urlscan.io logo urlscan.io
SecurityTrails logo

paint.toys Open in urlscan Pro
3.33.186.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1L...
Effective URL: https://paint.toys/oil/
Submission: On April 21 via api from BE — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 7 countries across 46 domains to perform 119 HTTP transactions. The main IP is 3.33.186.135, located in United States and belongs to AMAZON-02, US. The main domain is paint.toys. The Cisco Umbrella rank of the primary domain is 832887.
TLS certificate: Issued by E6 on April 1st 2025. Valid for: 3 months.
This is the only time paint.toys was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 67.198.205.86 35908 (VPLSNET)
1 9 3.33.186.135 16509 (AMAZON-02)
10 104.18.20.56 13335 (CLOUDFLAR...)
2 142.250.185.72 15169 (GOOGLE)
2 34.8.176.186 396982 (GOOGLE-CL...)
3 142.250.186.130 15169 (GOOGLE)
6 104.18.21.56 13335 (CLOUDFLAR...)
1 18.245.46.100 16509 (AMAZON-02)
1 104.22.74.216 13335 (CLOUDFLAR...)
1 185.199.109.133 54113 (FASTLY)
3 216.239.32.36 15169 (GOOGLE)
4 142.250.186.142 15169 (GOOGLE)
2 142.250.185.106 15169 (GOOGLE)
1 216.58.212.163 15169 (GOOGLE)
3 52.85.67.113 16509 (AMAZON-02)
2 3.73.242.72 16509 (AMAZON-02)
1 52.85.65.109 16509 (AMAZON-02)
1 52.85.65.39 16509 (AMAZON-02)
1 54.192.2.156 16509 (AMAZON-02)
4 23.45.96.101 16625 (AKAMAI-AS)
1 108.138.36.23 16509 (AMAZON-02)
1 172.67.36.110 13335 (CLOUDFLAR...)
1 104.22.52.86 13335 (CLOUDFLAR...)
1 64.158.223.146 41041 (VCLK-EU-S...)
1 104.26.11.184 13335 (CLOUDFLAR...)
1 104.26.0.244 13335 (CLOUDFLAR...)
2 172.67.11.120 13335 (CLOUDFLAR...)
1 142.250.186.102 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
2 162.19.138.116 16276 (OVH OVH SAS)
1 52.17.48.58 16509 (AMAZON-02)
1 35.244.193.51 396982 (GOOGLE-CL...)
1 98.80.86.86 14618 (AMAZON-AES)
1 95.100.185.43 16625 (AKAMAI-AS)
1 34.36.214.49 396982 (GOOGLE-CL...)
1 178.250.1.56 44788 (ASN-CRITE...)
4 69.173.156.139 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 52.223.6.21 16509 (AMAZON-02)
1 52.222.136.93 16509 (AMAZON-02)
4 54.77.4.15 16509 (AMAZON-02)
4 3.72.78.234 16509 (AMAZON-02)
1 172.64.153.66 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
2 5 104.18.27.193 13335 (CLOUDFLAR...)
1 18.184.206.66 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH OVH SAS)
1 2 54.197.251.116 14618 (AMAZON-AES)
1 35.244.159.8 396982 (GOOGLE-CL...)
2 142.250.184.226 15169 (GOOGLE)
2 2 52.19.224.221 16509 (AMAZON-02)
1 130.211.23.194 ()
119 52
2    67.198.205.86 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.198.205.86.static.krypt.com
qwxz.itgeekdomain.com
9    3.33.186.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: afa7f374f51cc8991.awsglobalaccelerator.com
paint.toys
10    104.18.20.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
prebid.intergient.com
2    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
2    34.8.176.186 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.176.8.34.bc.googleusercontent.com
faucetfoot.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
6    104.18.21.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
prebid.intergient.com
1    18.245.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-100.fra56.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    185.199.109.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-133.github.com
raw.githubusercontent.com
3    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
fundingchoicesmessages.google.com
2    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com
imasdk.googleapis.com
1    216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net
fonts.gstatic.com
3    52.85.67.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-67-113.muc50.r.cloudfront.net
c.amazon-adsystem.com
2    3.73.242.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
cd836371f1d.cdn.intergient.com
1    52.85.65.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-109.muc50.r.cloudfront.net
static.adsafeprotected.com
1    52.85.65.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-39.muc50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    54.192.2.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-2-156.muc50.r.cloudfront.net
aax.amazon-adsystem.com
4    23.45.96.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-96-101.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    108.138.36.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-23.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    172.67.36.110 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    64.158.223.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams02-convex-float1.dotomi.com
proc.ad.cpe.dotomi.com
1    104.26.11.184 (None, )

ASN13335 (CLOUDFLARENET, US)
dl.edge-aicdn.net
1    104.26.0.244 (None, )

ASN13335 (CLOUDFLARENET, US)
storage.ml-cachehost.net
2    172.67.11.120 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
2    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    52.17.48.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-48-58.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    98.80.86.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-80-86-86.compute-1.amazonaws.com
idx.liadm.com
1    95.100.185.43 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-185-43.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
1    178.250.1.56 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid.bidswitch.net
4    69.173.156.139 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
1    52.222.136.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-136-93.fra50.r.cloudfront.net
hb.yellowblue.io
4    54.77.4.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-4-15.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    3.72.78.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-78-234.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    172.64.153.66 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    18.184.206.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-206-66.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    141.95.98.65 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    54.197.251.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-251-116.compute-1.amazonaws.com
rp.liadm.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
2    52.19.224.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-224-221.eu-west-1.compute.amazonaws.com
cm.adgrx.com
1    130.211.23.194 (None, )

