urlscan.io logo urlscan.io
SecurityTrails logo

paint.toys Open in urlscan Pro
3.33.186.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW...
Effective URL: https://paint.toys/oil/
Submission: On March 22 via api from BE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 8 countries across 45 domains to perform 158 HTTP transactions. The main IP is 3.33.186.135, located in United States and belongs to AMAZON-02, US. The main domain is paint.toys. The Cisco Umbrella rank of the primary domain is 703577.
TLS certificate: Issued by E5 on January 31st 2025. Valid for: 3 months.
This is the only time paint.toys was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 67.198.205.86 35908 (VPLSNET)
1 8 3.33.186.135 16509 (AMAZON-02)
13 104.18.20.56 13335 (CLOUDFLAR...)
2 142.250.184.200 15169 (GOOGLE)
1 10 216.58.206.34 15169 (GOOGLE)
3 142.250.184.238 15169 (GOOGLE)
1 18.245.46.100 16509 (AMAZON-02)
1 104.22.74.216 13335 (CLOUDFLAR...)
1 185.199.108.133 54113 (FASTLY)
10 142.250.185.174 15169 (GOOGLE)
2 104.26.3.70 13335 (CLOUDFLAR...)
1 216.58.206.70 15169 (GOOGLE)
1 178.250.1.39 44788 (ASN-CRITE...)
6 178.250.1.11 44788 (ASN-CRITE...)
3 108.138.3.93 16509 (AMAZON-02)
1 142.250.185.74 15169 (GOOGLE)
6 162.19.138.83 16276 (OVH OVH SAS)
2 52.211.201.45 16509 (AMAZON-02)
2 3.228.236.67 14618 (AMAZON-AES)
1 3.73.242.72 16509 (AMAZON-02)
3 162.19.138.120 16276 (OVH OVH SAS)
1 99.86.4.30 16509 (AMAZON-02)
1 13.32.25.72 16509 (AMAZON-02)
4 104.122.32.85 16625 (AKAMAI-AS)
1 65.9.66.97 16509 (AMAZON-02)
1 172.67.36.110 13335 (CLOUDFLAR...)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 34.36.214.49 396982 (GOOGLE-CL...)
3 2.18.96.187 16625 (AKAMAI-AS)
4 69.173.156.139 26667 (RUBICONPR...)
4 45.55.124.119 14061 (DIGITALOC...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.89.210.141 29990 (ASN-APPNEX)
4 52.209.58.69 16509 (AMAZON-02)
1 3.78.168.176 16509 (AMAZON-02)
4 3.72.106.219 16509 (AMAZON-02)
1 52.223.6.21 16509 (AMAZON-02)
1 178.250.1.56 44788 (ASN-CRITE...)
1 52.222.236.4 16509 (AMAZON-02)
1 178.250.1.38 44788 (ASN-CRITE...)
1 104.18.27.193 13335 (CLOUDFLAR...)
1 64.158.223.146 41041 (VCLK-EU-S...)
1 2 104.18.26.193 13335 (CLOUDFLAR...)
1 35.170.28.172 14618 (AMAZON-AES)
6 216.58.206.65 15169 (GOOGLE)
2 68.183.23.71 14061 (DIGITALOC...)
3 142.250.186.129 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 104.18.25.18 13335 (CLOUDFLAR...)
2 2.23.245.145 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 3 13.248.245.213 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
2 142.251.36.35 15169 (GOOGLE)
1 3.72.38.170 16509 (AMAZON-02)
1 34.249.238.185 16509 (AMAZON-02)
1 1 23.37.42.132 16625 (AKAMAI-AS)
158 58
2    67.198.205.86 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.198.205.86.static.krypt.com
wqzfr.ontrakinc.com
8    3.33.186.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: afa7f374f51cc8991.awsglobalaccelerator.com
paint.toys
13    104.18.20.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
prebid.intergient.com
2    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
10    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    18.245.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-100.fra56.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    185.199.108.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-133.github.com
raw.githubusercontent.com
10    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
fundingchoicesmessages.google.com
2    104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    216.58.206.70 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f6.1e100.net
ad.doubleclick.net
1    178.250.1.39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
static.criteo.net
6    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
3    108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
6    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
2    52.211.201.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-201-45.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    3.228.236.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-236-67.compute-1.amazonaws.com
idx.liadm.com
1    3.73.242.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
cd836371f1d.cdn.intergient.com
3    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.32.25.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-72.fra56.r.cloudfront.net
aax.amazon-adsystem.com
4    104.122.32.85 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-32-85.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    172.67.36.110 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
3    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    69.173.156.139 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    45.55.124.119 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
exchange.cootlogix.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    52.209.58.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-58-69.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    3.78.168.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-168-176.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    3.72.106.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-106-219.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
1    178.250.1.56 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid.bidswitch.net
1    52.222.236.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-4.fra56.r.cloudfront.net
hb.yellowblue.io
1    178.250.1.38 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid-bidder.criteo.com
1    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    64.158.223.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams02-convex-float1.dotomi.com
proc.ad.cpe.dotomi.com
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    35.170.28.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-28-172.compute-1.amazonaws.com
rp.liadm.com
6    216.58.206.65 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f1.1e100.net
4dac8df277be53075c39a5064ebf44b1.safeframe.googlesyndication.com
cdn.ampproject.org
2    68.183.23.71 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
3    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    2.23.245.145 (Doha, Qatar)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-245-145.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.65.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    142.251.36.35 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: ams17s12-in-f3.1e100.net
csi.gstatic.com
1    3.72.38.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-38-170.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    34.249.238.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-238-185.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
Apex Domain
Subdomains		 Transfer
14 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 6880
cd836371f1d.cdn.intergient.com — Cisco Umbrella Rank: 8355
prebid.intergient.com — Cisco Umbrella Rank: 9643
328 KB
10 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 697
www.google.com — Cisco Umbrella Rank: 3 Failed
72 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 227
ad.doubleclick.net — Cisco Umbrella Rank: 143
googleads.g.doubleclick.net Failed
228 KB
8 paint.toys
paint.toys — Cisco Umbrella Rank: 703577
130 KB
7 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 501
eus.rubiconproject.com — Cisco Umbrella Rank: 670
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1105
4 KB
7 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 565
cdn.id5-sync.com — Cisco Umbrella Rank: 979
33 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 470
grid-bidder.criteo.com — Cisco Umbrella Rank: 1170
3 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
4dac8df277be53075c39a5064ebf44b1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 175
77 KB
6 cootlogix.com
exchange.cootlogix.com — Cisco Umbrella Rank: 4909
sync.cootlogix.com — Cisco Umbrella Rank: 1657
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 529
104 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1055
match.sharethrough.com — Cisco Umbrella Rank: 620
523 B
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1418
rtb.gumgum.com — Cisco Umbrella Rank: 1547
969 B
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 351
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 729
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
101 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 616
eb2.3lift.com — Cisco Umbrella Rank: 438
1 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 617
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512
109 B
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1188
106 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 499
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 566
3 KB
3 openx.net
pa.openx.net — Cisco Umbrella Rank: 3991
rtb.openx.net Failed
u.openx.net — Cisco Umbrella Rank: 770
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 983
844 B
3 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 1321
rp.liadm.com — Cisco Umbrella Rank: 994
745 B
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2436
tags.crwdcntrl.net — Cisco Umbrella Rank: 1183
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
2 gstatic.com
csi.gstatic.com
591 B
2 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 1539
match.adsrvr.org — Cisco Umbrella Rank: 386
392 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 286
acdn.adnxs.com — Cisco Umbrella Rank: 717
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 999
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
221 KB
2 ontrakinc.com
wqzfr.ontrakinc.com
2 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 748
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 82
20 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3086
459 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 1558
626 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1250
x.bidswitch.net Failed
310 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1527
324 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 494
138 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 922
13 KB
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3232
590 B
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1007
api.btloader.com Failed
36 KB
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 9123
920 B
0 agkn.com Failed
fid.agkn.com Failed
0 creativecdn.com Failed
invstatic101.creativecdn.com Failed
0 33across.com Failed
cdn-ima.33across.com Failed
lexicon.33across.com Failed
0 openxcdn.net Failed
oa.openxcdn.net Failed
0 dns-finder.com Failed
ag.dns-finder.com Failed
0 faucetfoot.com Failed
faucetfoot.com Failed
158 45
Domain Requested by
11 cdn.intergient.com paint.toys
cdn.intergient.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
8 paint.toys 1 redirects wqzfr.ontrakinc.com
paint.toys
7 securepubads.g.doubleclick.net 1 redirects cdn.intergient.com
securepubads.g.doubleclick.net
paint.toys
imasdk.googleapis.com
6 id5-sync.com cdn.intergient.com
cdn.id5-sync.com
6 gum.criteo.com static.criteo.net
cdn.intergient.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 btlr.sharethrough.com cdn.intergient.com
4 g2.gumgum.com cdn.intergient.com
4 exchange.cootlogix.com cdn.intergient.com
4 fastlane.rubiconproject.com cdn.intergient.com
4 secure.cdn.fastclick.net wqzfr.ontrakinc.com
secure.cdn.fastclick.net
3 eb2.3lift.com 1 redirects cdn.intergient.com
3 tpc.googlesyndication.com paint.toys
3 ads.pubmatic.com cdn.intergient.com
3 lb.eu-1-id5-sync.com cdn.intergient.com
cdn.id5-sync.com
3 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
paint.toys
3 www.google-analytics.com www.googletagmanager.com
2 csi.gstatic.com cdn.ampproject.org
pagead2.googlesyndication.com
2 u.openx.net cdn.intergient.com
2 eus.rubiconproject.com cdn.intergient.com
2 sync.cootlogix.com cdn.intergient.com
2 ssum-sec.casalemedia.com 1 redirects cdn.intergient.com
2 prebid.intergient.com cdn.intergient.com
2 idx.liadm.com cdn.intergient.com
2 id.crwdcntrl.net cdn.intergient.com
2 ad-delivery.net paint.toys
2 www.googletagmanager.com paint.toys
www.googletagmanager.com
2 wqzfr.ontrakinc.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 rtb.gumgum.com cdn.intergient.com
1 match.sharethrough.com paint.toys
1 match.adsrvr.org paint.toys
1 acdn.adnxs.com cdn.intergient.com
1 js-sec.indexww.com cdn.intergient.com
1 www.googleadservices.com paint.toys
1 4dac8df277be53075c39a5064ebf44b1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rp.liadm.com cdn.intergient.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 htlb.casalemedia.com cdn.intergient.com
1 grid-bidder.criteo.com cdn.intergient.com
1 hb.yellowblue.io cdn.intergient.com
1 grid.bidswitch.net cdn.intergient.com
1 direct.adsrvr.org cdn.intergient.com
1 tlx.3lift.com cdn.intergient.com
1 ib.adnxs.com cdn.intergient.com
1 hbopenbid.pubmatic.com cdn.intergient.com
1 pa.openx.net cdn.intergient.com
1 cdn.id5-sync.com wqzfr.ontrakinc.com
1 cdn.hadronid.net wqzfr.ontrakinc.com
1 tags.crwdcntrl.net wqzfr.ontrakinc.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cd836371f1d.cdn.intergient.com cdn.intergient.com
1 imasdk.googleapis.com cdn.intergient.com
1 static.criteo.net securepubads.g.doubleclick.net
1 ad.doubleclick.net paint.toys
1 raw.githubusercontent.com paint.toys
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
0 api.btloader.com Failed btloader.com
0 googleads.g.doubleclick.net Failed paint.toys
0 x.bidswitch.net Failed paint.toys
0 www.google.com Failed paint.toys
0 rtb.openx.net Failed cdn.intergient.com
0 lexicon.33across.com Failed cdn.intergient.com
0 fid.agkn.com Failed cdn.intergient.com
0 invstatic101.creativecdn.com Failed securepubads.g.doubleclick.net
0 cdn-ima.33across.com Failed securepubads.g.doubleclick.net
0 oa.openxcdn.net Failed securepubads.g.doubleclick.net
0 ag.dns-finder.com Failed btloader.com
0 faucetfoot.com Failed cdn.intergient.com
158 73

This site contains links to these domains. Also see Links.

