT
x-goog-stored-content-length
43
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0FIUe_KMwRiyIxInaIbb_zqwDAT537via137HloGK3192QTgRWyfcQuylaA4I_zH6EpMOrKFJ6eQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d8a10461e70d3a2-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
age
69097
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 16:09:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:09:57 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.28484982138613546
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
32
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDxYK5BCr52OP2D%2FfoR502hrM0Jhf8WwAUuWi1%2BT8Y8ZjnVb%2Bdq4ZilQbqHDsD642hAihFXopfRjEl1hfrYLn2T9BYu10icrEZuaEeiUsbc7HuQg3LC%2B47CB6gmX1fFf%2F3S5lHxNBbpfIQ%2F04Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sun, 27 Oct 2024 11:21:34 GMT
x-goog-stored-content-length
43
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0FIUe_KMwRiyIxInaIbb_zqwDAT537via137HloGK3192QTgRWyfcQuylaA4I_zH6EpMOrKFJ6eQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d8a10461e73d3a2-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
154013155
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7472fa937fccd9639f05baf5924881f64a43cdaad460fcffbf242ca0e7427e1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZM0BXvHRrIwDG7k-sMK3hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtHikmLw05BiWMS_i-m80x2m60As8fUlkxYQO6XPYA0B4tab51inA3HSv_OsJUDsrnWR1R-IDRUusToDsWPRJVZPIFbtucRqDsT3111ifQ7Eez9eYj0KxEUSV1hbgPh20xXWx0DM8PUKKwcQC_Fw7Fv4eQebwIMVj34zKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhgZ6RkYxBcYAAD7A0tE"
content-security-policy
script-src 'report-sample' 'nonce-ZM0BXvHRrIwDG7k-sMK3hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
712134ef984188c5d835428f8d4a7a36bb24c9c5bac1
faucetfoot.com/u/98d830335d/ 		303 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/u/98d830335d/712134ef984188c5d835428f8d4a7a36bb24c9c5bac1
Requested by
Host: faucetfoot.com
URL: https://faucetfoot.com/build/413b0472e4b7_7a48634bb769c757449f64e69c.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29c2cab96cbaef136eb6770009a5b18a62d09c8f2b738d8ad4a2e934bf7c725
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-europe-west1-spot-k7vg
expires
Sat, 26 Oct 2024 11:21:33 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8d8a1048abbfe50b-TXL
access-control-allow-origin
https://paint.toys
x-buildnumber
1507459579
server
cloudflare
country
api.btloader.com/ 		37 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
application/json
vary
Origin
AGSKWxWfm5snGeLPtv2Lfavs6os11p3Fs5fHJx1jkAakmoY75sWkWgnJZsiBKv0kMELEgnmMsx62iOo1Uu0Xw0P5LlJ8qWba4jwR-1xIU_rrI249iQaOZ1An-UJA_sRhKBt4lqKRakI8pg==
fundingchoicesmessages.google.com/f/ 		699 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWfm5snGeLPtv2Lfavs6os11p3Fs5fHJx1jkAakmoY75sWkWgnJZsiBKv0kMELEgnmMsx62iOo1Uu0Xw0P5LlJ8qWba4jwR-1xIU_rrI249iQaOZ1An-UJA_sRhKBt4lqKRakI8pg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5OTQxNjk0LDY3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJaN2Z4VnpXY0hLNCJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMxY6rV8pABktFmgtbBR8TyDRts1Pg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d5b0ce635118128e234e2e7e2e9a23d9f1b75efca57a6399121eb56909796d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Yo49S9RbE6IhoHKkuMY7SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_Hej5dYjwJxkcQV1hYgvt10hfUxEDN8vcLKAcRCPBz7Fn7ewSbQ8aDpA5OSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiaGBkZGegUF8gQEA4jBJQw"
content-security-policy
script-src 'report-sample' 'nonce-Yo49S9RbE6IhoHKkuMY7SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
iframe.html
cdn.intergient.com/pageos/1.10.68/iframe/ Frame 4F4F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
239446
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8d8a10438cb0d2db-FRA
content-encoding