ASN- ()
api.btloader.com
Apex Domain
Subdomains		 Transfer
18 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 6054
cd836371f1d.cdn.intergient.com — Cisco Umbrella Rank: 7225
prebid.intergient.com — Cisco Umbrella Rank: 7946
343 KB
9 paint.toys
paint.toys — Cisco Umbrella Rank: 832887
131 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 230
ad.doubleclick.net — Cisco Umbrella Rank: 148
cm.g.doubleclick.net — Cisco Umbrella Rank: 294
224 KB
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 582
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 656
5 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1041
match.sharethrough.com — Cisco Umbrella Rank: 634
523 B
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 339
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 743
aax.amazon-adsystem.com — Cisco Umbrella Rank: 476
s.amazon-adsystem.com Failed
94 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1470
969 B
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 531
secure-assets.rubiconproject.com Failed
4 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1216
106 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 746
170 KB
3 openx.net
pa.openx.net — Cisco Umbrella Rank: 3701
rtb.openx.net — Cisco Umbrella Rank: 599
u.openx.net — Cisco Umbrella Rank: 754
2 KB
3 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 1261
rp.liadm.com — Cisco Umbrella Rank: 953
1 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 853
id5-sync.com — Cisco Umbrella Rank: 529
32 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3128
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1761
1 KB
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 620
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 517
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1053
652 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1061
id.crwdcntrl.net — Cisco Umbrella Rank: 2464
13 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
imasdk.googleapis.com — Cisco Umbrella Rank: 503
148 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1017
api.btloader.com
39 KB
2 faucetfoot.com
faucetfoot.com — Cisco Umbrella Rank: 329443
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
231 KB
2 itgeekdomain.com
qwxz.itgeekdomain.com
2 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 981
282 B
1 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 2565
1002 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 1518
625 B
1 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 1383
match.adsrvr.org Failed
243 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1340
311 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1390
246 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 474
grid-bidder.criteo.com Failed
1 ml-cachehost.net
storage.ml-cachehost.net — Cisco Umbrella Rank: 1564
1 edge-aicdn.net
dl.edge-aicdn.net — Cisco Umbrella Rank: 1566
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2828
459 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1501
341 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 731
481 B
1 gstatic.com
fonts.gstatic.com
47 KB
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3093
587 B
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 7753
909 B
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 ad4m.at Failed
ad4m.at Failed
0 adnxs.com Failed
ib.adnxs.com Failed
0 3lift.com Failed
tlx.3lift.com Failed
0 cootlogix.com Failed
exchange.cootlogix.com Failed
0 agkn.com Failed
fid.agkn.com Failed
0 dns-finder.com Failed
ag.dns-finder.com Failed
119 46
Domain Requested by
13 cdn.intergient.com paint.toys
cdn.intergient.com
9 paint.toys 1 redirects qwxz.itgeekdomain.com
paint.toys
4 btlr.sharethrough.com cdn.intergient.com
4 g2.gumgum.com cdn.intergient.com
4 fastlane.rubiconproject.com cdn.intergient.com
4 secure.cdn.fastclick.net qwxz.itgeekdomain.com
secure.cdn.fastclick.net
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 prebid.intergient.com cdn.intergient.com
ssum-sec.casalemedia.com
3 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
3 region1.google-analytics.com www.googletagmanager.com
3 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
paint.toys
2 cm.adgrx.com 2 redirects
2 cm.g.doubleclick.net ssum-sec.casalemedia.com
2 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com 1 redirects cdn.intergient.com
2 rp.liadm.com 1 redirects
2 id5-sync.com cdn.intergient.com
2 ad-delivery.net paint.toys
2 cd836371f1d.cdn.intergient.com cdn.intergient.com
2 faucetfoot.com cdn.intergient.com
faucetfoot.com
2 www.googletagmanager.com paint.toys
www.googletagmanager.com
2 qwxz.itgeekdomain.com 1 redirects
1 api.btloader.com btloader.com
1 u.openx.net cdn.intergient.com
1 lb.eu-1-id5-sync.com cdn.intergient.com
1 match.sharethrough.com
1 htlb.casalemedia.com cdn.intergient.com
1 rtb.openx.net cdn.intergient.com
1 elb.the-ozone-project.com cdn.intergient.com
1 hb.yellowblue.io cdn.intergient.com
1 direct.adsrvr.org cdn.intergient.com
1 hbopenbid.pubmatic.com cdn.intergient.com
1 grid.bidswitch.net cdn.intergient.com
1 pa.openx.net cdn.intergient.com
1 ads.pubmatic.com cdn.intergient.com
1 idx.liadm.com cdn.intergient.com
1 lexicon.33across.com cdn.intergient.com
1 id.crwdcntrl.net cdn.intergient.com
1 gum.criteo.com cdn.intergient.com
1 ad.doubleclick.net paint.toys
1 storage.ml-cachehost.net btloader.com
1 dl.edge-aicdn.net btloader.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cdn.id5-sync.com qwxz.itgeekdomain.com
1 cdn.hadronid.net qwxz.itgeekdomain.com
1 tags.crwdcntrl.net qwxz.itgeekdomain.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 static.adsafeprotected.com paint.toys
1 imasdk.googleapis.com cdn.intergient.com
1 fonts.gstatic.com paint.toys
1 fonts.googleapis.com
1 raw.githubusercontent.com paint.toys
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
0 secure-assets.rubiconproject.com Failed cdn.intergient.com
0 pixel-sync.sitescout.com Failed ssum-sec.casalemedia.com
0 um.simpli.fi Failed ssum-sec.casalemedia.com
0 ad4m.at Failed ssum-sec.casalemedia.com
0 match.adsrvr.org Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 ib.adnxs.com Failed cdn.intergient.com
0 tlx.3lift.com Failed cdn.intergient.com
0 exchange.cootlogix.com Failed cdn.intergient.com
0 grid-bidder.criteo.com Failed cdn.intergient.com
0 fid.agkn.com Failed cdn.intergient.com
0 ag.dns-finder.com Failed btloader.com
119 67

This site contains links to these domains. Also see Links.

Domain
toms.toys
Subject Issuer Validity Valid
trustmailboxes.com
E5		 2024-12-29 -
2025-03-29		 3 months crt.sh
paint.toys
E6		 2025-04-01 -
2025-06-30		 3 months crt.sh
834af943.sni.cloudflaressl.com
WE1		 2025-02-28 -
2025-05-29		 3 months crt.sh
*.google-analytics.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
faucetfoot.com
E6		 2025-02-21 -
2025-05-22		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-12-12 -
2026-01-09		 a year crt.sh
btloader.com
WE1		 2025-04-03 -
2025-07-02		 3 months crt.sh
*.github.io
Sectigo RSA Domain Validation Secure Server CA		 2025-03-07 -
2026-03-07		 a year crt.sh
*.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
upload.video.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.gstatic.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
*.cdn.intergient.com
Go Daddy Secure Certificate Authority - G2		 2025-03-15 -
2026-04-16		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M04		 2025-03-26 -
2026-04-25		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-29		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
hadronid.net
WE1		 2025-03-20 -
2025-06-18		 3 months crt.sh
id5-sync.com
WE1		 2025-03-26 -
2025-06-24		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
edge-aicdn.net
WE1		 2025-03-25 -
2025-06-23		 3 months crt.sh
ml-cachehost.net
WE1		 2025-03-25 -
2025-06-23		 3 months crt.sh
ad-delivery.net
WE1		 2025-03-08 -
2025-06-06		 3 months crt.sh
*.doubleclick.net
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-18 -
2025-07-17		 3 months crt.sh
lexicon.33across.com
WR3		 2025-02-23 -
2025-05-24		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh
pa.openx.net
WR3		 2025-03-07 -
2025-06-05		 3 months crt.sh
prebid.intergient.com
WE1		 2025-04-20 -
2025-07-19		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-06 -
2025-07-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-04 -
2026-04-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M02		 2025-02-16 -
2026-03-17		 a year crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M03		 2024-07-02 -
2025-08-01		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
the-ozone-project.com
WE1		 2025-04-09 -
2025-07-08		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
casalemedia.com
E6		 2025-04-08 -
2025-07-07		 3 months crt.sh
eu-1-id5-sync.com
R10		 2025-03-01 -
2025-05-30		 3 months crt.sh
api.btloader.com
WR3		 2025-03-28 -
2025-06-26		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://paint.toys/oil/
Frame ID: 7C7108D0012B32EF033428472186151C
Requests: 100 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html
Frame ID: B4420CCD773FB7CE8F5C4AEE828D1B4D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html
Frame ID: 9477BABE29ADF753E44870F9BA28E247
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 0EC7520FD257323561DF766961708D92
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: F7099402AC6358403CEBE19E415B93E0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 1AD515A6696D22A644377067A0E47ADA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Frame ID: E89C4C8531136E846DDAC486115F9561
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 92998498424C76BBC9D2CAA41296403F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paint with Oils

Page URL History Show full URLs

  1. http://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwO... HTTP 307
    https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwO... Page URL
  2. https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwO... HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

119
Requests

82 %
HTTPS

0 %
IPv6

46
Domains

67
Subdomains

52
IPs

7
Countries

1619 kB
Transfer

5420 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe HTTP 307
    https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe Page URL
  2. https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe?in=1 HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe HTTP 307
  • https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Request Chain 103
  • https://rp.liadm.com/j?dtstmp=1745249807201&did=did-0046&se=e30&duid=8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t&tv=9.36.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&cd=.paint.toys HTTP 302
  • https://rp.liadm.com/j?dtstmp=1745249807201&did=did-0046&se=e30&duid=8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t&tv=9.36.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&cd=.paint.toys&n3pc=true
Request Chain 106
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Request Chain 107
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aAZmD7mqPp8AE0GjAW-TEAAA
Request Chain 113
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70415a3e-1ec6-11f0-bcb1-13a96a9005b1

119 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
z8yv14fw1qahe
qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/
Redirect Chain
  • http://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8y...
  • https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8...
723 B
1010 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.198.205.86 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.198.205.86.static.krypt.com
Software
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 / PHP/7.4.33
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
371
Content-Type
text/html; charset=UTF-8
Date
Mon, 21 Apr 2025 15:36:35 GMT
Developed-by
Mohamed Amine El Attabi
Email
mohamed.amine.elattabi@gmail.com
Expires
Sat, 2 Aug 1980 15:15:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
paint.toys/oil/
Redirect Chain
  • https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8...
  • https://paint.toys/oil
  • https://paint.toys/oil/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/
Requested by
Host: qwxz.itgeekdomain.com
URL: https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
42612
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
1665
content-type
text/html; charset=UTF-8
date
Mon, 21 Apr 2025 15:36:36 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JSCFX0FJ9H13F4D27CFMMVSM