Domain
toms.toys
Subject Issuer Validity Valid
trustmailboxes.com
E5		 2024-12-29 -
2025-03-29		 3 months crt.sh
paint.toys
E5		 2025-01-31 -
2025-05-01		 3 months crt.sh
834af943.sni.cloudflaressl.com
WE1		 2025-02-28 -
2025-05-29		 3 months crt.sh
*.google-analytics.com
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-12-12 -
2026-01-09		 a year crt.sh
btloader.com
WE1		 2025-02-03 -
2025-05-04		 3 months crt.sh
*.github.io
Sectigo RSA Domain Validation Secure Server CA		 2025-03-07 -
2026-03-07		 a year crt.sh
*.google.com
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
ad-delivery.net
WE1		 2025-03-08 -
2025-06-06		 3 months crt.sh
*.doubleclick.net
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-03 -
2025-05-03		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-09 -
2025-05-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
upload.video.google.com
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
id5-sync.com
E5		 2025-03-01 -
2025-05-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.cdn.intergient.com
Go Daddy Secure Certificate Authority - G2		 2024-04-17 -
2025-04-01		 a year crt.sh
eu-1-id5-sync.com
R10		 2025-03-01 -
2025-05-30		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-01-22 -
2026-02-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
hadronid.net
WE1		 2025-03-20 -
2025-06-18		 3 months crt.sh
pa.openx.net
WR3		 2025-03-07 -
2025-06-05		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh
prebid.intergient.com
WE1		 2025-02-19 -
2025-05-20		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-04 -
2026-04-03		 a year crt.sh
*.cootlogix.com
Starfield Secure Certificate Authority - G2		 2024-10-13 -
2025-10-13		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2025-02-21 -
2026-03-23		 a year crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M03		 2024-07-02 -
2025-08-01		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M03		 2025-02-11 -
2026-03-12		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-01 -
2025-04-28		 3 months crt.sh
*.yellowblue.io
Amazon RSA 2048 M02		 2025-02-16 -
2026-03-17		 a year crt.sh
casalemedia.com
E5		 2025-02-08 -
2025-05-09		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
misc-sni.google.com
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
tpc.googlesyndication.com
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
indexww.com
WE1		 2025-01-28 -
2025-04-28		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.gstatic.com
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh

This page contains 24 frames:

Primary Page: https://paint.toys/oil/
Frame ID: 14C3F6FB9223E5443936DBD1A92B1D25
Requests: 120 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/V.20250317.1/iframe/iframe.html
Frame ID: DF13662C0A7F5B96D4609FDC104D532F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 9D3CC62DAC0E5E4DB5B796CBEB974DBF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Frame ID: 520C2F32E45B47FF605C939AD9A4B5C8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/V.20250317.1/iframe/iframe.html
Frame ID: 9A605691F8C77404292AA6583AFE39F1
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 489EE1ED894276C32112E0DC480BDD3E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 33C85D0CAD9227E0C9BEB7752C06C708
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Frame ID: D80A4E4A88628CB7630516E41B2435FA
Requests: 1 HTTP requests in this frame

Frame: https://4dac8df277be53075c39a5064ebf44b1.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Frame ID: F1F49BB0A895CFEC2A3D40859DAF2A16
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/user/html/pbs_sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dvidazoo%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BuserId%7D
Frame ID: 248326A488222DE3F959CBFDF6CB6A3C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012502032353000/amp4ads-v0.mjs
Frame ID: B356F867A38B59E7DB91E54E9BE197B2
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paint.toys&gpp=
Frame ID: EDC7B2D1B7545DD9DFAB8314E88E7C20
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F21422E5A296DAE3C3991878D8413C77
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: B480D1D5020F637DA1C2B8D43852BFF4
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 89153D016C3B70AC24222874897E6668
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8629CA6FC84CD92A42BA2BCAE94767BF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Frame ID: B61B523D5C8C86291346F2AC7C0C4829
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 7FA12ABBFFF0E6C5A10EC10A31C77B03
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 25610943E142A147782C99DF48E94A14
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 372D940025DF7C295345CDC2FBCB63C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 03137F86A2118100D80134D6016D3363
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 891A2EBDE29943D0B7A0E3E7EFD8270B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 9C7BFCD60B272207E868A8A77189C18D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 9E605D6751F6BE35887089BA23415286
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paint with Oils

Page URL History Show full URLs

  1. http://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZm... HTTP 307
    https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZm... Page URL
  2. https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZm... HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

158
Requests

88 %
HTTPS

0 %
IPv6

45
Domains

73
Subdomains

58
IPs

8
Countries

1622 kB
Transfer

4812 kB
Size

53
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls HTTP 307
    https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls Page URL
  2. https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls?in=1 HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls HTTP 307
  • https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Request Chain 97
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Request Chain 124
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C9IlRrl3eZ7bGE8rd1PIPjMuKqAjiiJCEfrWo26W6E9rZHhABIPub1Ulg7QKgAcD83eECyAEC4AIAqAMByAMIqgSGA0_Qqp5vslGsL01mLGORUSBnBVcqcjjey6pxL2bBph8uYkBJsV7dGgzcuzrwMbqIhbZjy-l409bmqaP1MpGY1X0TmJYAoPXyh7zJFtBGmPzI3fltFHTO6ze7LW-l2x3vN0z1vlA_TlZemyOFats413_YVja4Vju5dqt0C2VZs5G9Sk8HZ1spMEEVfXUI2s_e_6FczrnwxTV905PtI7OEUpzfhtWRN1rQidE2T7aZzMXiVAiN899Ld9WJlF9R6sznIIMRLK_4YwH_1k1E7fH_zgXpTZ8Ncqn4vd5cigexwyanEUx-bhQ5tUQDmzEck5wyVTskC0571zvSp53eSOWoQjg2dVxOEgNJ6Ae61RavgreBdDMld1DbzdvKe6gAE3ggkwE92c2gYmAwvOHrIOg6l2azzTyXhKpXus1vpcuOM0MWWMtCmfwRi4P6d6sVR_lea4zyKeSfVeCD5Dzww-8nQ58zdLVLT55B5wY6G2rpae4Ew7h0QQl6_30qjiW7NPl4uIq49xY65MAEicra3oMF4AQBiAXJs_PrUpIFBAgEGAGSBQQIBRgEoAYCgAeog6KeAagH1ckbqAfZtrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAfgvbECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcEEJOyAtIIKAiA4YBgEAEYHTICywI6C4BAgMCAgICgqIACSL39wTpYhp_Tx4ydjAOaCa8CaHR0cHM6Ly9zaW1wbGUtbGlmZS1hcHAuY29tLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY29udGVudD1DSUF8V3Jpc3RzX0Zhc3RpbmdCbGVuZF9SRVNfSW1hZ2VfRFAyMzJfMzAweDYwMF9FTl8xXzIzMTIyNC5qcGcmcGxhY2VtZW50PXBhaW50LnRveXMmY2FtcGFpZ25faWQ9MjIyMzc5OTM0MTcmYWRncm91cF9pZD0xNzI4MDI2MTQ1MzcmYWRfaWQ9NzMyOTY4NTQ1Mzg4fCZ1dG1fY2FtcGFpZ249V1dfRU5fR0ROX0FsbERldl9DSUFfTmVhcl9CQVVGdW5uZWxfV2ViX0NQQV8xMzAyMjUmZ2FkX3NvdXJjZT01gAoDyAsB2gwRCgsQ8PfJst_uk-6sARICAQPiDRMIjtXTx4ydjAMVyi5VCB2MpQKF6g0TCOSj1MeMnYwDFcouVQgdjKUChdgTDNAVAZgWAfgWAYAXAbIXIAocCAASFHB1Yi02NTMxNTAzMjYwNjcxNDcxGNuiIRgBuhcCOAGyGAUYAiIBANAYAegYAQ&sigh=AGy9yTT_c_g&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSOwCjtLzMZO3-rrYqlZmhHup6P_Rvok_DoSipKgj2fmyWs08z79au4n-KymWuFzgYBANLcTFvOND-MjkbGAE&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe23de930fe7f72e50000000000000000%22,%222%22:%220xede9ea8ec9e767e70000000000000000%22,%223%22:%220xb0ea49ff3e4e46d60000000000000000%22,%224%22:%220xe0efb56f430893e40000000000000000%22,%225%22:%220xf2e6662bf6679f520000000000000000%22},%22debug_key%22:%2213701196823528854700%22,%22debug_reporting%22:true,%22destination%22:%22https://simple-life-app.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22741834304%22],%2222%22:[%22true%22],%224%22:[%2203-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216958163755108980177%22}&andc=true
Request Chain 144
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 147
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 151
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=

158 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
wddkls
wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/
Redirect Chain
  • http://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
  • https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
681 B
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.198.205.86 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.198.205.86.static.krypt.com
Software
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 / PHP/7.4.33
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
364
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Mar 2025 06:50:19 GMT
Developed-by
Mohamed Amine El Attabi
Email
mohamed.amine.elattabi@gmail.com
Expires
Sat, 2 Aug 1980 15:15:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
paint.toys/oil/
Redirect Chain
  • https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls?in=1
  • https://paint.toys/oil
  • https://paint.toys/oil/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/
Requested by
Host: wqzfr.ontrakinc.com
URL: https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1582
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
1669
content-type
text/html; charset=UTF-8
date
Sat, 22 Mar 2025 06:50:20 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JPY9VTRSZWAEABNBT72NC34G

Redirect headers

accept-ranges
bytes
age
117307
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-length
1663
content-type
text/html; charset=UTF-8
date
Sat, 22 Mar 2025 06:50:20 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
location
/oil/
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01JPY9VTRD46WWGE9PZ9B5CCX1
ramp_config.js
cdn.intergient.com/1024872/74068/ 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024872/74068/ramp_config.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292ec8b57f99ce8b621017a77f2f62dff325a0d83bc0c22278e375dee82607f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-ray
9243c118793fd223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
apps.css
paint.toys/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paint.toys/apps.css
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"58d01e65c6625681e8891f6fbc8c18f5-ssl-df"
age
162158
accept-ranges
bytes
content-length
1373
x-nf-request-id
01JPY9VTSEK6KTPDGJ15087TE9
cache-status
"Netlify Edge"; hit
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
Netlify
index.js
paint.toys/oil/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/index.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"687211e2ced405124b38663a13c97091-ssl-df"
age
66248
accept-ranges
bytes
content-length
1190
x-nf-request-id
01JPY9VTSEK40J5G89A3PRTHSP
cache-status
"Netlify Edge"; hit
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
art-icon.png
paint.toys/assets/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/art-icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"1394f8469f2ca5750397e3d7b6ec70a1-ssl"
age
36669
accept-ranges
bytes
content-length
33562
x-nf-request-id
01JPY9VTSEFBEBA7JYP2SJKD8X
cache-status
"Netlify Edge"; hit
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
image/png
server
Netlify
icon-hand.png
paint.toys/assets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-hand.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"a0822110a4671ffdf710da1467460fba-ssl"
age
129465
accept-ranges
bytes
content-length
27394
x-nf-request-id
01JPY9VTSEM5KNDTGXGA1GNG36
cache-status
"Netlify Edge"; hit
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
image/png
server
Netlify
icon-disk.png
paint.toys/assets/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-disk.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"26852fa1548a91e004629b01e4abf1dd-ssl"
age
129465
accept-ranges
bytes
content-length
13766
x-nf-request-id
01JPY9VTSVFS5KTKDGP1GREM9M
cache-status
"Netlify Edge"; hit
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
image/png
server
Netlify
icon-trash.png
paint.toys/assets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-trash.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"e91ef5e34b5154d392e8560031eaaa4c-ssl"
age
129274
accept-ranges
bytes
content-length
51680
x-nf-request-id
01JPY9VTT0NHXVQ74QTM0CY1DE
cache-status
"Netlify Edge"; hit
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
image/png
server
Netlify
ramp_core.js
cdn.intergient.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4afbee566e62d64ebc697fe4b1090be6ec42163beb580004d497f68fcd9681e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-ray
9243c1187943d223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		349 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
92308169303ea40e85b5154754b25c71f4f227b9178d4483f7f3f6d32562212c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Sat, 22 Mar 2025 06:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
119841
x-xss-protection
0
server
Google Tag Manager
0405ffa5e07972fb7922f27e951f886ecc5.app.js
faucetfoot.com/chunks/a00a397fe29b5/ 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
7666d5120321d67f06dc0cf4cc0471e6654f66f47c33a83bef3c2946bf4c7256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
86 / 20169 / m202503180101 / config-hash: 8596564917215834183
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 06:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33392
x-xss-protection
0
server
cafe
prebid.js
cdn.intergient.com/prebid/ 		564 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/prebid/prebid.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930f76466a9eb4f30d5eb615b47214dbde199ea4e41372f0a0f4234999effd26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"a7d87a2b75d40afc93980b7bf5387309"
age
6523
cf-ray
9243c118c9ccd223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
text/javascript
last-modified
Thu, 13 Feb 2025 13:59:49 GMT
vary
Accept-Encoding
server
cloudflare
pageos.js
cdn.intergient.com/pageos/V.20250317.1/ 		411 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca074404d9b66ca2b40f09671217a4ed3987dbe1f796fcb9028385108ca427f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"117ecbb977f751ace75d06b5e2394e17"
age
5515
cf-ray
9243c118c9ced223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 13:17:53 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		292 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je53j1v9101576445za200&tag_exp=102482433~102788824~102803279~102813109
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dd85e3e12e01968bd31584786c89370bb4d8a4ce274b0ffc6145370f0cad3c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Sat, 22 Mar 2025 06:50:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
105890
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je53j1v9101576445za200&_p=1742626220848&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109&cid=1618780437.1742626221&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1742626220&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to
{"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:87:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/plain
server
Golfe2
runtime.07fff44937b43c189a2a.js
cdn.intergient.com/pageos/V.20250317.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/runtime.07fff44937b43c189a2a.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc943351d3f65fb1fe470ded84d902d6607e05ffbde166ad5d871cae09fd39da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"055fb4831819b5f96391393b7891acc6"
age
3891
cf-ray
9243c1191a2ad223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 13:17:55 GMT
vary
Accept-Encoding
server
cloudflare
main.f0f340b0ce95dd31546d.js
cdn.intergient.com/pageos/V.20250317.1/ 		455 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c17822987f6dcbf68a26f075a8c175ac9777d7320792dc12d0a2f849c4da899