br
content-type
text/html
date
Sat, 26 Oct 2024 11:21:34 GMT
hw-country-code
DE
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 aec01f265f362fdc0246b1de1723a19e.cloudfront.net (CloudFront)
x-amz-cf-id
dV8PZPOm60fbXKB-5phLwnMcvQHvX_TxikOnSiFTq6ql_P_X55i60A==
x-amz-cf-pop
MRS52-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
apstag.js
c.amazon-adsystem.com/aax2/ 		324 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"b3da0d59872bd7a86984a426ca256adc"
age
96
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kAmlvLGVkzt3uwEobI10_I8LLyDveRNM9BVSNAJoQG7awnBfBzybYw==
date
Sat, 26 Oct 2024 11:19:59 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 15:05:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=3y4Jf2OvQ&w=5096819819806720&o=5150306120761344&cv=2.1.60-1-gb71443f&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=jP5IdEukID&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:34 GMT
vary
Origin
161a37de-1388-4294-9bd2-8d20b9fddde9
https://paint.toys/ Frame 		0
0
474.a06f43d51aa26adc277d.js
cdn.intergient.com/pageos/1.10.68/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.68/474.a06f43d51aa26adc277d.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/runtime.0469779f96c584e1bf22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aebb66b197fa09f062d3c39fc4b841cea9b1e9e85146218cf19d526078af4dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4e40df765c4b2340e48e0a0795cd7b6b"
age
237101
x-cache
Hit from cloudfront
x-amz-cf-id
636kBrYZ-5ObtZYtbnbkLAqrkitJZaPR0haLciTFxESf1kyMpsbZtQ==
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:04:56 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
cf-ray
8d8a10493b13dba5-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
tyche.js
cdn.intergi.com/hera/releases/4.10.45/ 		487 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.45/tyche.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a1c1bce389192e882d72033b6f5de5a3599c9f5a7ef4820e45db51f1f0351c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
JrvTlLuqxqYo36e9qnuesn3tjk9Xg4h1
etag
W/"ed7cc8d61e0d2d3b121e261d5061b103"
age
249841
x-cache
Miss from cloudfront
x-amz-cf-id
nkjF-6afh3J7Q443n6Lq_AwfoGfNCzHUnnL6kwCw6mzPaUuqT64YIg==
date
Sat, 26 Oct 2024 11:21:34 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:05:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
cf-ray
8d8a10493be7d2be-FRA
x-amz-cf-pop
VIE50-P1
server
cloudflare
x-amz-server-side-encryption
AES256
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
application/octet-stream
server
nginx/1.24.0
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Z7fxVzWcHK4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxn2KR943Cai6_1z8PLbX4JZWT63Q/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c84967ed8bd11e1a19166a86d697a067d293c82658c8a4ba3346a92d31d4a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 11:21:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 26 Oct 2024 11:21:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://paint.toys
Referer
https://paint.toys/

Response headers

age
393732
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxUisjGRFnvmDOqxwK4qBX51BxpwnQu552XPuo4MuktMe1ybgH8l4wPYVQKCO30213QpQ8cBA-9u9l3JBzINUZSEqzCHqPWAz5XsEw1yaE0cbzZhxn67zMQ2oNG2oDn04Ws_t0ZUkQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUisjGRFnvmDOqxwK4qBX51BxpwnQu552XPuo4MuktMe1ybgH8l4wPYVQKCO30213QpQ8cBA-9u9l3JBzINUZSEqzCHqPWAz5XsEw1yaE0cbzZhxn67zMQ2oNG2oDn04Ws_t0ZUkQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMxY6rV8pABktFmgtbBR8TyDRts1Pg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-l8-BowCAtyfvIkBYBz-0rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoAxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh2L_w8w42gR3XFu1jVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAHCOLkg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-l8-BowCAtyfvIkBYBz-0rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUisjGRFnvmDOqxwK4qBX51BxpwnQu552XPuo4MuktMe1ybgH8l4wPYVQKCO30213QpQ8cBA-9u9l3JBzINUZSEqzCHqPWAz5XsEw1yaE0cbzZhxn67zMQ2oNG2oDn04Ws_t0ZUkQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUisjGRFnvmDOqxwK4qBX51BxpwnQu552XPuo4MuktMe1ybgH8l4wPYVQKCO30213QpQ8cBA-9u9l3JBzINUZSEqzCHqPWAz5XsEw1yaE0cbzZhxn67zMQ2oNG2oDn04Ws_t0ZUkQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMxY6rV8pABktFmgtbBR8TyDRts1Pg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LFkj2ZHHy0h2bAcFD3IpGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoAxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh2L_w8w42gRMbf-xhVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAH7CLn8"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LFkj2ZHHy0h2bAcFD3IpGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
runtime.654cff08c7591d79ae83.js
cdn.intergi.com/hera/releases/4.10.45/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.45/runtime.654cff08c7591d79ae83.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.45/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41264585fa14b1eb47522eedc9f50f8a86121a9bdc49ddea8910f848c529a5b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
DFFX1bi5hmWHmLUavr67t63PWNysbEl2
etag
W/"f886eccee29fbfdecace041d8e3ea92a"
age
241593
x-cache
Hit from cloudfront
x-amz-cf-id
kHrbxsAOymrK1YZpJtxsNvf1bW4pQJU50tEXZXvs7cF74l2Fa6YmAw==
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:05:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-ray
8d8a104c2befd2be-FRA
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256
main.1635f244a4d882ed0c54.js
cdn.intergi.com/hera/releases/4.10.45/ 		213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.45/main.1635f244a4d882ed0c54.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.45/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae8bc7c99d5ca1d2aa83a874fb31af1fd1a4fe79f2cb5bc89079c7ce753fc721

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
F5oT6pibRN1AI40OutYc1re2ZaYVxbp3
etag
W/"3c91aeeb9058278b0442cb18767409ba"
age
249842
x-cache
Miss from cloudfront
x-amz-cf-id
2Wtkt4_YgJ7cb-CIl_kVDG9NUKo6a2X-O9o3VQWxn_OmG1NXhoDEiA==
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:05:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
cf-ray
8d8a104c2bf5d2be-FRA
x-amz-cf-pop
VIE50-P1
server
cloudflare
x-amz-server-side-encryption
AES256
lib.82225ced52a6390e480c.js
cdn.intergi.com/hera/releases/4.10.45/lib/ 		1 KB
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.45/lib/lib.82225ced52a6390e480c.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.45/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
_j6OdebKsEXSi7EGPtSb5NIMdIFFQHEd
etag
W/"26c007e785f82a765ec40fc9a32b0b3c"
age
249842
x-cache
Miss from cloudfront
x-amz-cf-id
jw-Ryilrsb3CY4YmFel4q_G-DKGi7Li_QEHG7ofRrGySzjmJMcRLxA==
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:05:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
via
1.1 ac02b9a9a93754a9f85004c4c9792fee.cloudfront.net (CloudFront)
cf-ray
8d8a104c2bf6d2be-FRA
x-amz-cf-pop
VIE50-P1
server
cloudflare
x-amz-server-side-encryption
AES256
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
27111
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
HmNp4ehuTUNNgOIIAIqwEpMR3oTP5rNE0cT-T7ghA8-dmAahIwNbow==
date
Sat, 26 Oct 2024 05:24:06 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		563 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
0483adaa68d433b3e47ff7b4525c1d7b8d118e6d7cded6aad0da512ff55bbea4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600
age
140
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
NaU7tqzhoB2GturEqoliWBKS0xMR7nbqNIB3RlDbOwlZGaQtBfwuBw==
date
Sat, 26 Oct 2024 11:19:15 GMT