Redirect headers

accept-ranges
bytes
age
1865
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-length
1666
content-type
text/html; charset=UTF-8
date
Mon, 21 Apr 2025 15:36:36 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
location
/oil/
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01JSCFX0D18AT88GHHXMQQMNYP
ramp_config.js
cdn.intergient.com/1024872/74068/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024872/74068/ramp_config.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2603960258dd04339b1635fb441c99d01880948109a27d77f5a175654eb14e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-ray
933df53dba4de3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
apps.css
paint.toys/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paint.toys/apps.css
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"58d01e65c6625681e8891f6fbc8c18f5-ssl-df"
age
6254
accept-ranges
bytes
content-length
1394
x-nf-request-id
01JSCFX0J9F5C25V7C0D8WM1V8
cache-status
"Netlify Edge"; hit
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
Netlify
index.js
paint.toys/oil/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/index.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"687211e2ced405124b38663a13c97091-ssl-df"
age
42611
accept-ranges
bytes
content-length
1190
x-nf-request-id
01JSCFX0J927M8RQ1KR7XVM12M
cache-status
"Netlify Edge"; hit
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
art-icon.png
paint.toys/assets/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/art-icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"1394f8469f2ca5750397e3d7b6ec70a1-ssl"
age
6254
accept-ranges
bytes
content-length
33562
x-nf-request-id
01JSCFX0J9T9RG0VH91RQZ62Q9
cache-status
"Netlify Edge"; hit
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
image/png
server
Netlify
icon-hand.png
paint.toys/assets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-hand.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"a0822110a4671ffdf710da1467460fba-ssl"
age
6254
accept-ranges
bytes
content-length
27394
x-nf-request-id
01JSCFX0J9B14Y5H2BFBRXS8R5
cache-status
"Netlify Edge"; hit
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
image/png
server
Netlify
icon-disk.png
paint.toys/assets/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-disk.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"26852fa1548a91e004629b01e4abf1dd-ssl"
age
6254
accept-ranges
bytes
content-length
13766
x-nf-request-id
01JSCFX0PK4JSHAVT83WTJB23N
cache-status
"Netlify Edge"; hit
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
image/png
server
Netlify
icon-trash.png
paint.toys/assets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-trash.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"e91ef5e34b5154d392e8560031eaaa4c-ssl"
age
6254
accept-ranges
bytes
content-length
51680
x-nf-request-id
01JSCFX0PMYM3MFBMMPPMKJ9HW
cache-status
"Netlify Edge"; hit
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
image/png
server
Netlify
ramp_core.js
cdn.intergient.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3064aa0f0e8b22f406c231a9331931b472c5067dcb57476a2601ebaeaeebb46a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-ray
933df53e0b4be3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		365 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cc50811911c1b2ef14c9277d1e52f0d13664465444f792696c22f86c1ae0ad9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1055:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1055:0"}],}
expires
Mon, 21 Apr 2025 15:36:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1055:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1055:0
content-length
124945
x-xss-protection
0
server
Google Tag Manager
3a70fc5fad61cdce1367eb27e74b60928717817a6.min.js
faucetfoot.com/scripts/2f7d64b/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/scripts/2f7d64b/3a70fc5fad61cdce1367eb27e74b60928717817a6.min.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.8.176.186 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.176.8.34.bc.googleusercontent.com
Software
hoothoot/1760148137 /
Resource Hash
2552b2e73a3444d70cd03b3be7e52f93e0fdd0556993d0512bedeaac4660696d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
content-encoding
zstd
etag
W/"d07c297052cc871d59fef0c841032cde183c135e19f7dd4578f4fc271d2f3862"
via
fen-hoothoot-europe-west1-spot-s40r.gce-europe-west1, 1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
server
hoothoot/1760148137
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c369395c3b2b85cf71e37c1bbf7b96db3c4ee54aa9879001542e4da9608c820d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
921 / 20199 / m202504150101 / config-hash: 752500361797862305
x-content-type-options
nosniff
expires
Mon, 21 Apr 2025 15:36:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34075
x-xss-protection
0
server
cafe
prebid.js
cdn.intergient.com/prebid/ 		588 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/prebid/prebid.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7a2ac42be2f8acb22dd52cc3493cb67bd727fde3d8a113e262248c6a2ec236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"a7f68292d50cd709f24f996c68d47dd1"
age
2827
cf-ray
933df53e5c70e3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
text/javascript
last-modified
Wed, 02 Apr 2025 13:30:30 GMT
vary
Accept-Encoding
server
cloudflare
pageos.js
cdn.intergient.com/pageos/V.20250415.1/ 		411 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b35367386570f17ff5be2b4d3f5a9ef2816b7947869005cfae73ec88dcba460

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"038af8099c70ce8099f11e60671651ea"
age
4264
cf-ray
933df53ebda4e3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:36 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:20 GMT
vary
Accept-Encoding
server
cloudflare
runtime.f78d8905f1617efa83f4.js
cdn.intergient.com/pageos/V.20250415.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/runtime.f78d8905f1617efa83f4.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aed279b0a29e774ca22dafc6a078e7582490608c9d18bda1a138ca55d0d5be9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"f1a6e4325cdcf59d711cbdc9bbf9de8f"
age
4387
cf-ray
933df53f9818e3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:23 GMT
vary
Accept-Encoding
server
cloudflare
main.f49d9d120d738f961843.js
cdn.intergient.com/pageos/V.20250415.1/ 		461 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7d0d55c693f50a025e443da2f37eaea32dad37cbfe918cde1717f8f33af733

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"2da544a46407e9f6f4d2fc5d5058f814"
age
5470
cf-ray
933df53f981be3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:18 GMT
vary
Accept-Encoding
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504150101/ 		529 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
31e988de147264b3ff0990eac51ed08398a7346729cbd42b231876431fbb4020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
3850784624983485084
age
58057
x-content-type-options
nosniff
expires
Mon, 20 Apr 2026 23:29:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 20 Apr 2025 23:29:00 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
170612
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202504170101/ 		64 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202504170101/gpt
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e4a1f6bb4df43a4e3aded46465e55b8749b64817d13ed9557075c596d218c340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
5790688912801242087
age
34651
x-content-type-options
nosniff
expires
Mon, 28 Apr 2025 05:59:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 21 Apr 2025 05:59:06 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23384
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202504170101"
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/V.20250415.1/ 		559 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/runtime.f78d8905f1617efa83f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"6880c1609e3243c11c7b4f1285e14d89"
age
3972
cf-ray
933df54039c6e3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:26 GMT
vary
Accept-Encoding
server
cloudflare
iframe.html
cdn.intergient.com/pageos/V.20250415.1/iframe/ Frame B442 		503 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e6b2bccb3f889bf35badc933d9beecd2219914e6ba548166b196a64574ab78

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

age
4386
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
933df5491d5be3cc-LIS
content-encoding
br
content-type
text/html
date
Mon, 21 Apr 2025 15:36:38 GMT
hw-country-code
PT
last-modified
Wed, 16 Apr 2025 13:33:15 GMT
server
cloudflare
vary
Accept-Encoding
gdpr.9ac3a80aab4cba40c3b7.js
cdn.intergient.com/pageos/V.20250415.1/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/gdpr.9ac3a80aab4cba40c3b7.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/runtime.f78d8905f1617efa83f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9944793c8f93f14268d359a9cd5d810c6eeb761b721dd174e2962189ca95f46a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"e7478a5bf257eabe30a5358e4dda9249"
age
4288
cf-ray
933df54049e8e3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:14 GMT
vary
Accept-Encoding
server
cloudflare
GDPR
impression-inferences-edge-prod.playwire.com/websites/74068/v1/Mon/11/desktop/Chrome/ 		584 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Mon/11/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-100.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
cce72c91fa1a156aaec5098a8b30934d682220a65040ebdc5b951ebeef56bb35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600, public, must-revalidate
access-control-expose-headers
*
age
2055
via
1.1 16cea8ae3ccd098a5d0b3b2c45b25a84.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
584
x-amz-cf-id
DertwsuhthFBGzG5Ws62U2gIDAPDmEN22HZMBLiwJHd9YosyF-JAhg==
date
Mon, 21 Apr 2025 15:02:26 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P9
server
CloudFront
tag
btloader.com/ 		149 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7594b7ee23338f76d0bb4a05eaca3786426b530c0342bceb62312eba506ca327