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"5fde6eae960449407f415e00c77d90d9"
age
5515
cf-ray
9243c1191a2cd223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 13:17:51 GMT
vary
Accept-Encoding
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/ 		524 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
24c55f7fd45388e8a6c4fb7fc8bdae53992181227bb8f77f1d4dc04be9f15556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
8549058430066818552
age
12873
x-content-type-options
nosniff
expires
Sun, 22 Mar 2026 03:15:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 22 Mar 2025 03:15:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168179
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je53j1v9102396898za200zb9101576445&_p=1742626220848&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109&cid=1618780437.1742626221&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1742626221&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1742626220848&tfd=1090
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je53j1v9101576445za200&tag_exp=102482433~102788824~102803279~102813109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to
{"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:87:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/plain
server
Golfe2
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/V.20250317.1/ 		559 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/runtime.07fff44937b43c189a2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"6880c1609e3243c11c7b4f1285e14d89"
age
5515
cf-ray
9243c119eba7d223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 13:17:58 GMT
vary
Accept-Encoding
server
cloudflare
iframe.html
cdn.intergient.com/pageos/V.20250317.1/iframe/ Frame DF13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

age
677
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
9243c11a1aad4d8d-FRA
content-encoding
br
content-type
text/html
date
Sat, 22 Mar 2025 06:50:21 GMT
hw-country-code
SE
last-modified
Tue, 18 Mar 2025 13:17:48 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
gdpr.80ecc6d950abd7ae1e79.js
cdn.intergient.com/pageos/V.20250317.1/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/gdpr.80ecc6d950abd7ae1e79.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/runtime.07fff44937b43c189a2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af7d6e87956d5fa4efa79a20dadf99c8646b041ae992cc64f53cf7e4ca5dc4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"5f9d5d36376d3631f41c8f82fda1adbf"
age
5515
cf-ray
9243c119fbc4d223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 13:17:47 GMT
vary
Accept-Encoding
server
cloudflare
GDPR
impression-inferences-edge-prod.playwire.com/websites/74068/v1/Sat/2/desktop/Chrome/ 		584 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Sat/2/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-100.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
6347d696ef50e5a6ad97669994586dc472b0c72d1145ee1874ef9f1575f9245f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600, public, must-revalidate
access-control-expose-headers
*
age
2750
via
1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
584
x-amz-cf-id
YdFyw5tQhk2SL8uK9x806kZaU-IUu5cRzv2qODS7AyQHm_fN8MpLbg==
date
Sat, 22 Mar 2025 06:04:31 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P9
server
CloudFront
tag
btloader.com/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7e0e5bf8ed80991db9799a6bc536ab0b68745d6ed05f485276fdd50a2685f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"71624561f44f97964141e0c1470f1fbf"
age
1241
via
1.1 google
cf-ray
9243c11a1a7ad3a4-FRA
accept-ranges
bytes
content-length
36931
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/javascript
last-modified
Sat, 22 Mar 2025 06:26:12 GMT
vary
Origin, Accept-Encoding
server
cloudflare
1x1.gif
raw.githubusercontent.com/easylist/easylist/master/docs/ 		43 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/easylist/easylist/master/docs/1x1.gif
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-133.github.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-fastly-request-id
57ea91c2d1829d728bdcc37f7447b52a82b6388c
etag
W/"0c4a5773f7e435c57c40bd270aef756513eba26bd7ba5317b5bd765569a7325d"
x-content-type-options
nosniff
x-github-request-id
69B8:C3144:19B4C2:1DFBCE:67C0FEF0
expires
Sat, 22 Mar 2025 06:55:21 GMT
x-cache
HIT
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
image/gif
x-served-by
cache-fra-eddf8230119-FRA
x-cache-hits
5
source-age
79
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1742626221.141243,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
rum.js
pagead2.googlesyndication.com/pagead/js/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
6f77adf4b5503ca21369dabfe6c37fa0b6e992245e4144e4895843d3ce9f5af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
12089995392850589437
age
604
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 07:40:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 22 Mar 2025 06:40:17 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
25401
x-xss-protection
0
server
cafe
154013155
fundingchoicesmessages.google.com/i/ 		196 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
d48cc73169ad7e36cd52cef698e9ff92f9f7b228bcf9095155beba7df3fa7ce4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Iq2iCg_gYRGiif3zQwhugA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmJw05BiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFuDnW7v65j01gw_pVGUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkamBsZGBnoGRvEFBgDrwCu9"
content-security-policy
script-src 'report-sample' 'nonce-Iq2iCg_gYRGiif3zQwhugA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
px.gif
ag.dns-finder.com/ 		0
0
px.gif
ad-delivery.net/ 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
2515636
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTDe85dLhstt%2Ffm35BmOYoUEzK4Pt3E8k96yuSNa0OXWB6alPfBZExhRRQYzFcjhYG4cFFPylSt5ZYmpdgLLxyGEpcXx7oTjTALRGTUJM844MC0bLtXHTHyn6NpfX0AvRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Fri, 21 Feb 2025 05:00:02 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=6426&min_rtt=6022&rtt_var=1451&sent=10&recv=12&lost=0&retrans=0&sent_bytes=5145&recv_bytes=2351&delivery_rate=585983&cwnd=248&unsent_bytes=0&cid=b1181f848a75acc8&ts=22&x=0"
x-goog-stored-content-length
43
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFIdbgSM45LKVcnLOM-To2Ft-BhM1HWcuh0RT5zKyhywnAY8s_EzF00nJyjFi9HkB6cEMk7urewrYzU
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
9243c11a7aa49972-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
age
14697
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 23 Mar 2025 02:45:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 02:45:24 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9042757327388296
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
2515636
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCMgRKmk6RFSnz6aB2dnspLkpY2zRntem3sdpiosZurIoq3RNRaKkMWomuKnJDtK4ylSW6I4UMW4ZsZ6kBO7YDpTCq3BPvJK3VFRznqH6BzUQ16oqcXYQYs2OL5MP0kK%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Fri, 21 Feb 2025 05:00:02 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=6426&min_rtt=6022&rtt_var=1451&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2351&delivery_rate=585983&cwnd=248&unsent_bytes=0&cid=b1181f848a75acc8&ts=22&x=0"
x-goog-stored-content-length
43
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFIdbgSM45LKVcnLOM-To2Ft-BhM1HWcuh0RT5zKyhywnAY8s_EzF00nJyjFi9HkB6cEMk7urewrYzU
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
9243c11a7aa69972-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/gpt
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
724bf9b6cead6b42a8435c2dd63959f95a2868fc29d0c19f44b7f26c83a18cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6636832657936373745
age
12765
x-content-type-options
nosniff
expires
Sat, 29 Mar 2025 03:17:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 22 Mar 2025 03:17:36 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23172
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503200101"
AGSKWxVuQxZYBRWipw8BU5St7yTmS7244h77aC4y5rBgC2KnsJsttO7H7NGYITBWM6ijUVYlTFLi7IWWEJykYANaEo4VotaRsapYV9r2wpzxXquVdWVAxCn39k9ODqsHFOnt80vyFlMr8g==
fundingchoicesmessages.google.com/f/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVuQxZYBRWipw8BU5St7yTmS7244h77aC4y5rBgC2KnsJsttO7H7NGYITBWM6ijUVYlTFLi7IWWEJykYANaEo4VotaRsapYV9r2wpzxXquVdWVAxCn39k9ODqsHFOnt80vyFlMr8g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyNjI2MjIxLDI1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJEbFctTC0zS0pyTSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCJ3cXpmci5vbnRyYWtpbmMuY29tIl0sWzI1LCJbWzMxMDYxNjkxLDMxMDYxNjkzXV0iXSxbMjksImZhbHNlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
3cf0ce955eb104c4961f77eb69ecefe5d5f01367642f2beafe6c2384ff989adf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p4OnWbSNc8e92to5M3HRTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjctDikmLw1ZBiOHHrNtMFIG69eY51OhAbrT3P6gLEhgqXWJ2B-P66S6zPgfhD_WXWH0BcJHGFtQWIhXg41u7-uY9N4MGHTW2MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRqYGxkYGegZG8QUGAFfhMWs"
content-security-policy
script-src 'report-sample' 'nonce-p4OnWbSNc8e92to5M3HRTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9D3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28720
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Mar 2025 06:48:30 GMT
expires
Sat, 22 Mar 2025 07:38:30 GMT
last-modified
Mon, 17 Mar 2025 19:42:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		0
0
ob.js
cdn-ima.33across.com/ 		0
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		0
0
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
b6c5af2d5c532a14b5aa51656c9d5e8be329b1424ec1df2947ad2de309622448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-a641"
cross-origin-resource-policy
cross-origin
expires
Sun, 23 Mar 2025 06:50:21 GMT
access-control-allow-origin
*
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
AGSKWxX-SELbf2Q0g6aWOzf8IPJQSkiKVhZEYQBkK7DSruEIVdc6iNx4j7b6HnN-7MzsESzmO8o7r4nFzjbjyt8je4YnRpzmipcn8OZOWmKcNU9EPUueKzf0v8AzA3yOl78f1kAzLeiM4g==
fundingchoicesmessages.google.com/f/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX-SELbf2Q0g6aWOzf8IPJQSkiKVhZEYQBkK7DSruEIVdc6iNx4j7b6HnN-7MzsESzmO8o7r4nFzjbjyt8je4YnRpzmipcn8OZOWmKcNU9EPUueKzf0v8AzA3yOl78f1kAzLeiM4g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyNjI2MjIxLDI5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGFpbnQudG95cy9vaWwvIixudWxsLFtbOCwiRGxXLUwtM0tKck0iXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsyNCwid3F6ZnIub250cmFraW5jLmNvbSJdLFsyNSwiW1szMTA2MTY5MSwzMTA2MTY5M11dIl0sWzI5LCJmYWxzZSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
5548d5dc643469b5b1d1b50a81f29ec8f9c85e9b2b5fb6735a1ea0fbf1f8d3f6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-iU1BiIgObdqpkeon8JdzlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmLw0pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjW7v65j01gw9PWGYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpgbGRgZ6BkbxBQYAFsQsBA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-iU1BiIgObdqpkeon8JdzlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
syncframe
gum.criteo.com/ Frame 520C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Mar 2025 06:50:21 GMT
server
Kestrel
server-processing-duration-in-ticks
444626
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
iframe.html
cdn.intergient.com/pageos/V.20250317.1/iframe/ Frame 9A60 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

age
677
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
9243c11a1aad4d8d-FRA
content-encoding
br
content-type
text/html
date
Sat, 22 Mar 2025 06:50:21 GMT
hw-country-code
SE
last-modified
Tue, 18 Mar 2025 13:17:48 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		382 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01edacef94a8c2808e4243fa08ff501c71c906e3df44760cceb1e064cb593059