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		423 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.45/main.1635f244a4d882ed0c54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a979dea834c3daf6e095648bdc01b0304d47ad01cb14f367681ee2fa789f48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 11:21:35 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147821
date
Sat, 26 Oct 2024 11:21:35 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=http%3A%2F%2Fsdfrti.gingercub.net%2F&pid=MH7rj2wn0C0g4&cb=0&ws=1600x1200&v=24.910.1025&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.52.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-52-164.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
4mrsVIoZ1K3vv4WnXBsdXLGhwS1p1HVJwAB5xdhv621nIAxSneseBg==
date
Sat, 26 Oct 2024 11:21:35 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P9
server
Server
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpaint.toys%2Foil%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 11:21:37 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
35
date
Sat, 26 Oct 2024 11:21:37 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
paint.toys/ 		615 B
749 B 		Other
General
Check archive.org
Download Go to
Full URL
https://paint.toys/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
30a007a99e491d9e1b2b72c02e4a8454334c6ea2b3a03316d50135b20464fccc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"6c77abc0123fbfdebbf702a90fb50938-ssl"
age
142606
accept-ranges
bytes
content-length
615
x-nf-request-id
01JB48YWW2BGCN46R4ZQ6DTZGK
cache-status
"Netlify Edge"; hit
date
Sat, 26 Oct 2024 11:21:37 GMT
content-type
image/vnd.microsoft.icon
server
Netlify
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je4ao0v9101576445za200&_p=1729941693444&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1144442579.1729941694&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729941693&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=http%3A%2F%2Fsdfrti.gingercub.net%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=12&tfd=6173
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 11:21:38 GMT
content-type
text/plain
server
Golfe2
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.68/main.0184ca53f52ae3147289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Sat, 26 Oct 2024 11:21:39 GMT
content-type
application/octet-stream
server
nginx/1.24.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paint.toys
URL
blob:https://paint.toys/161a37de-1388-4294-9bd2-8d20b9fddde9
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| reflect function| OilPainting object| app function| save function| admiral object| googletag string| _pwUserContentEncoding object| PageOS object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR number| _adImpressionSR object| _pwLogger string| _pwKassandraVer number| _pwFpSampling string| _pwUserCC object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| tyche boolean| pwRAMPInitiated object| webpackChunkpageos object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| pageos object| __core-js_shared__ object| core function| 4dm1r11545242527 object| ggeac object| google_js_reporting_queue object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime object| __bt object| __bt_intrnl object| __bt_tag_d object| google_reactive_ads_global_state boolean| __bt_already_invoked object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| apstag object| _aps boolean| apstagLOADED object| apscustom object| Tyche object| webpackChunkTyche object| kinesis object| pbjs object| __pwhbjs boolean| liModuleEnabled object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event

7 Cookies

Domain/Path Name / Value
.intergi.com/ Name: __cf_bm
Value: sdoC7SQl2B1_asvdI2Cbk9F2GFcukZ2zFKkJSd1w0.s-1729941693-1.0.1.1-QsJ6UZzQtvE.4OraYK3DkA6TvLfmZUtjTJ5h8Ysl.0FaiJf1a5yPQ8shbYBlEHDBH1v.fk9ecYYmEgwjF4trww
.paint.toys/ Name: _ga
Value: GA1.1.1144442579.1729941694
.paint.toys/ Name: _ga_VJBRK9986D