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"208c93cb26a19bec621fd28d911057fa"
via
1.1 google
cf-ray
933df570090233e9-LIS
accept-ranges
bytes
access-control-allow-origin
*
content-length
39507
date
Mon, 21 Apr 2025 15:36:44 GMT
content-type
application/javascript
last-modified
Mon, 21 Apr 2025 15:04:11 GMT
vary
Accept-Encoding
server
cloudflare
1x1.gif
raw.githubusercontent.com/easylist/easylist/master/docs/ 		43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/easylist/easylist/master/docs/1x1.gif
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-133.github.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-fastly-request-id
d74ecca0b0ae2b3c477f584e67d53d2d2ba01c7f
etag
W/"0c4a5773f7e435c57c40bd270aef756513eba26bd7ba5317b5bd765569a7325d"
x-content-type-options
nosniff
x-github-request-id
D7E7:8E770:74CF68:832851:67F4B551
expires
Mon, 21 Apr 2025 15:41:40 GMT
x-cache
HIT
date
Mon, 21 Apr 2025 15:36:40 GMT
content-type
image/gif
x-served-by
cache-lis1490041-LIS
x-cache-hits
14
source-age
175
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1745249801.703436,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		308 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je54h0h2v9101576445za200&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316~103116025
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
540c25e086f94be80f4ad320bb14d9d0a78685aa6d6aff1b7a6527c5147bb543
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1055:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1055:0"}],}
expires
Mon, 21 Apr 2025 15:36:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1055:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1055:0
content-length
111096
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je54h0h2v9101576445za200&_p=1745249796645&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316~103116025&cid=1697124108.1745249797&ul=pt-pt&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1745249797&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1710
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to
{"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:97:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
text/plain
server
Golfe2
154013155
fundingchoicesmessages.google.com/i/ 		201 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
2d7a19137bad040a0a32de4c9a6d6aed31d607ca1b97912ff04f65bf540e6ece
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NTt4qhOZf8CieVTOUVaZBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmII0JBiOHHrNtMFIG69eY51OhAbrT3P6gLEhgqXWJ2B-P66S6zPgfhD_WXWH0BcJHGFtQWIY9NusqYCce_em6w3jtxkFeLhaD0z8wCbwIN_91cxKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkamBia6xkYxxcYAAAiujld"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NTt4qhOZf8CieVTOUVaZBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je54h0h2v9102396898za200zb9101576445&_p=1745249796645&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316&cid=1697124108.1745249797&ul=pt-pt&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1745249797&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1745249796645&tfd=1889
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je54h0h2v9101576445za200&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316~103116025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to
{"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:97:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
text/plain
server
Golfe2
AGSKWxXF6awDdKTnZkHDdNVVAemtfXiOVRhMebO6iFG0B6RGcT9IPQaTfg2GN6XZIT_lYTh0OoWfxqYFKk_1CmYdOiCT_Qnn8TqMz7thVInCSkJDLexxGvvcDvLuWo1bOPEjtxa9YVd64g==
fundingchoicesmessages.google.com/f/ 		862 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXF6awDdKTnZkHDdNVVAemtfXiOVRhMebO6iFG0B6RGcT9IPQaTfg2GN6XZIT_lYTh0OoWfxqYFKk_1CmYdOiCT_Qnn8TqMz7thVInCSkJDLexxGvvcDvLuWo1bOPEjtxa9YVd64g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ1MjQ5Nzk3LDc4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJjLWVmMWtCcmVYNCJdLFs5LCJwdC1QVCJdLFsxOSwiMSJdLFsxNywiWzBdIl0sWzI0LCJxd3h6Lml0Z2Vla2RvbWFpbi5jb20iXSxbMjksImZhbHNlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pt_PT.c-ef1kBreX4.es5.O/d=1/rs=AJlcJMwO8FOd7TrURhZlKa_OfgjSC2iKTQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
0e43fe4df6e4c9593bb594184ad3b13f849e5b22b623030dea929f2dae7bae8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-6c4ybCt71dXei2UklF9uWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj8tDikmJw15BiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYhj026ypgJx796brDeO3GQV4uFoPTPzAJvAhk-X9zAraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRqYGJrrGRjHFxgAAJLINBE"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-6c4ybCt71dXei2UklF9uWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		123 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pt_PT.c-ef1kBreX4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwO8FOd7TrURhZlKa_OfgjSC2iKTQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
f8b3e2bf06580cc9b1bf9f449a6dce5cd1072c11a1e0c62ab3c5ed5f77222662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 21 Apr 2025 15:36:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:38 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 21 Apr 2025 15:36:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://paint.toys
Referer
https://paint.toys/

Response headers

age
545875
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Apr 2026 07:58:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Apr 2025 07:58:43 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxXBYGT_nmNtJrXaL-kFw9oImRj9YwEMRv5a1RzvKK68uBW5nvjqDhjg3dXPKiOlwPPEhJhRiwqwzoUdA9pQm0tdVdSDiW8THEmFSnBHoQpcIq5f9KR1jORu2lCTacb1R88XbHEHSw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXBYGT_nmNtJrXaL-kFw9oImRj9YwEMRv5a1RzvKK68uBW5nvjqDhjg3dXPKiOlwPPEhJhRiwqwzoUdA9pQm0tdVdSDiW8THEmFSnBHoQpcIq5f9KR1jORu2lCTacb1R88XbHEHSw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pt_PT.c-ef1kBreX4.es5.O/d=1/rs=AJlcJMwO8FOd7TrURhZlKa_OfgjSC2iKTQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s2m0j2_A4lVEO2nDl9zc0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBi-FB_mfUHEAvxcLSdmXmATWDF5wvtjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDI1MDEyEDPwDy-wAAAZeIkfw"
content-security-policy
script-src 'report-sample' 'nonce-s2m0j2_A4lVEO2nDl9zc0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXBYGT_nmNtJrXaL-kFw9oImRj9YwEMRv5a1RzvKK68uBW5nvjqDhjg3dXPKiOlwPPEhJhRiwqwzoUdA9pQm0tdVdSDiW8THEmFSnBHoQpcIq5f9KR1jORu2lCTacb1R88XbHEHSw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXBYGT_nmNtJrXaL-kFw9oImRj9YwEMRv5a1RzvKK68uBW5nvjqDhjg3dXPKiOlwPPEhJhRiwqwzoUdA9pQm0tdVdSDiW8THEmFSnBHoQpcIq5f9KR1jORu2lCTacb1R88XbHEHSw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pt_PT.c-ef1kBreX4.es5.O/d=1/rs=AJlcJMwO8FOd7TrURhZlKa_OfgjSC2iKTQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6sacAUQvxYn8m_c-G3qRjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0JBi-FB_mfUHEAvxcLSdmXmATWDHtM4ORiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkamBiaK5nYB5fYAAAPuIj-g"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6sacAUQvxYn8m_c-G3qRjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
iframe.html
cdn.intergient.com/pageos/V.20250415.1/iframe/ Frame 9477 		503 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e6b2bccb3f889bf35badc933d9beecd2219914e6ba548166b196a64574ab78

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

age
4386
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
933df5491d5be3cc-LIS
content-encoding
br
content-type
text/html
date
Mon, 21 Apr 2025 15:36:38 GMT
hw-country-code
PT
last-modified
Wed, 16 Apr 2025 13:33:15 GMT
server
cloudflare
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		357 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.67.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-67-113.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7dcc7c56d033ae493bbadf6078dae1bd1e6d1e1a4ad2689f2020c4f1bd41d03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"3c8359055d79a8918feb5b56e17b0af1"
age
960
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 ddcc211ea1d565c67eac00a91dda8304.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
fSm2w9VmaGKVRRrRZBnrO1_MAr_lfylEq0Z2-Yle4wEImwsBvBxTMQ==
date
Mon, 21 Apr 2025 15:20:40 GMT
content-type
application/javascript
last-modified
Tue, 15 Apr 2025 20:03:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P6
x-amz-server-side-encryption
AES256
iframe.js
cdn.intergient.com/pageos/V.20250415.1/iframe/ Frame B442 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf4e88b472433e2273c4de0a7fceb430f0f3ac49425ec77a99697a944d53ec4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"31bb1614c114425ef27f97d72f81a6e3"
age
4435
cf-ray
933df5498ecce3cc-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:38 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:16 GMT
vary
Accept-Encoding
server
cloudflare
iframe.js
cdn.intergient.com/pageos/V.20250415.1/iframe/ Frame 9477 		17 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf4e88b472433e2273c4de0a7fceb430f0f3ac49425ec77a99697a944d53ec4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://cdn.intergient.com/pageos/V.20250415.1/iframe/iframe.html