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"bb656d0aed297b2a6a610015bc7dd5c3"
age
45
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ZdW3dvvGkrlIuhClYo_p23CNQuUsCdlfSPa3GWt_0vBhcLkBI_Ci7g==
date
Sat, 22 Mar 2025 06:49:37 GMT
content-type
application/javascript
last-modified
Wed, 19 Mar 2025 16:21:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
313f28e0-09ff-4a9c-8970-d9f439b8d315
https://paint.toys/ 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=wpa-U19kcE5DeUFXJTJCZEtqUjhIJTJGcVFlMXdTOGp4ZVN4enJ4Z3pDT1lzdVFSd2JNVFpLaCUyRnN5OHdDRGxZTyUyRnhNZFNMMkQ1YSUyQlJLbUpTV0hZYkZYTzBCbVJpOVlnWnlWTnBBeDBGR1c0YjN0ZEFlc2lCazMlMkYlMkY1RTFQbEFtUW1pVkVwYUFkR001dWJqSzhVZ0JKTWFkQUV1MVR3dyUzRCUzRA&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paint.toys
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 22 Mar 2025 06:50:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
248125
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
474.9e5e7d94b0ad365e11fa.js
cdn.intergient.com/pageos/V.20250317.1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250317.1/474.9e5e7d94b0ad365e11fa.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/runtime.07fff44937b43c189a2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"f32f7966b1a24d5db4c7e8891271dc87"
age
6417
cf-ray
9243c11d9af6d223-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 13:17:41 GMT
vary
Accept-Encoding
server
cloudflare
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		434 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
cafe /
Resource Hash
37d93bfacd1a8351ce92af7958ae895d694f25affb8e81ce29aaebbb9889fe7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
16906144002946726589
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 06:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
140682
x-xss-protection
0
server
cafe
prebid
id5-sync.com/api/config/ 		194 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
p3p
CP="CAO PSA OUR"
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.201.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-201-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=utf-8
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		0
0
any
idx.liadm.com/idex/did-0046/ 		0
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jpy9vvkp2jv83e2mpwe64x31&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.236.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-236-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3599, private
trace-id
3e71029ad808713d
request-time
1
access-control-allow-credentials
true
expires
Sat, 22 Mar 2025 07:50:21 GMT
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
vary
Origin
json
gum.criteo.com/sid/ 		429 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=wpa-U19kcE5DeUFXJTJCZEtqUjhIJTJGcVFlMXdTOGp4ZVN4enJ4Z3pDT1lzdVFSd2JNVFpLaCUyRnN5OHdDRGxZTyUyRnhNZFNMMkQ1YSUyQlJLbUpTV0hZYkZYTzBCbVJpOVlnWnlWTnBBeDBGR1c0YjN0ZEFlc2lCazMlMkYlMkY1RTFQbEFtUW1pVkVwYUFkR001dWJqSzhVZ0JKTWFkQUV1MVR3dyUzRCUzRA&cw=1&pbt=1&lsw=1&gdpr=0
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fe2949e835099dd8cc51469c3a1365f3bd39d15c534cb3ddb1d969b9f78e7404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
application/json
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
897193
expires
0
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:20 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250317.1/main.f0f340b0ce95dd31546d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/octet-stream
server
nginx/1.24.0
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
4980
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
N1riipOS-DD9ERswo71IqnsrZ7HYutpHo04zoUju9L72eU4F5bWepQ==
date
Sat, 22 Mar 2025 05:27:22 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		563 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
e91c87de4de6d6ac01cf83cc344603d7f3e7a4c07a21628997bbfbdc4506dad4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600
age
2919
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
d8_5yBfmonmK3IiyqIeqmiWowM-m2wI1ojIO82xJB30CuscFOeSxBw==
date
Sat, 22 Mar 2025 06:01:42 GMT
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
57234c0361bef55cff0569a18aa6d5be13af21f714f8eea3d56e4a35badf0ff0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
7529
access-control-allow-credentials
true
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Hit from cloudfront
content-length
3516
x-amz-cf-id
FGfqHmv3HU_vUaPzYitJyBTFs69Oe1mgUupjtAWN0yH43uHeGUQoXg==
date
Sat, 22 Mar 2025 04:44:52 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&pid=9iE5sd42CQUlU&cb=0&ws=1600x1200&v=25.317.1635&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-72.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
xqXTWfiiV5uTJFE0WxeyUyvpBMtS9apkNUB58KHjdctJjQUhMgijpw==
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-C2
server
Server
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: wqzfr.ontrakinc.com
URL: https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.32.85 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-122-32-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Sat, 22 Mar 2025 07:05:21 GMT
accept-ranges
bytes
content-length
17407
date
Sat, 22 Mar 2025 06:50:21 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: wqzfr.ontrakinc.com
URL: https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
12835
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
RHUa5JYKF24c96OCfOVTBHNlHJv6DOUMYjwWQyrxbITuqZcH79Q2Cg==
date
Sat, 22 Mar 2025 03:16:27 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ 		11 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&_it=amazon&partner_id=403
Requested by
Host: wqzfr.ontrakinc.com
URL: https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=432000
cf-cache-status
HIT
etag
"ba4f7a703ea78ac1b72b5fe1be4fb407"
age
443
x-amz-request-id
FNSGRM2T2X0F3SP6
cf-ray
9243c11e2fbf1c20-FRA
accept-ranges
bytes
content-length
11
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 20:48:49 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
mbaMHu2ugRuAWUTez/9CDUHmCcsdQSTzdB/ybJIe4z6r4sn+n/8rdvXYTZ8sZvLgeGqzwd30XWY=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: wqzfr.ontrakinc.com
URL: https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e564885fc7998fec2377b49a57c4782c87bcb182860d49aabbf13dee8b462b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"ed4a9d16ae9394e15a61af8ca1cb1e39"
age
9
expires
Sat, 22 Mar 2025 07:50:21 GMT
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/javascript;charset=utf-8
last-modified
Mon, 17 Mar 2025 13:20:02 GMT
vary
Accept-Encoding
x-amz-id-2
Qbctbsh0bkf25FBxc6TDayx+3XFCRipx8lheRHe37ClMojOfW56ZQnQe1+yiA1c3gKj4ZyuYxgX9K0k8y2macVdFR+rse2VGGO8suY/chZk=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
KY3X0DZJJ97FCAS0
cf-ray
9243c11e2becd27e-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: wqzfr.ontrakinc.com
URL: https://wqzfr.ontrakinc.com/6opxf4z1dtyth09qybzt9pkb4Rc1hXdFRuSUJuT0FCaDZmcXFXUXotMjM0MC0yNjc0NTI0Mi0wZmE5MDI2YS0zMTQyLTNpYW5NRk9UYWFyaGNmYlByZ2o5/hutgwipkmkyw0bdva7wbw233a89rbyq3q/wddkls
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.32.85 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-122-32-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Sat, 22 Mar 2025 07:05:21 GMT
accept-ranges
bytes
content-length
5252
date
Sat, 22 Mar 2025 06:50:21 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
483.json
id5-sync.com/g/v2/ 		385 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
f8e069a600dc9b1a5ca235dcee2f8dbdd0d4d3de43343e27210e1cc9ae7af290
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
topics_frame.html
pa.openx.net/ Frame 489E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
supports-loading-mode
fenced-frame
x-allow-fledge
true
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 33C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=58087
content-encoding
gzip
content-length
859
content-type
text/html
date
Sat, 22 Mar 2025 06:50:21 GMT
expires
Sat, 22 Mar 2025 22:58:28 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie_sync
prebid.intergient.com/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.intergient.com/cookie_sync
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a86eaf863335174a456b5c25cfc7bea6855fe13f9a4885194b03324d0129de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1742626221&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=GhHvKHhVboHvdSgIM%2B2hq0RzuvIcPqb%2BWSbpQi4Wa%2Fc%3D"}]}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json; charset=utf-8
vary
Origin
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1742626221&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=GhHvKHhVboHvdSgIM%2B2hq0RzuvIcPqb%2BWSbpQi4Wa%2Fc%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
9243c11e8bc6dbf7-FRA
access-control-allow-origin
https://paint.toys
server
cloudflare
auction
prebid.intergient.com/openrtb2/ 		394 B
951 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.intergient.com/openrtb2/auction
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c8942fd0621edece087aeca10bfc2c5030d61d8879510dc715e022d42293c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1742626221&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=GhHvKHhVboHvdSgIM%2B2hq0RzuvIcPqb%2BWSbpQi4Wa%2Fc%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
application/json
vary
Origin
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1742626221&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=GhHvKHhVboHvdSgIM%2B2hq0RzuvIcPqb%2BWSbpQi4Wa%2Fc%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
9243c11e8bc5dbf7-FRA
access-control-allow-origin
https://paint.toys
x-prebid
pbs-go/unknown
server
cloudflare
fastlane.json
fastlane.rubiconproject.com/a/api/ 		688 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=fd6520ea-cfe1-49a5-80c9-110c6d864de2%5E1&eid_criteo.com=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA%5E1&eid_linkedin.com=806aa69e-74f5-4ecc-8560-1bd6a1b6cbf4%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2f7a2dd0-856a-4af3-8f17-7efd3b751123&l_pb_bid_id=531ca4e50ff862c&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=58c0963e-a863-4efa-872c-0d4f9455873b&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.9328540157431544
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
3d9479d73406c160330cd10ba06865a170cd1b66ee49df473dab5d4d0975e5c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		520 B
858 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=fd6520ea-cfe1-49a5-80c9-110c6d864de2%5E1&eid_criteo.com=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA%5E1&eid_linkedin.com=806aa69e-74f5-4ecc-8560-1bd6a1b6cbf4%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_btf&tg_i.pbadslot=pw-160x600_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2f7a2dd0-856a-4af3-8f17-7efd3b751123&l_pb_bid_id=54b1bdd22da7b53&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=ffa93212-d245-4221-8c0a-42452403a9d1&rp_maxbids=1&p_gpid=pw-160x600_btf&m_ch_mobile=%3F0&slots=1&rand=0.9456426486411229
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
4c331ee29f15df36754fb44546469e4aed2c7cd319f9eb93b4f6e3ee39322416