Value: GS1.1.1729941693.1.0.1729941693.0.0.0
paint.toys/ Name: usprivacy
Value: 1---
.paint.toys/ Name: _ga_CEFZJ359V8
Value: GS1.1.1729941694.1.0.1729941694.0.0.0
.intergient.com/ Name: __cf_bm
Value: 1lZvFLvDyB24UsVrzGbjZfhtbq4VCtwVYJnMoaNL3aQ-1729941694-1.0.1.1-SCStpS.3LQoBnAS1F30MadekYNqbbTQT2zgJlpICr.TG6ptdFhA7fn54KYYMBd.ZHkLPwKD8yAS2TZmvXu8t5A
.paint.toys/ Name: _awl
Value: 2.1729941694.5-f92ec10e175e2ad855c3024dcafce832-6763652d6575726f70652d7765737431-0

4 Console Messages

Source Level URL
Text
network error URL: https://px.moatads.com/pixel.gif
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
rendering warning URL: https://paint.toys/oil/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A080430AA4340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://paint.toys/oil/
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.amazon-adsystem.com
cd836371f1d.cdn.intergient.com
cdn.intergi.com
cdn.intergient.com
config.aps.amazon-adsystem.com
faucetfoot.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
paint.toys
px.moatads.com
region1.google-analytics.com
sdfrti.gingercub.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
www.googletagmanager.com
c.amazon-adsystem.com
paint.toys
104.18.24.111
108.138.6.136
130.211.23.194
142.250.181.230
142.250.185.130
142.250.185.195
142.250.185.206
18.245.52.164
2001:4860:4802:34::36
216.239.32.36
23.213.165.236
2600:9000:223f:4000:8:48e:53c0:93a1
2600:9000:2670:7a00:b:99e7:bb00:93a1
2606:4700:10::6816:4ad8
2606:4700:20::ac43:4513
2606:4700::6812:1438
2606:4700::6812:1538
2606:4700::6812:18f2
2606:4700::6812:196f
2a00:1450:4001:806::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
3.33.186.135
3.73.242.72
67.198.205.86
99.86.4.30
0483adaa68d433b3e47ff7b4525c1d7b8d118e6d7cded6aad0da512ff55bbea4
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07d9ac511d4ade54f59dead58761fc74104a73005cc7da151ce4a38edcdf8424
0a979dea834c3daf6e095648bdc01b0304d47ad01cb14f367681ee2fa789f48e
0aa98ee205d0ed7ab5765a57a2652a721657b0afe77539306b4d2c2e582587cf
13c0af8cfbf50a24c34d7d288ed9651261e62db5ecc7d89ff1e74b2abad3fa39
1aebb66b197fa09f062d3c39fc4b841cea9b1e9e85146218cf19d526078af4dd
1b64755d6b76e46085aeb802ac190fba16cc57e227cecf83494a7bd1b0e3d183
1bac5e8fb5021358231d218f02ed4aaf9431c9c33677e2c1977c1e27d3954572
1f60a61a733d55b12c3ff307923c91a15374956ae10e56aa9ed9e9a0e9286860
2cb190434fc05ed9e8226f330f36d1591bee66452ccde2f6aa3d317439a191b3
2d52ef53d74405d52d924e34720e3b1876095b3c3406871a6f657346c08f2f47
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
30a007a99e491d9e1b2b72c02e4a8454334c6ea2b3a03316d50135b20464fccc
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e025b4fd896548851a9114d22ff47def478fc8df672c84f84ecf730f72d2d13
41264585fa14b1eb47522eedc9f50f8a86121a9bdc49ddea8910f848c529a5b5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
45704993fbf4d0a5347a1aa01ca7a912f94c51ab0c288b42082ff105d0a64a0a
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
6c84967ed8bd11e1a19166a86d697a067d293c82658c8a4ba3346a92d31d4a87
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
6ec165ec6b34d64442c69d05c28f498f5a390886bc8313932131b27b54886bc5
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7472fa937fccd9639f05baf5924881f64a43cdaad460fcffbf242ca0e7427e1f
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
89a1c1bce389192e882d72033b6f5de5a3599c9f5a7ef4820e45db51f1f0351c
9d5b0ce635118128e234e2e7e2e9a23d9f1b75efca57a6399121eb56909796d5
ae8bc7c99d5ca1d2aa83a874fb31af1fd1a4fe79f2cb5bc89079c7ce753fc721
c229bf0397343c4290664548181f6d845fd152227ab647d99f8a30fee16c5542
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bd364acbcb0868473e3b8f433520af212445da273d16d337ba05b447353a9
f29c2cab96cbaef136eb6770009a5b18a62d09c8f2b738d8ad4a2e934bf7c725
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
f53b4eaf372c39ffa26d4a4068316968b0ef91cfee865779861825e94aa93882