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"31bb1614c114425ef27f97d72f81a6e3"
age
4435
cf-ray
933df5498ecce3cc-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:38 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:16 GMT
vary
Accept-Encoding
server
cloudflare
ec9b501a-70fe-4782-9bb5-fce9e48b6923
https://paint.toys/ 		0
0
474.9e5e7d94b0ad365e11fa.js
cdn.intergient.com/pageos/V.20250415.1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250415.1/474.9e5e7d94b0ad365e11fa.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/runtime.f78d8905f1617efa83f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
PT
content-encoding
br
cf-cache-status
HIT
etag
W/"f32f7966b1a24d5db4c7e8891271dc87"
age
5075
cf-ray
933df549f95be3b8-LIS
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Apr 2025 15:36:38 GMT
content-type
text/javascript
last-modified
Wed, 16 Apr 2025 13:33:08 GMT
vary
Accept-Encoding
server
cloudflare
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		446 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
cafe /
Resource Hash
3d403581f9c944a398103ba56f99a04d99a9a9814a87b52f83ab8564bb2ed8a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
17796657619774701878
x-content-type-options
nosniff
expires
Mon, 21 Apr 2025 15:36:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 21 Apr 2025 15:36:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
144239
x-xss-protection
0
server
cafe
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Mon, 21 Apr 2025 15:36:39 GMT
content-type
application/octet-stream
server
nginx/1.24.0
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=uizqxn&adnum=1581632
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-109.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
13745
x-cache
Hit from cloudfront
x-amz-cf-id
cupqfUpLkGkcZPbiXOobG56L_4EFoGl6Ol_9jrLL704G7AgHTKy4vw==
date
Mon, 21 Apr 2025 11:47:35 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 72e7358c1b788ea69a1649b717511b9a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
f91218b27b741be78a23e85295db7ed72271762607d84db31c41df8200c42511ab
faucetfoot.com/post/ 		303 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://faucetfoot.com/post/f91218b27b741be78a23e85295db7ed72271762607d84db31c41df8200c42511ab
Requested by
Host: faucetfoot.com
URL: https://faucetfoot.com/scripts/2f7d64b/3a70fc5fad61cdce1367eb27e74b60928717817a6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.8.176.186 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.176.8.34.bc.googleusercontent.com
Software
hoothoot/1760148137 /
Resource Hash
ea0b452ea245d3d6dcc6cf5895f136fc7e84a48ca28ed084769bf861aebb2a71
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
via
fen-hoothoot-europe-west1-spot-s40r.gce-europe-west1, 1.1 google
expires
Mon, 21 Apr 2025 15:36:38 GMT
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
date
Mon, 21 Apr 2025 15:36:39 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
hoothoot/1760148137
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.67.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-67-113.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
46622
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
YJHdpv5guwkEZG6E12T6euxKFE5hRRlz5sX8pd-pERewvwH_HcF44Q==
date
Mon, 21 Apr 2025 02:39:39 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		563 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-39.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
60c7145e43d0d0c098eb46181f23ba7e5a8cb64a21bbd550eb67f100389299e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600
age
115
via
1.1 eab0437e9575fc5ab3f67303be5a9efc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
VCad7CdvVemMbaVAuqwtcVJLKnOG_4Wn6mWY1GEOAKpAoqHe88h6QQ==
date
Mon, 21 Apr 2025 15:34:45 GMT
content-type
application/javascript
x-amz-cf-pop
MUC50-P6
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.67.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-67-113.muc50.r.cloudfront.net
Software
Server /
Resource Hash
843b1f9a354b48dac90a3287f0219d215a73fbad39fcaa1ef2f4e2ef272f6f2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
7285
access-control-allow-credentials
true
via
1.1 ddcc211ea1d565c67eac00a91dda8304.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Hit from cloudfront
content-length
3591
x-amz-cf-id
wSxIwBtoKzlSYvzzx3JVz1aKn0jJZcmHC0wbFJSXmcz5qYYqvZbeCw==
date
Mon, 21 Apr 2025 13:35:15 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
MUC50-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&pid=VUSbOPr11miZ9&cb=0&ws=1600x1200&v=25.409.1848&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.2.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-2-156.muc50.r.cloudfront.net
Software
Server /
Resource Hash
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 33dbd20675fb00285d976b6fbceb3f70.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
6xvhLYnsNWnnnb3QPMQPQdx6LhwN2V62YHVDNN2iE35dwSyIrO5idw==
date
Mon, 21 Apr 2025 15:36:40 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
MUC50-P6
server
Server
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: qwxz.itgeekdomain.com
URL: https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.96.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-96-101.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Mon, 21 Apr 2025 15:51:44 GMT
accept-ranges
bytes
content-length
17407
date
Mon, 21 Apr 2025 15:36:44 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: qwxz.itgeekdomain.com
URL: https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-23.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
35581
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
eis7TPaaXeRl9P8wpTpnvjkOHJLopdBl2gyW94QEAwqpoZ5quPCjQw==
date
Mon, 21 Apr 2025 10:36:04 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ 		11 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&_it=amazon&partner_id=403
Requested by
Host: qwxz.itgeekdomain.com
URL: https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
max-age=432000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"ba4f7a703ea78ac1b72b5fe1be4fb407"
age
5732
cf-ray
933df55c4af011e6-LIS
x-amz-request-id
30EQXBDRNZ6CEM59
date
Mon, 21 Apr 2025 15:36:41 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 20:48:49 GMT
server
cloudflare
x-amz-id-2
E1wyDV2o+VqJQ7tPhVoUfnQglCmH0pxoSrhV8lrVIhGvU7XrKdZ0ebL2Oj2x4X2DAM2y5q4hKN4=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: qwxz.itgeekdomain.com
URL: https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
007036d465b81110214bfc2593974dfd94e31304794dd2e2f0a85adf880cf472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-amz-id-2
gXDNV9RWH4cYaiM0BEilth3/TJxTm1AgKiFXrXmintbphJtihAB2kr8IgWrVV5WptFBJeV6hCMQ=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"e080505431750bcc4447c43d487f9da4"
age
3495
x-amz-request-id
MGG01PS1G14FQR0Y
cf-ray
933df55c4e4c03f6-LIS
date
Mon, 21 Apr 2025 15:36:41 GMT
content-type
text/javascript;charset=utf-8
last-modified
Fri, 18 Apr 2025 14:04:56 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: qwxz.itgeekdomain.com
URL: https://qwxz.itgeekdomain.com/ntkyvythxgdshmvvozypsafyjgdslfRR3VvakxOR0tGeEtydXFadnl1N04tMjY1OC0yNjczNzMwOC0xMDIwMDI3YS0zNzM1LVE2elhqbXpOa2FnZEtWYkRJTFJu/rxencmlvegf20u3wpap66ri9i8nrd58tk/uingtt/z8yv14fw1qahe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.96.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-96-101.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Mon, 21 Apr 2025 15:51:44 GMT
accept-ranges
bytes
content-length
5252
date
Mon, 21 Apr 2025 15:36:44 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je54h0h2v9101576445za200&_p=1745249796645&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316~103116025&cid=1697124108.1745249797&ul=pt-pt&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=2&sid=1745249797&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6716
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to
{"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:97:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 15:36:42 GMT
content-type
text/plain
server
Golfe2
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250415.1/main.f49d9d120d738f961843.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.242.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-242-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Mon, 21 Apr 2025 15:36:43 GMT
content-type
application/octet-stream
server
nginx/1.24.0
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.96.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-96-101.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Mon, 21 Apr 2025 15:51:44 GMT
accept-ranges
bytes
content-length
17042
date
Mon, 21 Apr 2025 15:36:44 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.158.223.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
ams02-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Mon, 21 Apr 2025 16:06:45 GMT
access-control-allow-origin
https://paint.toys
content-length
190
date
Mon, 21 Apr 2025 15:36:45 GMT
content-type
application/json
vary
Origin
server
nginx
init-a.js
dl.edge-aicdn.net/assets/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dl.edge-aicdn.net/assets/init-a.js
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
4
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cf-cache-status
HIT
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
1131249
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qelQfXH%2FTL0gqb4rU%2FxPA3iWb9Bh%2BAIX%2BePeLvNQkC4ZWpoA1Onkh3orwsThd5TXgcVIBBBD36VJrvmyK9gMiQlfVIxRNQWSG%2B%2B2ef494MpgU%2Bzds1qzYDdap9LIyVneiV09"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 08 Apr 2025 13:41:18 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=486&min_rtt=484&rtt_var=140&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3795&recv_bytes=2235&delivery_rate=8883435&cwnd=253&unsent_bytes=0&cid=731879d942906c34&ts=64&x=0"
x-goog-stored-content-length
0
date
Mon, 21 Apr 2025 15:36:45 GMT
content-type
text/javascript
last-modified
Fri, 28 Mar 2025 17:38:53 GMT
vary
Accept-Encoding
x-guploader-uploadid
AKDAyIsUJoCBf1KQzIr56yDZJS44XMpRyU6q5h4Clo7TQHMQV3rfxAnHAsV6qG_TCXNQr-6IJwdbXjY
cache-control
public, max-age=1209600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
933df5717a6c4895-LIS
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1743183533533707
content-length
0
server
cloudflare
config-a.js
storage.ml-cachehost.net/lib/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://storage.ml-cachehost.net/lib/config-a.js
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
4
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cf-cache-status
HIT
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
790125
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AYFs7dQK0AeQFu3nFrUJ6UDEbyq%2FqnYlythjebjNohscJiRckJMYArA%2BqUk0NZxUEpjQMoDEw2ZIXf9lWQN5RkWQS2B%2BlgD3Gq3YU4y4YnVxbk%2BQ9nt4an5mVC759XaYqaaFsS8qGfDI2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 12 Apr 2025 12:52:32 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=124&min_rtt=85&rtt_var=44&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3852&recv_bytes=2214&delivery_rate=34204724&cwnd=254&unsent_bytes=0&cid=e9faab31dc6094e4&ts=117&x=0"
x-goog-stored-content-length
0
date
Mon, 21 Apr 2025 15:36:45 GMT
content-type
text/javascript
last-modified
Fri, 28 Mar 2025 17:51:11 GMT
vary
Accept-Encoding
x-guploader-uploadid
AKDAyItlSCvxfabVr8mZYtPuulq2bkU-LfVSXjgqPKdzDUel5hwnuZnkY_kKcD6ecX2t4ue8PE3wp3E
cache-control
public, max-age=1209600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
933df5717ff5338c-LIS
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1743184271495855
content-length
0
server
cloudflare
px.gif
ag.dns-finder.com/ 		0
0
px.gif
ad-delivery.net/ 		43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.11.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
601658
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
43
date
Mon, 21 Apr 2025 15:36:45 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AKDAyIuFzYQ1xoR1iZpvbV8844pMc4azY4os9w5wWwaCCX37Z1vmpYkBwfpyDDLy50Ih6yl3
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
cf-ray
933df5717c25eeea-LIS
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
age
35430
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Tue, 22 Apr 2025 05:46:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Apr 2025 05:46:15 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9340520996164527
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.11.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
601658
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
43
date
Mon, 21 Apr 2025 15:36:45 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AKDAyIuFzYQ1xoR1iZpvbV8844pMc4azY4os9w5wWwaCCX37Z1vmpYkBwfpyDDLy50Ih6yl3
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
via
1.1 google
cf-ray
933df5717c26eeea-LIS
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
paint.toys/ 		615 B
748 B 		Other
General
Check archive.org
Download Go to
Full URL
https://paint.toys/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.186.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
30a007a99e491d9e1b2b72c02e4a8454334c6ea2b3a03316d50135b20464fccc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"6c77abc0123fbfdebbf702a90fb50938-ssl"
age
55511
accept-ranges
bytes
content-length
615
x-nf-request-id
01JSCFX8TN2S64P5EM3VSQD73Q
cache-status
"Netlify Edge"; hit
date
Mon, 21 Apr 2025 15:36:45 GMT
content-type
image/vnd.microsoft.icon
server
Netlify
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.96.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-96-101.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Mon, 21 Apr 2025 15:51:45 GMT
accept-ranges
bytes
content-length
67550
date
Mon, 21 Apr 2025 15:36:45 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&cw=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paint.toys
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 21 Apr 2025 15:36:47 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
194936
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
prebid
id5-sync.com/api/config/ 		194 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
p3p
CP="CAO PSA OUR"
date
Mon, 21 Apr 2025 15:36:46 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.48.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-48-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json;charset=utf-8
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		49 B
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.36.0&coppa=0
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
date
Mon, 21 Apr 2025 15:36:45 GMT
content-type
application/json
vary
origin
any
idx.liadm.com/idex/did-0046/ 		0
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet&resolve=vidazoo&resolve=sonobi&resolve=sharethrough&resolve=triplelift
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
98.80.86.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-80-86-86.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3599, private
trace-id
2053c110a9c3f221
request-time
1
access-control-allow-credentials
true
expires
Mon, 21 Apr 2025 16:36:47 GMT
access-control-allow-origin
https://paint.toys
date
Mon, 21 Apr 2025 15:36:47 GMT
vary
Origin
json
gum.criteo.com/sid/ 		0
0
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 0EC7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.43 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-185-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c16a536e9381a97c5d473a2b70aa9057bceebe38f05bb7d90360c96bff579033