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
520
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		526 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=fd6520ea-cfe1-49a5-80c9-110c6d864de2%5E1&eid_criteo.com=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA%5E1&eid_linkedin.com=806aa69e-74f5-4ecc-8560-1bd6a1b6cbf4%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_atf&tg_i.pbadslot=leaderboard_atf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2f7a2dd0-856a-4af3-8f17-7efd3b751123&l_pb_bid_id=55e0a8509b62623&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=e9930d63-283f-4e26-976c-c5e965b628ec&rp_maxbids=1&p_gpid=leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.6256688520988725
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
eb3e0004c3b6bc6e7823e4a5f831a8eeb98494f872b6cc3c289ab1c42f504dfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
526
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		526 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=fd6520ea-cfe1-49a5-80c9-110c6d864de2%5E1&eid_criteo.com=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA%5E1&eid_linkedin.com=806aa69e-74f5-4ecc-8560-1bd6a1b6cbf4%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_btf&tg_i.pbadslot=leaderboard_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2f7a2dd0-856a-4af3-8f17-7efd3b751123&l_pb_bid_id=561fab0a9d7d413&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=dab70058-21e5-4430-9a63-d342bae65211&rp_maxbids=1&p_gpid=leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.2469493658396431
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
aeebbe58236278e7d948d59ab330dde6efe5888e88c08b49d9808ccf14d54bd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
526
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.124.119 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 22 Mar 2025 06:50:22 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.124.119 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 22 Mar 2025 06:50:22 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.124.119 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 22 Mar 2025 06:50:22 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.124.119 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 22 Mar 2025 06:50:22 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
prebidjs
rtb.openx.net/openrtbb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		468 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ca23dd968eeeb1b59eb879fec171a742fe1669a24098052f567895e6aceb7648
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
172.111.204.130; 172.111.204.130; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://paint.toys
an-x-request-uuid
046051dd-a680-400c-a260-e63d180c5d73
content-length
468
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 22 Mar 2025 06:50:21 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
imp
g2.gumgum.com/hbid/ 		2 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1742626221819&to=-60&id5Id=0&id5IdLinkType=null&aun=pw-160x600_atf&id5id=0&pubcid=fd6520ea-cfe1-49a5-80c9-110c6d864de2&criteoId=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.58.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-58-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1742626221820&to=-60&id5Id=0&id5IdLinkType=null&aun=pw-160x600_btf&id5id=0&pubcid=fd6520ea-cfe1-49a5-80c9-110c6d864de2&criteoId=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA&gpid=pw-160x600_btf&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.58.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-58-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1742626221820&to=-60&id5Id=0&id5IdLinkType=null&aun=leaderboard_atf&id5id=0&pubcid=fd6520ea-cfe1-49a5-80c9-110c6d864de2&criteoId=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA&gpid=leaderboard_atf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.58.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-58-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1742626221820&to=-60&id5Id=0&id5IdLinkType=null&aun=leaderboard_btf&id5id=0&pubcid=fd6520ea-cfe1-49a5-80c9-110c6d864de2&criteoId=zvEDhF9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRnNwQ2oyYWVpNWxDJTJCRG1ha1RhQjNvRSUzRA&gpid=leaderboard_btf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.58.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-58-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
server
nginx
auction
tlx.3lift.com/header/ 		19 B
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.11.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&gdpr=false&fledge=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.78.168.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-168-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model
access-control-allow-credentials
true
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://paint.toys
x-auction-status
29, 29
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.106.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-106-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.106.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-106-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.106.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-106-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.106.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-106-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
playwire
direct.adsrvr.org/bid/bidder/ 		0
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/playwire
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
0
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
hbjson
grid.bidswitch.net/ 		23 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
daafe3ba0724c09b3460ab03fe9754c6c441328efd9fb554a0e45f19cdce92cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store, must-revalidate, no-cache
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
hb-multi
hb.yellowblue.io/ 		84 B
626 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-4.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e9ea6aec37ffb58c5f2dbc97282004904eccc2bac1aa7be973151a9aa1bf78c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
109
x-amz-cf-id
vdeEQsqYDpnx9aZE_7VRS8OOUugTdVWGN0J26AOpMQTKvVLOPke5mw==
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P4
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
526 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.11.0&cb=41584705812&lsavail=1&bundle=zFSfIF9kcE5DeUFXJTJCZEtqUjhIJTJGcVFlMXdTJTJGbFQ1WXA2Sk9BM2luWW5meWh0SjVwSW05R3NoVWNnUVBEa1Ayc3cyUnJvUnFMRENDclpOcXFuQSUyRnZLeCUyRlBrUUpZUFFvNVNLUGt5SkUyQldMSXF1cVljWFRSdzc1UzJhMVZRc0gxeHRNbzBrY1ZmYVlMJTJCbVg1TklWTmpkNldGOHclM0QlM0Q&networkId=6163
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.38 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031634
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c393e82e2da0fd205dca27b537f0cb3eb128316949aa84e169054bf85c6bebe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O670gO0OLbGXBJkUcaJvqV9hZG88t51NCyI2tvaCp7bWQuLo7lR1okWaLSVxHJzoV1edhSlD8HE4vSFrVrouQ4tLPQQv74Vj%2BmDGMduEre%2FOHUzIDXExc4I9eQ4hiwYcz7qS92M6"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
9243c11e9b2bdc5a-FRA
access-control-allow-origin
https://paint.toys
content-length
1715
server
cloudflare
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpaint.toys%2Foil%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 06:50:21 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
35
date
Sat, 22 Mar 2025 06:50:21 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.32.85 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-122-32-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Sat, 22 Mar 2025 07:05:21 GMT
accept-ranges
bytes
content-length
17042
date
Sat, 22 Mar 2025 06:50:21 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.158.223.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
ams02-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Sat, 22 Mar 2025 07:20:21 GMT
access-control-allow-origin
https://paint.toys
content-length
190
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json
vary
Origin
server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame D80A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_con...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
9243c11f99b3d2f3-FRA
content-encoding
br
content-type
text/html
date
Sat, 22 Mar 2025 06:50:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fkiiki6EtNmtgSAb304WLbzwxLFDDbsIMxU%2B97Z3SofLgQuEEoXO2rhcJprDZOl3Tm7P%2FLqmezWTTWCSsQ9HD9IduH0OWyb4myeBAHscwqz3nOTxjJiAN6YpENu4SA0q4R2AqnovRXGPzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
9243c11f5969d2f3-FRA
content-length
0
date
Sat, 22 Mar 2025 06:50:22 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MseCu95CDTMCVWk%2BIFw6j8o6N0utDofVzKvWsDvO4qRVRdQqY8KhT4kDDxt16sA2kOfDg026ar4tVa5usssed9UQWSy1r5lF8SI1KoPypKh2JPKyri27SYjWd3o8h9Ucsaq5AfYimE3c%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ads_iframe.
fundingchoicesmessages.google.com/f/AGSKWxVP6rZ9UMDir1FQZrmu3GfRpiHIpJPgz_jR3q6tgrD9wHQ0KlpXLvQpTbV2MpeupYBq8ihzOhlO1TXTzjUecCJcwAt6L22qxrDruNouuHVPoFY4EAJ4El0NYlVadUEW-gdTny3NtOS6vVoK_0aOlFXAjTWxC... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVP6rZ9UMDir1FQZrmu3GfRpiHIpJPgz_jR3q6tgrD9wHQ0KlpXLvQpTbV2MpeupYBq8ihzOhlO1TXTzjUecCJcwAt6L22qxrDruNouuHVPoFY4EAJ4El0NYlVadUEW-gdTny3NtOS6vVoK_0aOlFXAjTWxCG-09m8wLDk5yaXKRXZITvaegby1DkhO/_/ad-loader./adsnip./uk.ads./adv-scroll./ads_iframe.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
6bd394edbb00a6e2f510e38c8bb68784a6a1652eaf2b142af2e0fa2152ab1dbc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qmntMaDB40loWtlMNHwcNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmJw0pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjW7v65j01gxZv-88xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpgbGRgZ6BkbxBQYAHrosPg"
content-security-policy
script-src 'report-sample' 'nonce-qmntMaDB40loWtlMNHwcNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
6d03166137610370c00d5af20236e916aee1b3d4e2f8b5ed1293b5ed0f050c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
15701659039819268536
age
1668
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 07:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 22 Mar 2025 06:22:33 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
14994
x-xss-protection
0
server
cafe
AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o0JwuqObEtlzbE2MosuKDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1JBi-FB_mfUHEAvxcKzd_XMfm8CHVyevMiu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwNjIwM9A7P4AgMArj0lcg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o0JwuqObEtlzbE2MosuKDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVgZG-bGWo4gxcutlH2MRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0ZBi-FB_mfUHEAvxcKzd_XMfm8CB7ndXmZVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqYGxkYGegVl8gQEAk2QlEw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVgZG-bGWo4gxcutlH2MRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-goTdwZyumMbRQAdZOdo3jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1JBi-FB_mfUHEAvxcKzd_XMfm0DDhPm3mJVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqYGxkYGegVl8gQEAa9ckiw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-goTdwZyumMbRQAdZOdo3jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5Gv-A4gZB3wFY5iQ87YL9edgDbYSH-LBKNWzUvVjxUEsn4LpkbXH54q-54TAKud-OW8dZJHNFNFbA4CxYLaEVwXP_9o4QuCZDwoYlW8w5yUCglU8EvEwdCwGgbpRyfR8wW-TE6A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fRdgux7KjAY8zUuHHiXPaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBi-FB_mfUHEAvxcKzd_XMfm8CMlzduMCu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwNjIwM9A7P4AgMAnKolNA"
content-security-policy
script-src 'report-sample' 'nonce-fRdgux7KjAY8zUuHHiXPaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX8dKqtfG0ob2MDd_pOeqGCuodilul2shRaNypPfsg1JlNinuwZM9GoANyPf8M9D80Iw03Dw3ob7QB27o48A-8w3nXHqDGqQ3pElRPK1fI1CamLoIJIZ9ciC8vgyerVYyQRrvYBlA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX8dKqtfG0ob2MDd_pOeqGCuodilul2shRaNypPfsg1JlNinuwZM9GoANyPf8M9D80Iw03Dw3ob7QB27o48A-8w3nXHqDGqQ3pElRPK1fI1CamLoIJIZ9ciC8vgyerVYyQRrvYBlA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyNjI2MjIxLDk4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJEbFctTC0zS0pyTSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCJ3cXpmci5vbnRyYWtpbmMuY29tIl0sWzI1LCJbWzMxMDYxNjkxLDMxMDYxNjkzXV0iXSxbMjksImZhbHNlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
5703df03048e111c3aa2973e85fa6ea247933efd0e17ddfadb86780e9816f881
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4ccKwWdnfQRXaSsDCu83Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstHikmJw0JBiUAjbydR68xzrdCA2Wnue1QWIDRUusToD8f11l1ifA_GH-susP4C4SOIKawsQC3FzrNv9cx-bwI87p5mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTA2MjQz0DIziCwwAdq0tHQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4ccKwWdnfQRXaSsDCu83Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.32.85 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-122-32-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Sat, 22 Mar 2025 07:05:21 GMT
accept-ranges
bytes
content-length
67550
date
Sat, 22 Mar 2025 06:50:21 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
AGSKWxXl-WuGKIkGXWCf6fFjo2I2d8g_tnEE1_WtayuPevOTt2bslOAJ--itAzM84zP-gLWds3A_LcTiWEETn7tRxj8_UAo6aDbM8QzL5pacInRdIhrQfCE3wXSBRi0TlIJssgIMb8aPsQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXl-WuGKIkGXWCf6fFjo2I2d8g_tnEE1_WtayuPevOTt2bslOAJ--itAzM84zP-gLWds3A_LcTiWEETn7tRxj8_UAo6aDbM8QzL5pacInRdIhrQfCE3wXSBRi0TlIJssgIMb8aPsQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DlW-L-3KJrM.es5.O/d=1/rs=AJlcJMyHfBuFMSM37TeF1dE1vzw9gpOtNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6z2gvIScARVo9xOuY-vxcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0pBi-FB_mfUHEAtxc6zb_XMfm8CCS4f4lFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGpgbGRgZ6BWXyBAQBKTyQ6"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6z2gvIScARVo9xOuY-vxcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
j
rp.liadm.com/ 		13 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1742626222188&did=did-0046&se=e30&duid=8e413bd09c43--01jpy9vvkp2jv83e2mpwe64x31&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&cd=.paint.toys
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.28.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-28-172.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

x-pixel-event-id
11c4764f-7fac-4b66-bf79-ecd3d59b82a8
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
content-length
13
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=236560793511514&correlator=3062525813656729&eid=83321072%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202503180101&ptt=17&impl=fifs&gdpr=0&npa=1&iu_parts=154013155%2C1024872%2C74068%2Cpublisher%3A1024872-website%3A74068-160x600%2Cpublisher%3A1024872-website%3A74068-160x600-CP%2Cpublisher%3A1024872-website%3A74068-160x600-CP-160x600&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=160x600%7C120x600&ifi=1&dids=pw-160x600_atf&adfs=3640230632&sfv=1-0-41&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1742626222278&lmt=1742626222&adxs=20&adys=614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&rumc=236560793511514&rume=1&vis=1&psz=180x1097&msz=160x-1&fws=4&ohw=180&topics=5&tps=5&htps=5&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJGZkNjUyMGVhLWNmZTEtNDlhNS04MGM5LTExMGM2ZDg2NGRlMlgBEh0KDmVzcC5jcml0ZW8uY29tGMzZ9-TbMkgAUgIIZBIUCgVvcGVueBjP2vfk2zJIAFICCG0SGwoMMzNhY3Jvc3MuY29tGMzZ9-TbMkgAUgIIZBIXCghydGJob3VzZRjR2vfk2zJIAFICCG0.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742626220837&idt=308&prev_scp=pos%3Datf%26slot_id%3Dpw-160x600_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3D160x600%26lld_id%3D5e00f2f51082485c9fa9029a36224dc926221741%26price_floor%3Dna%26amznbid%3D2%26amznp%3D2&cust_params=pf_src%3Dml%26li-module-enabled%3Dt1-e0%26salad%3Dchef%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_casual%26referrer%3Dhttps%253A%252F%252Fwqzfr.ontrakinc.com%252F%26tyche_code%3DV.20250317.1%26pageos_code%3DV.20250317.1%26config_id%3D1024872_74068_primary_config%26hour%3D7%26day%3DSaturday%26referrer_domain%3Dwqzfr.ontrakinc.com%26OS%3DLinux%2520null%26browser%3DChrome%2520134%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26website_id%3D74068%26refresh_count%3D0%26tyche_version%3DV.20250317.1%26ab_test%3Dna_A%26page_focus%3Dtrue&adks=2747221344&frm=20&eoidce=1&td=1&egid=19013&tan=15674457-57f5-42e5-b743-15520b865ede&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
fce3e52993b544a8f38cbd2038d10b8b8ed4908e8647268b4ce323acfda4b469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
8633
x-xss-protection
0
server
cafe
container.html
4dac8df277be53075c39a5064ebf44b1.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame F1F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4dac8df277be53075c39a5064ebf44b1.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Mar 2025 06:50:22 GMT
expires
Sat, 22 Mar 2025 06:50:22 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bounce
id5-sync.com/ 		30 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v3
id5-sync.com/gm/ 		452 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
362c61f050c9ce6aa0801311921047fa321d5b7769960c375d520825206f9fbf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
pbs_sync
sync.cootlogix.com/api/user/html/ Frame 2483 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/user/html/pbs_sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dvidazoo%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BuserId%7D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.23.71 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
252
content-type
text/html
date
Sat, 22 Mar 2025 06:50:22 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012502032353000/ Frame B356 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
2c0f5885b10cbf98b2662d8f92a84ca1ed212ef22212dc2fe2254c52cce7cbf9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"29f4c948e21f9767"
age
351349
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Wed, 18 Mar 2026 05:14:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 18 Mar 2025 05:14:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56121
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame B356 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
6bb2ae08e0ac99e68f86a0c328eff4fadf602ff0708f5ed15f0beab736fb9936
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"e6de802dd8a82ae9"
age
341413
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Wed, 18 Mar 2026 08:00:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 18 Mar 2025 08:00:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5225
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame B356 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
b9ab3ca5311cddda666128da1a9ad7b090d4766e02b742a3df3edef43a49983a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"fc9ea00fddc3bc2d"
age
369106
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Wed, 18 Mar 2026 00:18:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 18 Mar 2025 00:18:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29095
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame B356 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
856aca2aa33b640c12ef6a7d19d6e5cad74b85dbb01c42b7beb59de3613b83f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"df539a766c224b82"
age
340670
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Wed, 18 Mar 2026 08:12:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 18 Mar 2025 08:12:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1902
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame B356 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
d261d2d57a7427405a765113057358f49b2d1a65f79d67a49366a477d06aa89f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"affa94a736c3c3db"
age
341581
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Wed, 18 Mar 2026 07:57:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 18 Mar 2025 07:57:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12940
x-xss-protection
0
server
sffe
truncated
/ Frame B356 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36bd9dba2b300e0cafdb291f41949dc889967c013b5da5f168b5fca4801794a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
16210983191265280379
tpc.googlesyndication.com/daca_images/simgad/ Frame B356 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16210983191265280379
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
c064309b1deebbe24b6e95b14d0367be6c5fc87f720cfe17c5c0de9057b33324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

age
340361
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 18 Mar 2026 08:17:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 18 Mar 2025 08:17:41 GMT
last-modified
Mon, 23 Dec 2024 12:52:01 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
34638
x-xss-protection
0
server
sffe
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B356 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
15880770647744369592
age
75991
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 09:43:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2982
x-xss-protection
0
date
Fri, 21 Mar 2025 09:43:51 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
adchoices_blue_wb.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B356 		209 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
2799713854418114702
age
57386
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 14:53:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
209
x-xss-protection
0
date
Fri, 21 Mar 2025 14:53:56 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
l
www.google.com/ads/measurement/ Frame B356 		0
0
/
www.googleadservices.com/pagead/ar-adview/ Frame B356
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C9IlRrl3eZ7bGE8rd1PIPjMuKqAjiiJCEfrWo26W6E9rZHhABIPub1Ulg7QKgAcD83eECyAEC4AIAqAMByAMIqgSGA0_Qqp5vslGsL01mLGORUSBnBVcqcjjey6pxL2bBph8uYkBJsV7d...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe23de930fe7f72e50000000000000000%22,%222%22:%220xede9ea8ec9e767e70000000000000000%22,%223%22:%220xb0ea49...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe23de930fe7f72e50000000000000000%22,%222%22:%220xede9ea8ec9e767e70000000000000000%22,%223%22:%220xb0ea49ff3e4e46d60000000000000000%22,%224%22:%220xe0efb56f430893e40000000000000000%22,%225%22:%220xf2e6662bf6679f520000000000000000%22},%22debug_key%22:%2213701196823528854700%22,%22debug_reporting%22:true,%22destination%22:%22https://simple-life-app.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22741834304%22],%2222%22:[%22true%22],%224%22:[%2203-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216958163755108980177%22}&andc=true
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 22 Mar 2025 06:50:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 22 Mar 2025 06:50:22 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xe23de930fe7f72e50000000000000000","2":"0xede9ea8ec9e767e70000000000000000","3":"0xb0ea49ff3e4e46d60000000000000000","4":"0xe0efb56f430893e40000000000000000","5":"0xf2e6662bf6679f520000000000000000"},"debug_key":"13701196823528854700","debug_reporting":true,"destination":"https://simple-life-app.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["741834304"],"22":["true"],"4":["03-22"],"6":["true"]},"priority":"500","source_event_id":"16958163755108980177"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe23de930fe7f72e50000000000000000","2":"0xede9ea8ec9e767e70000000000000000","3":"0xb0ea49ff3e4e46d60000000000000000","4":"0xe0efb56f430893e40000000000000000","5":"0xf2e6662bf6679f520000000000000000"},"debug_key":"13701196823528854700","debug_reporting":true,"destination":"https://simple-life-app.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["741834304"],"22":["true"],"4":["03-22"],"6":["true"]},"priority":"500","source_event_id":"16958163755108980177"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 22 Mar 2025 06:50:22 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
syncframe
gum.criteo.com/ Frame EDC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paint.toys&gpp=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Mar 2025 06:50:22 GMT
server
Kestrel
server-processing-duration-in-ticks
881362
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ixmatch.html
js-sec.indexww.com/um/ Frame F214 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

age
539
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
9243c1233beaa5f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 22 Mar 2025 06:50:22 GMT
expires
Sat, 22 Mar 2025 10:50:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B480 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.245.145 Doha, Qatar, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-245-145.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 22 Mar 2025 06:50:22 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
/
sync.cootlogix.com/api/sync/iframe/ Frame 8915 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.23.71 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Sat, 22 Mar 2025 06:50:22 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8629 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
79197
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 22 Mar 2025 06:50:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 23 Jan 2025 21:34:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
129464, 267498
X-Served-By
cache-lga21993-LGA, cache-fra-eddf8230071-FRA
X-Timer
S1742626223.599455,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B61B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=106888
content-encoding
gzip
content-length
6694
content-type
text/html
date
Sat, 22 Mar 2025 06:50:22 GMT
expires
Sun, 23 Mar 2025 12:31:50 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 7FA1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
sync
eb2.3lift.com/ Frame 2561 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 22 Mar 2025 06:50:22 GMT
prebid
id5-sync.com/api/config/ 		195 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
7e4d2c9111e1ca31b5e2e4bfd5a66925f07c0c232672f31481c6b66a89b26f16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.201.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-201-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
application/json;charset=utf-8
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		0
0
any
idx.liadm.com/idex/did-0046/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jpy9vvkp2jv83e2mpwe64x31&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.236.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-236-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
max-age=3599, private
trace-id
3e71029ad808713d
request-time
1
access-control-allow-credentials
true
expires
Sat, 22 Mar 2025 07:50:21 GMT
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
vary
Origin
json
gum.criteo.com/sid/ 		423 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=zFSfIF9kcE5DeUFXJTJCZEtqUjhIJTJGcVFlMXdTJTJGbFQ1WXA2Sk9BM2luWW5meWh0SjVwSW05R3NoVWNnUVBEa1Ayc3cyUnJvUnFMRENDclpOcXFuQSUyRnZLeCUyRlBrUUpZUFFvNVNLUGt5SkUyQldMSXF1cVljWFRSdzc1UzJhMVZRc0gxeHRNbzBrY1ZmYVlMJTJCbVg1TklWTmpkNldGOHclM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7a17182eb202b7954eaee80e6a277c9f023433b9b2c04ceadae907c1869ff9ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
content-type
application/json
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
922679
expires
0
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
usersync
match.adsrvr.org/track/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-length
70
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
image/gif
server
Kestrel
sync
x.bidswitch.net/ 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=zFSfIF9kcE5DeUFXJTJCZEtqUjhIJTJGcVFlMXdTJTJGbFQ1WXA2Sk9BM2luWW5meWh0SjVwSW05R3NoVWNnUVBEa1Ayc3cyUnJvUnFMRENDclpOcXFuQSUyRnZLeCUyRlBrUUpZUFFvNVNLUGt5SkUyQldMSXF1cVljWFRSdzc1UzJhMVZRc0gxeHRNbzBrY1ZmYVlMJTJCbVg1TklWTmpkNldGOHclM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paint.toys
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 22 Mar 2025 06:50:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
245160
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:21 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
483.json
id5-sync.com/g/v2/ 		385 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
245c1d3d91b010ae1fab47463fbc440dd10804e333ec87ba1a231318bc99c310
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 22 Mar 2025 06:50:22 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
si
googleads.g.doubleclick.net/pagead/drt/ Frame B356
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
view
securepubads.g.doubleclick.net/btr/ Frame B356 		0
0
csi
csi.gstatic.com/ Frame B356 		0
534 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1742626222684&c=236560793511514&qqid=CLbV1MeMnYwDFcouVQgdjKUChQ&rt=any.link.4.25.f.e.m.k.17j9.17ax~any.script.4.27.4.s.0.0.49h.415~any.script.4.23.5.m.0.0.a7s.9zg~any.script.4.27.4.s.0.0.1p6.1gu~any.script.4.2a.a.o.0.0.moj.mg7~any.img.7.1h.d.a.0.0.qyi.qq6~any.img.8.z.16.0.0.0.0.0~any.img.8.16.5.9.m.6.e5.5t~any.img.8.1a.9.9.0.0.2j6.2au~any.img.8.1t.0.i.j.1.8c.0&met.a4a=dcl.3~ol.3~nvs.1742626222554~ini.1742626222684
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012502032353000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.35 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
sync
eb2.3lift.com/ Frame 372D
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3...
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1221
content-type
text/html; charset=utf-8
date
Sat, 22 Mar 2025 06:50:22 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 22 Mar 2025 06:50:22 GMT
location
/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0313 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=106887
content-encoding
gzip
content-length
6694
content-type
text/html
date
Sat, 22 Mar 2025 06:50:23 GMT
expires
Sun, 23 Mar 2025 12:31:50 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
match.sharethrough.com/FGMrCMMc/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.38.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-38-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
prbds2s
rtb.gumgum.com/usync/ Frame 891A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.238.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-238-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

content-length
0
date
Sat, 22 Mar 2025 06:50:23 GMT
etag
"0d41d8cd98f00b204e9800998ecf8427e"
server
nginx
timing-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 9C7B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.245.145 Doha, Qatar, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-245-145.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 22 Mar 2025 06:50:23 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 22 Mar 2025 06:50:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
server
AkamaiGHost
cm
u.openx.net/w/1.0/ Frame 9E60 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
activeview
pagead2.googlesyndication.com/pcs/ Frame B356 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuiqaCnSKSUhuRQl0i0lYYyOF18ov4dK0KjYtQA1yXa6_JSGoGDky_U88MRhuhPASyLZSAmUxTjSasbWIT0MJ9p8a4WuyoQZDChl4pPJNXe2NS0lraW2p-cEXfDzAogsRbyW5Io6QDqwze38yPMi1Do2BP2oUkxaKhXGHGSxa0cfHxemTKATguDag-ayessbrsm7I02lU&sai=AMfl-YSu5EPjNNuSfPfqQs58ererWA2on-aEgCn-nk7FJzFd3gHYYKNWpoFG7zgWFm00Drfq_ljNZr_bfCnVMgwbSqV94q379F3d75r-W6Qc-_ozUlKDqwEhlQoaMec&sig=Cg0ArKJSzGkzxdoisAWXEAE&cid=CAQSOwCjtLzMZO3-rrYqlZmhHup6P_Rvok_DoSipKgj2fmyWs08z79au4n-KymWuFzgYBANLcTFvOND-MjkbGAE&id=ampim&o=20,314&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=131&tls=1131&g=100&h=100&tt=1131&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 22 Mar 2025 06:50:23 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je53j1v9101576445za200&_p=1742626220848&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109&cid=1618780437.1742626221&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1742626220&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fwqzfr.ontrakinc.com%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5975
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to
{"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:87:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:25 GMT
content-type
text/plain
server
Golfe2
csi
csi.gstatic.com/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m8junptg&c=236560793511514&e=83321072%2C31061691%2C31061693&ctx=1&met.9=1.tx~2.w2~9.0~3_2.1rn~7_2.0~4_2.1z3~5_2.1z7~6_2.1za&met.3=112.wt_1&met.7=CBsQCMAB3ffViww~CBsQCiDPBjhVwAGGvdTyAQ~CBsQCiDPBjgQwAHD0feXDg~CBsQByDPBjgWwAHZp5ehCQ~CBsQBiDPBjgSwAHGxt27Cw~CBsQBiDPBjgZwAH-2umJBg~CBsQBiDPBjgdwAHf7-nADg~CBsQBiDPBjgmwAGflviDCg~CBsQCiDPBjg9wAGDsfCUCQ~CBsQChgBIM8GKM8GMLAHOGDAAYzV2OsE~CBsQCiClBzilAcABu4_3gQM~CBsQCiCmBzguwAHi19xZ~CDsQChgBIKYHKKYHMPgHOFJApgdIwQdQwQdY0wdgwQdo0wdw7gd4nIcCgAHwhAKIAenLBrABAbgBA8AB4s3qlgk~CBsQCiCmBzgUwAG_jh4~CBsQChgBIMUHKMUHMPgHODPAAYzV2OsE~CBsQCiDQBzgTwAG06bnjBA~CBsQCiDQBzgwwAGEianjBg~CEMQChgBILYIKLYIMNAIOBpotwhwvQh4n6QKgAHzoQqIAZzeILABAbgBA8AB7cyx7ww~CBsQCiDTCDgRwAHj3KuBDA~CBsQCiDeCDgRwAHQwYTzDw~CBsQDSDlCDgjwAHC8e7BDQ~CBsQCiDlCDgnwAH9-5jkBQ~CBsQBiDmCDgewAG1jq-qAg~CBkQChgBIIkJKIkJMJsJOBJojwlwlgl45cgBgAG5xgGIAY6ZBLABAbgBA8ABlN3A2AU~CBsQBSDTCDhdwAH9rZD2Dg~CBsQBhgBIJoJKJoJMLYJOBzAAd6F_4YN~CFIQBxgBIKgJKKgJMMIJOBpQqAlYuQlgqAloqQlwuQl4sLcBgAGEtQGIAe_7A7ABAbgBA8AB8qnq4gE~CBsQBiCaCTgqwAHa-rM3~CBsQBiCaCTgrwAHa-rM3~CEAQChgBIJEJKJEJMOAJOE9AkQlImAlQmAlYswlgnwloswlw1Al40fkDgAGl9wOIAayfDLABAbgBA8ABpYPx1w4~CD8QChgBIPIJKPIJMJQKOCNo8glwkwp4wguAAZYJiAHmELABAbgBA8ABnuqPyQ0~CCgQBRgBIPMJKPMJMJYKOCPAAaS09cEM~CBsQCiD1CTg2wAGa57v_BQ~CD8QChgBIJYKKJYKMLsKOCVolgpwtwp45iSAAboiiAH-TLABAbgBA8ABkr7JjAk~CBsQBSCtCjg5wAGh2_b2AQ~CBsQCiD1CTiDAcAByoSd_Ao~CBsQCiD1CTiFAcAB6Zz2-A8~CBsQBSCKDTgNwAH9rZD2Dg~CBsQCiCYDTgcwAGEsIjaAg~~CBsQCiCKDTg9wAGH0_WlDQ~CBsQDSClDTgtwAGE9766DQ~CBsQDSDUDTgPwAHc16HUDA~~CBsQDSDQDTgdwAGDwojKCw~~CBsQCiDTDTgowAHMxOr4CQ~~CBsQCiDnDTghwAHIrOSbCQ~CBsQCiDnDTgnwAGt14Nk~CDYQChgBIJgNKJgNMJgOOIABQJgNSJ0NUJ0NWLUNYKUNaLUNcOkNeLbNCIABissIiAHejxuwAQG4AQPAAcnjvbwF~CBsQCiDoDTgtwAGkt6rDDw~~~CCgQDRgBIMAOKMAOMNIOOBJowA5w0Q54zwKAASOIAUOwAQG4AQPAAdDvpq8E~CBsQCiDoDThuwAHR9bHnBw~CBsQCiDnDThvwAHPiujCDw~~~CBsQBSCSDjhbwAHZ6LN6~~CBsQCiDYDjggwAHg4p6qDw~~~~~~~~~CBsQBSCSDjiJAcAB1pOl2Qg~~~~~~~~CBwQChgBILEPKLEPMLoPOAlosQ9wuA94vneAAZJ1iAH9vgKwAQG4AQPAAaXK_tcI~CD8QChgBILEPKLEPMMQPOBPAAefzjPkG~CBsQDSD7DjhKwAHws_TaCQ~~CD8QDRgBILIPKLIPMNEPOCDAAebvvNYI~~CD8QDRgBILwPKLwPMNMPOBfAAebvvNYI~~CD8QDRgBIMUPKMUPMNgPOBPAAebvvNYI~CD8QDRgBIMUPKMUPMN0POBnAAebvvNYI~CD8QChgBIMUPKMUPMOoPOCVoxg9w5w94og6AAfYLiAGdF7ABAbgBA8AB9YyWvAo~CBsQCiDGDzgtwAGPio2GDA~CD8QDRgBIOsPKOsPMP8POBXAAby_rakC~~~~~~CBsQBRgBIPURKPURMKkSODNA9xFIgxJQgxJYmRJgiRJomRJwqBJ4_BmAAdAXiAHLN7ABAbgBA8ABnN-90Qs~~~CBsQDSDFEjgKwAG78a2-CQ~CBsQBSCpDzj2A8ABkeWphQw~~CA8QBBgBIPMRKPMRMPoTOIcCaPQRcPcTeOVFgAG5Q4gBhasDsAEBuAEDwAG_3prrBg~~~CBsQBSCNFDgWwAGh2_b2AQ~~CBsQBSCPFDgiwAHIg_TyBw~~CBsQBSCNFDg3wAHm2_MF~CBsQBSCPFDg1wAG8t9XoDA~CBsQBSCQFDg0wAGCh4PjDQ~CBsQBSCOFDh0wAGd0OaZCQ~CBsQBiCWFDhqwAHQjuv6Cw~~CBsQBSCQFDiPAcABqp6F0Qw~CBsQBiCWFDi2AcAB38mKoAg~CBsQBSCOFDjBAcAB6tzw4w0~CBsQBSCeEzidA8AB34WtxQQ~CBsQBSC8FjisA8ABgoeD4w0~CBsQBSDoGTgewAHIg_TyBw~CBsQBiCGGjhFwAHan7aPDQ~CBsQBSDMGjhrwAH0ibe9Bw~CBsQBSC8GzhGwAHE7_HFAQ~CBsQBSCCHDhxwAHXnYXRDA~&met.10=1_1.CAAQABiAmHUg5w0oAQ~1_1.CAAQABgAIOoRKAA~1_2.CAAQABiAmHUg-BEoAQ&qqid.1=CLbV1MeMnYwDFcouVQgdjKUChQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.35 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 22 Mar 2025 06:50:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
country
api.btloader.com/ 		0
0
pv
api.btloader.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
faucetfoot.com
URL
https://faucetfoot.com/chunks/a00a397fe29b5/0405ffa5e07972fb7922f27e951f886ecc5.app.js
Domain
ag.dns-finder.com
URL
https://ag.dns-finder.com/px.gif
Domain
oa.openxcdn.net
URL
https://oa.openxcdn.net/esp.js
Domain
cdn-ima.33across.com
URL
https://cdn-ima.33across.com/ob.js
Domain
invstatic101.creativecdn.com
URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Domain
paint.toys
URL
blob:https://paint.toys/313f28e0-09ff-4a9c-8970-d9f439b8d315
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ53YU4IsKo61qTPIzwzZIEiX6PiN0KYF9xrehjp9vl489BtnVVihy9eytWFvQSsZ_Sf934
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=C9IlRrl3eZ7bGE8rd1PIPjMuKqAjiiJCEfrWo26W6E9rZHhABIPub1Ulg7QKgAcD83eECyAEC4AIAqAMByAMIqgSGA0_Qqp5vslGsL01mLGORUSBnBVcqcjjey6pxL2bBph8uYkBJsV7dGgzcuzrwMbqIhbZjy-l409bmqaP1MpGY1X0TmJYAoPXyh7zJFtBGmPzI3fltFHTO6ze7LW-l2x3vN0z1vlA_TlZemyOFats413_YVja4Vju5dqt0C2VZs5G9Sk8HZ1spMEEVfXUI2s_e_6FczrnwxTV905PtI7OEUpzfhtWRN1rQidE2T7aZzMXiVAiN899Ld9WJlF9R6sznIIMRLK_4YwH_1k1E7fH_zgXpTZ8Ncqn4vd5cigexwyanEUx-bhQ5tUQDmzEck5wyVTskC0571zvSp53eSOWoQjg2dVxOEgNJ6Ae61RavgreBdDMld1DbzdvKe6gAE3ggkwE92c2gYmAwvOHrIOg6l2azzTyXhKpXus1vpcuOM0MWWMtCmfwRi4P6d6sVR_lea4zyKeSfVeCD5Dzww-8nQ58zdLVLT55B5wY6G2rpae4Ew7h0QQl6_30qjiW7NPl4uIq49xY65MAEicra3oMF4AQBiAXJs_PrUpIFBAgEGAGSBQQIBRgEoAYCgAeog6KeAagH1ckbqAfZtrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAfgvbECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcEEJOyAtIIKAiA4YBgEAEYHTICywI6C4BAgMCAgICgqIACSL39wTpYhp_Tx4ydjAOaCa8CaHR0cHM6Ly9zaW1wbGUtbGlmZS1hcHAuY29tLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY29udGVudD1DSUF8V3Jpc3RzX0Zhc3RpbmdCbGVuZF9SRVNfSW1hZ2VfRFAyMzJfMzAweDYwMF9FTl8xXzIzMTIyNC5qcGcmcGxhY2VtZW50PXBhaW50LnRveXMmY2FtcGFpZ25faWQ9MjIyMzc5OTM0MTcmYWRncm91cF9pZD0xNzI4MDI2MTQ1MzcmYWRfaWQ9NzMyOTY4NTQ1Mzg4fCZ1dG1fY2FtcGFpZ249V1dfRU5fR0ROX0FsbERldl9DSUFfTmVhcl9CQVVGdW5uZWxfV2ViX0NQQV8xMzAyMjUmZ2FkX3NvdXJjZT01gAoDyAsB2gwRCgsQ8PfJst_uk-6sARICAQPiDRMIjtXTx4ydjAMVyi5VCB2MpQKF6g0TCOSj1MeMnYwDFcouVQgdjKUChdgTDNAVAZgWAfgWAYAXAbIXIAocCAASFHB1Yi02NTMxNTAzMjYwNjcxNDcxGNuiIRgBuhcCOAGyGAUYAiIBANAYAegYAQ&sigh=AGy9yTT_c_g&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSOwCjtLzMZO3-rrYqlZmhHup6P_Rvok_DoSipKgj2fmyWs08z79au4n-KymWuFzgYBANLcTFvOND-MjkbGAE&ibtr=1
Domain
api.btloader.com
URL
https://api.btloader.com/country?o=5150306120761344
Domain
api.btloader.com
URL
https://api.btloader.com/pv?tid=QM5smAN6-Uh2dRGf4Be-95bc9dec70&w=5096819819806720&o=5150306120761344&cv=2.1.80-1-ga2c068b&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=zrWczuwEW8-ZyJ0d4sWj-95bc9dec70&pm=true&upapi=true