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=88997
content-encoding
gzip
content-length
859
content-type
text/html
date
Mon, 21 Apr 2025 15:36:47 GMT
expires
Tue, 22 Apr 2025 16:20:04 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topics_frame.html
pa.openx.net/ Frame F709 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e821663dddb56fb07c8670392dd396621a47e7816534ba539c02694a115f9254

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
3073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Mon, 21 Apr 2025 14:45:34 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AAO2Vwrzv6Gf0b97UHQfhgY4UsKhWNvpkryN-_Xa8sB6tPYMJkaRJwLlg4MQ1AYHvsanwauynhg-Iz0
cookie_sync
prebid.intergient.com/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.intergient.com/cookie_sync
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc005d7c18c0a6cbbfff91edc3c1068e48f779bec0315f1664161db3721ede76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745249806&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RqEiLxM2H5CHu9jXP1E%2FI1rwzOdZCWKOf51Wf0sncMw%3D"}]}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 21 Apr 2025 15:36:46 GMT
content-type
application/json; charset=utf-8
vary
Origin
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1745249806&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RqEiLxM2H5CHu9jXP1E%2FI1rwzOdZCWKOf51Wf0sncMw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
933df57ccd174610-LIS
access-control-allow-origin
https://paint.toys
server
cloudflare
auction
prebid.intergient.com/openrtb2/ 		423 B
954 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.intergient.com/openrtb2/auction
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9437bbd8e1b411ac2959c5feb149da21e06786134cf9090c103a2f9761da761