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| reflect function| OilPainting object| app function| save object| rampjsCore number| cmpVersion object| _pwTycheAB boolean| tycheSampling number| tycheSamplingRate boolean| rampSampling number| rampSamplingRate number| _pageViewSR number| _adImpressionSR object| _pwLogger number| _pwFpSampling string| _pwUserCC string| _pwUserBrowserName string| _pwUserDeviceType string| _pwUserContentEncoding object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| PageOS object| tyche object| rampjsConfig function| admiral object| googletag boolean| pwRAMPInitiated object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime object| webpackChunkpageos object| ggeac object| google_js_reporting_queue object| pageos object| core boolean| google_measure_js_timing object| google_rum_config object| google_reactive_ads_global_state object| __bt object| __bt_intrnl object| __bt_tag_d number| google_srt object| _google_rum_ns_ object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| apstag object| kinesis object| pbjs object| __pwhbjs boolean| liModuleEnabled object| liQ_instances object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha object| cnvr_launcher_options function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_B object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| __id5_finalization_registry object| ID5 object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| conversant object| PublisherCommonId function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 26a9364c-1f26-4560-a8fd-09c6ab74bb31 object| publink_options object| coreid number| google_unique_id object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| __bt_already_invoked

53 Cookies

Domain/Path Name / Value
.criteo.com/openrtb_2_5/pbjs/auction Name: cto_bundle
Value: x9mXCV85VyUyRjNKVXNhTkklMkI3V2pyZzVLNExSVHViOU9DVk5ycEdTWWVJakxlMHlYTSUyRk1seWpjOElhVlRSdHlZS2RCcmdwNGJQb2I1a0YzMmVYTXd4eUtQVkZrJTJCa3c3RUlUR1JSOVZ2TjBhbjQzZUZuMmIxdkc1VnA5OXRLcGYzaGk0TDE1cCUyRmpSRVRWMkZBYlY4Z3VlOHdNZ2hBJTNEJTNE
.3lift.com/sync Name: sync
Value: CgoIgAIQo-b35NsyCgoIoQEQo-b35NsyCgoI4gEQo-b35NsyCgoI5gEQo-b35NsyCgoIhwIQo-b35NsyCgkIOhCj5vfk2zIKCQgbEKPm9-TbMgoKCIwCEKPm9-TbMgoKCL8CEKPm9-TbMgoJCF8Qo-b35Nsy
.liadm.com/j Name: lidid
Value: 87e0ba9e-32df-4b62-86a0-c6f61b422311
.paint.toys/ Name: _ga
Value: GA1.1.1618780437.1742626221
.paint.toys/ Name: _ga_VJBRK9986D
Value: GS1.1.1742626220.1.0.1742626220.0.0.0
.paint.toys/ Name: _ga_CEFZJ359V8
Value: GS1.1.1742626221.1.0.1742626221.0.0.0
paint.toys/ Name: usprivacy
Value: 1---
.criteo.com/ Name: uid
Value: 3d09031b-5ff9-429f-9c4c-d7f8bff84162
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.paint.toys/ Name: _sharedid
Value: fd6520ea-cfe1-49a5-80c9-110c6d864de2
.paint.toys/ Name: _sharedid_cst
Value: kSylLAssaw%3D%3D
.paint.toys/ Name: _li_dcdm_c
Value: .paint.toys
.paint.toys/ Name: _lc2_fpi
Value: 8e413bd09c43--01jpy9vvkp2jv83e2mpwe64x31
.paint.toys/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1742626221686%7D
.id5-sync.com/ Name: id5
Value: bf406c6f-f926-7497-8dfa-11658480d82b#1742626221713#1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.liadm.com/ Name: lidid
Value: 87e0ba9e-32df-4b62-86a0-c6f61b422311
.rubiconproject.com/ Name: khaos
Value: M8JUNQCQ-U-6HR2
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EigowhZuiP7/ERQ87mcpIuhzo6nS25lrPeWX10d9ulIjdUtwqHhHUJQSBx2P3in8zPh6cqIxiLHfyKPLRELhl3xIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.casalemedia.com/ Name: CMID
Value: Z95drbmqP3AAJbQFAcaUngAA
.casalemedia.com/ Name: CMPS
Value: 4520
.casalemedia.com/ Name: CMPRO
Value: 4520
.paint.toys/ Name: FCNEC
Value: %5B%5B%22AKsRol-ECuF_EZRXn_NielPKde1gI326pOm3KMhTubaLmQLI-tLkIcpY-m0MN3bhLISkBUuvu_hWHWgsY7TV4w24BRaJaCVB2oNHAlwYsGUZKpMSf-AqoJcFwv-3hrBstGOhpchPkDViRNlK6TeY7Dexmo3mAYj8cQ%3D%3D%22%5D%5D
.turn.com/ Name: uid
Value: 2789010419525724101
.doubleclick.net/ Name: IDE
Value: AHWqTUlvHr4GJgtS8cEPB63T2J4LOfE0XzuHuPQ-LjO7NTt-Jh9WJ7IVIhOaQqGng6o
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxsjAztzQzNDe1tBTiM9SNKE8xCzPKTw4zzvcAAPTq188lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmJkBoRGRoYGhgCpPEnpEAAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxsjAztzQzNDe1tBTiM9SNKE8xCzPKTw4zzvcAAPTq188lAAAA
.intergient.com/ Name: __cf_bm
Value: BgRzRhHY6qaAxKNS3N71gMRp2Y0g_Qd27RAIKZaRrU0-1742626222-1.0.1.1-tmv2gqkqU0D5Vxz_zC.U256.QdRNGtoJLqWTQJNHrV1FwLlSsPHRJp42mqtUKb.8adr4obGTHGqs2Cbkvg76_HIRjDwe2m7Ph_eSCXakODs
.paint.toys/ Name: __gads
Value: ID=41d843c145caddae:T=1742626222:RT=1742626222:S=ALNI_Ma1aK-hcFFWs3v5MD1blhjCAAUMzA
.paint.toys/ Name: __gpi
Value: UID=000010688d753f4e:T=1742626222:RT=1742626222:S=ALNI_Mafy1CjU98F62fK19rNrMCuNAuZGA
.paint.toys/ Name: __eoi
Value: ID=f516c970a201a5e8:T=1742626222:RT=1742626222:S=AA-AfjbSoJWFE6kn9-pQV1e87Uet
paint.toys/ Name: cto_bundle
Value: ofXdEV9kcE5DeUFXJTJCZEtqUjhIJTJGcVFlMXdTMFZNTyUyQjBYT2ZMbGlWZXAwV1pNT1BHbWU0bXNMR1VYN20wTTV1dzdIMlVKMkNFYXZuNDNGUG4yRkRwSXlsamh5RFo3OUV5YW9DU256THVDQkY1TmRiUU5yUjVJQlVhS1ZVdXhRbk5WMVRhdWU2cG1hamR4eiUyQjRvaDJIekJHRHAlMkZBJTNEJTNE
.criteo.com/ Name: cto_bundle
Value: 6SEPz185VyUyRjNKVXNhTkklMkI3V2pyZzVLNExSUzZ1THA3ZzklMkZSJTJCbGRaV3Q1ZnZORFElMkZaUkxlQU1YcGhrWFN5JTJGbmNPNDB1SlRheW9GTWxISFo3WTYzWlR6ZXV0eENvUjJzdVdpNkVJTldVdUY5UjNnNDJMcjZWRCUyRnpmZlV5bHNFQUViYVM5JTJGME85ZTl4cTJHd1ZyREI1OXM2b2pBJTNEJTNE
.paint.toys/ Name: cto_bundle
Value: Lg7JDl9kcE5DeUFXJTJCZEtqUjhIJTJGcVFlMXdTM2p1VHpWQ0tTcHVOTzRhQzBuNmx5bTRRUWJMV3hVUFBvc1lLdzA2MFQlMkI1YlJjRG1wUCUyQmRUVXVLcTJBWWQ0QnZ2QjI4elVVNHFFbjFkbWZYTTk1S3l0cFBxc2FnTDhhODF1Uk5NY1UlMkYzSlg4U2U0VFhGWWtXUkU3eWJrN1VVTlRnJTNEJTNE
.paint.toys/ Name: cto_bidid
Value: 6p3S8l9mZkF0R1dYVnVGcmpMeHFnbEREZmpXUCUyRjE1WEV2Yk5Yb2c1UjI2b3B0VlUzV2RWdHhYN0lPZHk4Wm5xVG1Ba3ZEbTJkTzBzVGZvM0tFU09vbDgzVyUyRm5uejk5TGFIVlpiZmYwaGV1WnVNSUElM0Q
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.cootlogix.com/ Name: vdz_sync
Value: 603c9780-d24f-55d8-a9ec-fee734893724
.3lift.com/ Name: tluidp
Value: 7022835006018259117
.3lift.com/ Name: tluid
Value: 7022835006018259117
.bing.com/ Name: MUID
Value: 072333AD836A63E53C5C261A826A6222
.c.bing.com/ Name: MR
Value: 0
prebid.intergient.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaOTVkcmJtcVAzQUFKYlFGQWNhVW5nQUFcdTAwMjY0NTIwIiwiZXhwaXJlcyI6IjIwMjUtMDQtMDVUMDY6NTA6MjIuMjk3MzQ4MTNaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiNzAyMjgzNTAwNjAxODI1OTExNyIsImV4cGlyZXMiOiIyMDI1LTA0LTA1VDA2OjUwOjIyLjk1MDY2MTEzN1oifSwidmlkYXpvbyI6eyJ1aWQiOiI2MDNjOTc4MC1kMjRmLTU1ZDgtYTllYy1mZWU3MzQ4OTM3MjQiLCJleHBpcmVzIjoiMjAyNS0wNC0wNVQwNjo1MDoyMi44MTQ2NDM5NTNaIn19fQ==
.linkedin.com/ Name: bcookie
Value: "v=2&37c39f47-122a-48da-8c4b-31b2c51c9a0f"
.linkedin.com/ Name: li_gc
Value: MTswOzE3NDI2MjYyMjI7MjswMjEs9p4NwFE3h0eotybw76An25YG3Hu43yrvt1dJhwrLQg==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3476:u=1:x=1:i=1742626223:t=1742712623:v=2:sig=AQEAWVVQatH0GTOqwxUHMRh29owij_Hx"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8737cdf7-89cc-5664-77cb-89220f0840ef.ecCDl0C3udRqipNE1ODy7dtLDKMrwUVWUIpmiYOMFn8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8737cdf7-89cc-5664-77cb-89220f0840ef.ecCDl0C3udRqipNE1ODy7dtLDKMrwUVWUIpmiYOMFn8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhzfN94nMVmR3y4kiDwhA76xvzII.g0EvGCvdcObNfX74nUQZGOXLVj3%2F6vM9uB5%2Blm%2FU8Vo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhzfN94nMVmR3y4kiDwhA76xvzII.g0EvGCvdcObNfX74nUQZGOXLVj3%2F6vM9uB5%2Blm%2FU8Vo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAmiIY1X620WTtuTigW0p0AtCIuZ4WBPCp5SR4-DlYcDEGcYBCCvu_m-BjABOgSPGmlMQgR709jF.62zq42jOFVpNeCDMJucsrGQ5JFbnwRB91Z8irgMenTY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAmiIY1X620WTtuTigW0p0AtCIuZ4WBPCp5SR4-DlYcDEGcYBCCvu_m-BjABOgSPGmlMQgR709jF.62zq42jOFVpNeCDMJucsrGQ5JFbnwRB91Z8irgMenTY

15 Console Messages

Source Level URL
Text
rendering warning URL: https://paint.toys/oil/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B01C00F43F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://rtb.openx.net/openrtbb/prebidjs' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to XMLHttpRequest at 'https://api.btloader.com/pv?tid=QM5smAN6-Uh2dRGf4Be-95bc9dec70&w=5096819819806720&o=5150306120761344&cv=2.1.80-1-ga2c068b&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=zrWczuwEW8-ZyJ0d4sWj-95bc9dec70&pm=true&upapi=true' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.btloader.com/pv?tid=QM5smAN6-Uh2dRGf4Be-95bc9dec70&w=5096819819806720&o=5150306120761344&cv=2.1.80-1-ga2c068b&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=zrWczuwEW8-ZyJ0d4sWj-95bc9dec70&pm=true&upapi=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://api.btloader.com/country?o=5150306120761344' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.btloader.com/country?o=5150306120761344
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4dac8df277be53075c39a5064ebf44b1.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ag.dns-finder.com
api.btloader.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cd836371f1d.cdn.intergient.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.intergient.com
config.aps.amazon-adsystem.com
csi.gstatic.com
direct.adsrvr.org
eb2.3lift.com
eus.rubiconproject.com
exchange.cootlogix.com
fastlane.rubiconproject.com
faucetfoot.com
fid.agkn.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
grid-bidder.criteo.com
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.sharethrough.com
oa.openxcdn.net
pa.openx.net
pagead2.googlesyndication.com
paint.toys
prebid.intergient.com
proc.ad.cpe.dotomi.com
raw.githubusercontent.com
rp.liadm.com
rtb.gumgum.com
rtb.openx.net
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
sync.cootlogix.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
wqzfr.ontrakinc.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
ag.dns-finder.com
api.btloader.com
cdn-ima.33across.com
faucetfoot.com
fid.agkn.com
googleads.g.doubleclick.net
invstatic101.creativecdn.com
lexicon.33across.com
oa.openxcdn.net
paint.toys
rtb.openx.net
securepubads.g.doubleclick.net
www.google.com
x.bidswitch.net
104.122.32.85
104.18.20.56
104.18.25.18
104.18.26.193
104.18.27.193
104.22.74.216
104.26.3.70
108.138.3.93
13.248.245.213
13.32.25.72
142.250.181.226
142.250.184.200
142.250.184.238
142.250.185.174
142.250.185.74
142.250.186.129
142.251.36.35
151.101.65.108
162.19.138.120
162.19.138.83
172.67.36.110
172.67.38.106
178.250.1.11
178.250.1.38
178.250.1.39
178.250.1.56
18.245.46.100
185.199.108.133
185.64.189.112
185.89.210.141
2.18.96.187
2.23.245.145
216.58.206.34
216.58.206.65
216.58.206.70
23.37.42.132
3.228.236.67
3.33.186.135
3.72.106.219
3.72.38.170
3.73.242.72
3.78.168.176
34.249.238.185
34.36.214.49
34.98.64.218
35.170.28.172
35.71.131.137
45.55.124.119
52.209.58.69
52.211.201.45
52.222.236.4
52.223.6.21
64.158.223.146
65.9.66.97
67.198.205.86
68.183.23.71
69.173.156.139
99.86.4.30
01edacef94a8c2808e4243fa08ff501c71c906e3df44760cceb1e064cb593059
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658
245c1d3d91b010ae1fab47463fbc440dd10804e333ec87ba1a231318bc99c310
24c55f7fd45388e8a6c4fb7fc8bdae53992181227bb8f77f1d4dc04be9f15556
292ec8b57f99ce8b621017a77f2f62dff325a0d83bc0c22278e375dee82607f4
2c0f5885b10cbf98b2662d8f92a84ca1ed212ef22212dc2fe2254c52cce7cbf9
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
362c61f050c9ce6aa0801311921047fa321d5b7769960c375d520825206f9fbf
36bd9dba2b300e0cafdb291f41949dc889967c013b5da5f168b5fca4801794a3
37d93bfacd1a8351ce92af7958ae895d694f25affb8e81ce29aaebbb9889fe7c
3ca074404d9b66ca2b40f09671217a4ed3987dbe1f796fcb9028385108ca427f
3cf0ce955eb104c4961f77eb69ecefe5d5f01367642f2beafe6c2384ff989adf
3d9479d73406c160330cd10ba06865a170cd1b66ee49df473dab5d4d0975e5c8
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4afbee566e62d64ebc697fe4b1090be6ec42163beb580004d497f68fcd9681e7
4c331ee29f15df36754fb44546469e4aed2c7cd319f9eb93b4f6e3ee39322416
5548d5dc643469b5b1d1b50a81f29ec8f9c85e9b2b5fb6735a1ea0fbf1f8d3f6
5703df03048e111c3aa2973e85fa6ea247933efd0e17ddfadb86780e9816f881
57234c0361bef55cff0569a18aa6d5be13af21f714f8eea3d56e4a35badf0ff0
5c17822987f6dcbf68a26f075a8c175ac9777d7320792dc12d0a2f849c4da899
6347d696ef50e5a6ad97669994586dc472b0c72d1145ee1874ef9f1575f9245f
63e564885fc7998fec2377b49a57c4782c87bcb182860d49aabbf13dee8b462b
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
6bb2ae08e0ac99e68f86a0c328eff4fadf602ff0708f5ed15f0beab736fb9936
6bd394edbb00a6e2f510e38c8bb68784a6a1652eaf2b142af2e0fa2152ab1dbc
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
6d03166137610370c00d5af20236e916aee1b3d4e2f8b5ed1293b5ed0f050c87
6f77adf4b5503ca21369dabfe6c37fa0b6e992245e4144e4895843d3ce9f5af0
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
724bf9b6cead6b42a8435c2dd63959f95a2868fc29d0c19f44b7f26c83a18cdd
7666d5120321d67f06dc0cf4cc0471e6654f66f47c33a83bef3c2946bf4c7256
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7a17182eb202b7954eaee80e6a277c9f023433b9b2c04ceadae907c1869ff9ec
7af7d6e87956d5fa4efa79a20dadf99c8646b041ae992cc64f53cf7e4ca5dc4e
7d7e0e5bf8ed80991db9799a6bc536ab0b68745d6ed05f485276fdd50a2685f1
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676
7e4d2c9111e1ca31b5e2e4bfd5a66925f07c0c232672f31481c6b66a89b26f16
856aca2aa33b640c12ef6a7d19d6e5cad74b85dbb01c42b7beb59de3613b83f9
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
89a86eaf863335174a456b5c25cfc7bea6855fe13f9a4885194b03324d0129de
8c393e82e2da0fd205dca27b537f0cb3eb128316949aa84e169054bf85c6bebe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92308169303ea40e85b5154754b25c71f4f227b9178d4483f7f3f6d32562212c
930f76466a9eb4f30d5eb615b47214dbde199ea4e41372f0a0f4234999effd26
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aeebbe58236278e7d948d59ab330dde6efe5888e88c08b49d9808ccf14d54bd6
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b4c8942fd0621edece087aeca10bfc2c5030d61d8879510dc715e022d42293c9
b6c5af2d5c532a14b5aa51656c9d5e8be329b1424ec1df2947ad2de309622448
b9ab3ca5311cddda666128da1a9ad7b090d4766e02b742a3df3edef43a49983a
bc943351d3f65fb1fe470ded84d902d6607e05ffbde166ad5d871cae09fd39da
c064309b1deebbe24b6e95b14d0367be6c5fc87f720cfe17c5c0de9057b33324
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
ca23dd968eeeb1b59eb879fec171a742fe1669a24098052f567895e6aceb7648
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d261d2d57a7427405a765113057358f49b2d1a65f79d67a49366a477d06aa89f
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d48cc73169ad7e36cd52cef698e9ff92f9f7b228bcf9095155beba7df3fa7ce4
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daafe3ba0724c09b3460ab03fe9754c6c441328efd9fb554a0e45f19cdce92cd
dd85e3e12e01968bd31584786c89370bb4d8a4ce274b0ffc6145370f0cad3c29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91c87de4de6d6ac01cf83cc344603d7f3e7a4c07a21628997bbfbdc4506dad4
e9ea6aec37ffb58c5f2dbc97282004904eccc2bac1aa7be973151a9aa1bf78c5
eb3e0004c3b6bc6e7823e4a5f831a8eeb98494f872b6cc3c289ab1c42f504dfd
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
f8e069a600dc9b1a5ca235dcee2f8dbdd0d4d3de43343e27210e1cc9ae7af290
fce3e52993b544a8f38cbd2038d10b8b8ed4908e8647268b4ce323acfda4b469
fe2949e835099dd8cc51469c3a1365f3bd39d15c534cb3ddb1d969b9f78e7404