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745249806&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RqEiLxM2H5CHu9jXP1E%2FI1rwzOdZCWKOf51Wf0sncMw%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json
vary
Origin
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1745249806&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RqEiLxM2H5CHu9jXP1E%2FI1rwzOdZCWKOf51Wf0sncMw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
933df57ccd144610-LIS
access-control-allow-origin
https://paint.toys
x-prebid
pbs-go/unknown
server
cloudflare
hbjson
grid.bidswitch.net/ 		24 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1088b93c0fce807bec8efb6dc22fb8d4870987824718fc105d4ae55057622805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store, must-revalidate, no-cache
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
fastlane.json
fastlane.rubiconproject.com/a/api/ 		690 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=8338b41d-ff02-4b3b-9291-66b89480402a%5E1%5E%5E%5E%5E%5E&eid_linkedin.com=5e9f8f37-eab8-4f87-a5d4-4f85e2fba794%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v9.36.0&x_source.tid=b47928e5-988c-446e-b2be-b0d745294a2c&l_pb_bid_id=68c78179171d4178&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=4a956735-696f-4ec3-b34c-f294523c2f71&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.14054133259788093
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
b0e3396eaeb6815e8b4ba2b58b5247e41aceb485d162c813237923c5bfebc7fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		522 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=8338b41d-ff02-4b3b-9291-66b89480402a%5E1%5E%5E%5E%5E%5E&eid_linkedin.com=5e9f8f37-eab8-4f87-a5d4-4f85e2fba794%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_btf&tg_i.pbadslot=pw-160x600_btf&tk_flint=pbjs_lite_v9.36.0&x_source.tid=b47928e5-988c-446e-b2be-b0d745294a2c&l_pb_bid_id=69acca5aa29122b&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=e9758a71-f0c5-4e01-86a6-94b92f1b471f&rp_maxbids=1&p_gpid=pw-160x600_btf&m_ch_mobile=%3F0&slots=1&rand=0.6113233231529882
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
5602968f97de9a8d5cad65f93c5d8f84d8bebfada502b686195de940235622b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
522
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		528 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=8338b41d-ff02-4b3b-9291-66b89480402a%5E1%5E%5E%5E%5E%5E&eid_linkedin.com=5e9f8f37-eab8-4f87-a5d4-4f85e2fba794%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_atf&tg_i.pbadslot=leaderboard_atf&tk_flint=pbjs_lite_v9.36.0&x_source.tid=b47928e5-988c-446e-b2be-b0d745294a2c&l_pb_bid_id=7049ffa2456968f8&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=08050e80-d0b0-4782-abd1-a2a019b42be9&rp_maxbids=1&p_gpid=leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.7218822274739041
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
c884a639023a4e6ba8a42318fbaf58ecd4cca97577bbffc5849a3c4fc5875eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
528
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		528 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=8338b41d-ff02-4b3b-9291-66b89480402a%5E1%5E%5E%5E%5E%5E&eid_linkedin.com=5e9f8f37-eab8-4f87-a5d4-4f85e2fba794%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_btf&tg_i.pbadslot=leaderboard_btf&tk_flint=pbjs_lite_v9.36.0&x_source.tid=b47928e5-988c-446e-b2be-b0d745294a2c&l_pb_bid_id=718c8a40d37f9578&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=90be5f9f-4ebb-4cd6-9d92-c3a561a99e13&rp_maxbids=1&p_gpid=leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.5940868540872688
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
c8145f870624e1acc3cf2adc73f5dc16c2248d2139fa41f503840581e5f08a56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
528
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
translator
hbopenbid.pubmatic.com/ 		0
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://paint.toys
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 21 Apr 2025 15:36:47 GMT
server
nginx
playwire
direct.adsrvr.org/bid/bidder/ 		0
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/playwire
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
0
date
Mon, 21 Apr 2025 15:36:46 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
hb-multi
hb.yellowblue.io/ 		84 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-93.fra50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ae7c1a84bb19162d2a978b6b8224e8c9859b3a86562d80d9fec825cd2f8c3a7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 55c4ff21b8d72983466f815563acf5be.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
109
x-amz-cf-id
VRP8J6a9QSCx9z1W42-DQ0OIHkc7An7Jf-B8yXvoMsP_9iR-M5Y_LQ==
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json
x-amz-cf-pop
FRA50-P2
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.36.0&lt=1745249806789&to=0&aun=pw-160x600_atf&pubcid=8338b41d-ff02-4b3b-9291-66b89480402a&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&tId=4a956735-696f-4ec3-b34c-f294523c2f71&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.36.0%22%7D&ogu=null&ns=10240&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36&dnt=0&lang=pt
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.4.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-4-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.36.0&lt=1745249806790&to=0&aun=pw-160x600_btf&pubcid=8338b41d-ff02-4b3b-9291-66b89480402a&gpid=pw-160x600_btf&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&tId=e9758a71-f0c5-4e01-86a6-94b92f1b471f&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.36.0%22%7D&ogu=null&ns=10240&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36&dnt=0&lang=pt
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.4.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-4-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.36.0&lt=1745249806790&to=0&aun=leaderboard_atf&pubcid=8338b41d-ff02-4b3b-9291-66b89480402a&gpid=leaderboard_atf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&tId=08050e80-d0b0-4782-abd1-a2a019b42be9&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.36.0%22%7D&ogu=null&ns=10240&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36&dnt=0&lang=pt
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.4.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-4-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.36.0&lt=1745249806790&to=0&aun=leaderboard_btf&pubcid=8338b41d-ff02-4b3b-9291-66b89480402a&gpid=leaderboard_btf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&tId=90be5f9f-4ebb-4cd6-9d92-c3a561a99e13&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.36.0%22%7D&ogu=null&ns=10240&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36&dnt=0&lang=pt
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.4.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-4-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json;charset=UTF-8
server
nginx
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-78-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-78-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-78-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.78.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-78-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
auction
elb.the-ozone-project.com/openrtb2/ 		145 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.66 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e930c51162bf6c4dfb7d137218120d69c19414bf78ed8576977a55da9f5c5178

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
933df57ecac9b275-LIS
expires
0
access-control-allow-origin
https://paint.toys
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
cloudflare
prebidjs
rtb.openx.net/openrtbb/ 		53 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4df7e33be494be9d06f032c3ab28aa912d802cb92ab39a0dd648f6f1d16a1a39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-forwarded-for
185.128.9.45
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://paint.toys
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
text/plain
vary
Origin
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
0
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
0
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
0
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		864 B
873 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031634
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad6463c491bad3e6ff05176ae83edb501fb1621dd170ae0b0c0ab06582d5eac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bHeozCrQHI3w1Ern6Cd3lWSFAzY9BlRp%2BviZmKIP265wNmZMP3o5TR%2B8zH%2BUpoyIres4rWu6OwuRml4JdrWy0U9ln1abadz2ohPe7zA8e2ZD2rzV1R1fi7b8URrha1RDe6QCa%2B8"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
933df57d0fa7e3d0-LIS
access-control-allow-origin
https://paint.toys
content-length
241
server
cloudflare
prebid
ib.adnxs.com/ut/v3/ 		0
0
v1
match.sharethrough.com/FGMrCMMc/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-206-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5583e27c7e01d6e8014d0ba38ab8a7137f279395504d2ed3a0ef2786cf263ff5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
j
rp.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1745249807201&did=did-0046&se=e30&duid=8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t&tv=9.36.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fqwx...
  • https://rp.liadm.com/j?dtstmp=1745249807201&did=did-0046&se=e30&duid=8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t&tv=9.36.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fqwx...
13 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1745249807201&did=did-0046&se=e30&duid=8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t&tv=9.36.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&cd=.paint.toys&n3pc=true
Protocol
H2
Server
54.197.251.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-251-116.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-pixel-event-id
0b08561e-9de5-4f94-ab88-f901b3a4acbb
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
content-length
13
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
application/json

Redirect headers

access-control-max-age
86400
access-control-expose-headers
*
location
/j?dtstmp=1745249807201&did=did-0046&se=e30&duid=8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t&tv=9.36.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fqwxz.itgeekdomain.com%2F&cd=.paint.toys&n3pc=true
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
content-length
0
date
Mon, 21 Apr 2025 15:36:48 GMT
483.json
id5-sync.com/g/v2/ 		385 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
974b286045e0df13ef32d16ac8d0ce044103be26f9b77a46d39b661f7867137d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Mon, 21 Apr 2025 15:36:47 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
cm
u.openx.net/w/1.0/ Frame 1AD5 		199 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
199
content-type
text/html
date
Mon, 21 Apr 2025 15:36:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
185.128.9.45
usermatch
ssum-sec.casalemedia.com/ Frame E89C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_con...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9bf302a1128b73c5bce9a19b6189d89a09df8bdbc893ee120bc2575143f5cd3

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
933df5844bac4899-LIS
content-encoding
br
content-type
text/html
date
Mon, 21 Apr 2025 15:36:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3DKT47jdFvQJ4hT7VPrwcv%2FwN0EnfRM%2FUAiF%2BhCPJ6x2uufuovwqAuSFcVZGrTV%2F%2BKdmTz0jR1SYqvX1yVncXwbbNoRzDxD2DJVaAGLnRJw%2BlpPVGEDaDL5kF3x4QpFpe3EiqKwQKh1CgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
933df583aafa4899-LIS
content-length
0
date
Mon, 21 Apr 2025 15:36:48 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wg2jELrPydGwl2fdMepyX9Xl617Ju2BYW21Rp0SNmpXkshV0e3jXr3kTrtkU8N%2BV92JbJHKoFaWFI8tm72zBdcwkoF%2BuDVSq2lL1ri6OqHvn8OFQ5cpKnp4qh0s9bayGrmlubgGRq%2FC9Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame E89C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aAZmD7mqPp8AE0GjAW-TEAAA
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aAZmD7mqPp8AE0GjAW-TEAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 21 Apr 2025 15:36:48 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gg9N5NWuHh%2Fl%2FtgWaCyLNqS6nkdP3BGXhAv759fThiTsEExysW3dYJL%2FIWiXPw9%2BHpF9mS517ZDnQ%2F%2BJyMctIT1g1%2BzR6Y%2BPhOM4t%2B1L15gWdtevwe7UjmBW%2F4mKgdSSxXYA02d67zAp3w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Mon, 21 Apr 2025 15:36:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aAZmD7mqPp8AE0GjAW-TEAAA
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
933df5851c474899-LIS
content-length
0
server
cloudflare
dcm
s.amazon-adsystem.com/ Frame E89C 		0
0
pixel
cm.g.doubleclick.net/ Frame E89C 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aAZmD7mqPp8AE0GjAW_TEAAAESMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 21 Apr 2025 15:36:48 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
casale
match.adsrvr.org/track/cmf/ Frame E89C 		0
0
ix
ad4m.at/ad/sim/ Frame E89C 		0
0
pm_match
um.simpli.fi/ Frame E89C 		0
0
crum
dsum-sec.casalemedia.com/ Frame E89C
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70415a3e-1ec6-11f0-bcb1-13a96a9005b1
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70415a3e-1ec6-11f0-bcb1-13a96a9005b1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FuMuzH8gbh%2BJWL1RTsfmw08YFzT1y%2FUeq8XViyVbR9ir7F31T%2BsS%2FBlOr%2BqF%2BLUuvxbmO6b7iQSr9Ckpc3G5qTSU1n4ThCFZ2yMoNgG5zhlvPHZeYdrifIyZEuFQPeKXE09lF89lw%2FwG0A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
933df587be1e4899-LIS
content-length
43
server
cloudflare

Redirect headers

cache-control
max-age=0, private, must-revalidate, no-cache, no-store, must-revalidate, proxy-revalidate
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70415a3e-1ec6-11f0-bcb1-13a96a9005b1
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="NOI OTC OTP OUR NOR"
Date
Mon, 21 Apr 2025 15:36:48 GMT
Content-Type
image/gif
vary
accept-encoding
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E89C 		0
0
setuid
prebid.intergient.com/ Frame E89C 		0
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.intergient.com/setuid?gpp=&gpp=&bidder=ix&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=aAZmD7mqPp8AE0GjAW-TEAAA%264387
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745249808&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JZumPFqqB8LnWvQXyy7%2Ffj6sTX17H5XDggGXCG%2FA8ko%3D"}]}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 21 Apr 2025 15:36:48 GMT
content-type
text/html
vary
Origin
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1745249808&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JZumPFqqB8LnWvQXyy7%2Ffj6sTX17H5XDggGXCG%2FA8ko%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 vegur
cf-ray
933df5856a6e489f-LIS
server
cloudflare
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 9299 		0
0
country
api.btloader.com/ 		37 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7f1e3461861ecd8fbcb25e620b8649a7658ce22428ab0180676b00a58648234

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Mon, 21 Apr 2025 15:36:49 GMT
content-type
application/json
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paint.toys
URL
blob:https://paint.toys/ec9b501a-70fe-4782-9bb5-fce9e48b6923
Domain
ag.dns-finder.com
URL
https://ag.dns-finder.com/px.gif
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&cw=1&lsw=1&gdpr=0
Domain
grid-bidder.criteo.com
URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.36.0&cb=33952825804&lsavail=1&networkId=6163
Domain
exchange.cootlogix.com
URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Domain
exchange.cootlogix.com
URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Domain
exchange.cootlogix.com
URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Domain
exchange.cootlogix.com
URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.36.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&gdpr=false&fledge=true
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aAZmD7mqPp8AE0GjAW_TEAAAESMAAAIB&gpp=&gpp_sid=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale
Domain
ad4m.at
URL
https://ad4m.at/ad/sim/ix
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

231 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| reflect function| OilPainting object| app function| save object| rampjsConfig function| admiral object| googletag string| _pwUserContentEncoding object| PageOS object| rampjsCore number| cmpVersion object| _pwTycheAB boolean| tycheSampling number| tycheSamplingRate boolean| rampSampling number| rampSamplingRate number| _pageViewSR number| _adImpressionSR object| _pwLogger number| _pwFpSampling string| _pwUserCC string| _pwUserBrowserName string| _pwUserDeviceType object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| tyche boolean| pwRAMPInitiated object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime object| ggeac object| google_tag_data object| google_js_reporting_queue object| webpackChunkpageos object| pageos object| __core-js_shared__ object| core object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| apstag object| kinesis object| pbjs object| __pwhbjs boolean| liModuleEnabled object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event function| 4dm1r11545242527 object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha object| cnvr_launcher_options object| __id5_finalization_registry object| ID5 function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_B object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| PublisherCommonId object| conversant object| __bt object| __bt_intrnl object| __bt_tag_d object| publink_options object| coreid object| liQ_instances boolean| __bt_already_invoked

24 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: 3a8d5ece-cf94-41f5-899d-032d74817b4e
.intergient.com/ Name: __cf_bm
Value: .3oHHTjASM5xq1jnGrsnKNtnRQCCW4BK_kknwLajNR0-1745249796-1.0.1.1-z.7fyrM4LGU_GnltUGtkd5M2_cWdT6JuIUm6cqfd1fd1v7.QrBOPp246KMTILZ9K04uDeXHV.oGD0Bjq1rQc1EyBu89oNitofAirEbQisQw
paint.toys/ Name: usprivacy
Value: 1---
.paint.toys/ Name: _ga
Value: GA1.1.1697124108.1745249797
.paint.toys/ Name: _ga_VJBRK9986D
Value: GS1.1.1745249797.1.0.1745249797.0.0.0
.paint.toys/ Name: _ga_CEFZJ359V8
Value: GS1.1.1745249797.1.0.1745249797.0.0.0
.paint.toys/ Name: _awl
Value: 2.1745249799.5-bed01fd6c5a4540ab64704be15cf481d-6763652d6575726f70652d7765737431-0
.paint.toys/ Name: _sharedid
Value: 8338b41d-ff02-4b3b-9291-66b89480402a
.paint.toys/ Name: _sharedid_cst
Value: kSylLAssaw%3D%3D
.paint.toys/ Name: _li_dcdm_c
Value: .paint.toys
.paint.toys/ Name: _lc2_fpi
Value: 8e413bd09c43--01jscfxaban1m5wb7djhb2yp5t
.paint.toys/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1745249806698%7D
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.id5-sync.com/ Name: id5
Value: 08b5d74f-a1c5-7cc8-918e-c59fa6067bb7#1745249807015#1
.the-ozone-project.com/ Name: __cf_bm
Value: msFmJgcZW2tJC6IPClE6PA9t1p8sXaE_.4QNHxJP11g-1745249807-1.0.1.1-lOuleSbRWNfIE5wfDsST_a_ejHJ9I2ogXzZK_U4L9JLQKNQGDwoqctu_O9sj0pTED17VU3nYX5wQnRRW6yaGLyD.R_6xgxr_u1gQTNcvG5g
.casalemedia.com/ Name: CMID
Value: aAZmD7mqPp8AE0GjAW-TEAAA
.casalemedia.com/ Name: CMPS
Value: 4387
.casalemedia.com/ Name: CMPRO
Value: 4387
.liadm.com/ Name: lidid
Value: 3a8d5ece-cf94-41f5-899d-032d74817b4e
.rubiconproject.com/ Name: khaos
Value: M9R8OAFB-W-K0CB
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EiHQ8RXkUfpmBT+ooZ/4y4gF8npzdiGzMeAkg1mPc1icdUtwqHhHUJQSBx2P3in8zPh6cqIxiLHfyKPLRELhl3xIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
prebid.intergient.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJhQVptRDdtcVBwOEFFMEdqQVctVEVBQUFcdTAwMjY0Mzg3IiwiZXhwaXJlcyI6IjIwMjUtMDUtMDVUMTU6MzY6NDguMjg4MzEzNzY2WiJ9fX0=
.adgrx.com/ Name: ADGRX_UID
Value: 70415a3e-1ec6-11f0-bcb1-13a96a9005b1
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1

3 Console Messages

Source Level URL
Text
rendering warning URL: https://paint.toys/oil/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0004C003C300000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ag.dns-finder.com
api.btloader.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cd836371f1d.cdn.intergient.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.intergient.com
cm.adgrx.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
direct.adsrvr.org
dl.edge-aicdn.net
dsum-sec.casalemedia.com
elb.the-ozone-project.com
exchange.cootlogix.com
fastlane.rubiconproject.com
faucetfoot.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
grid-bidder.criteo.com
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.sharethrough.com
pa.openx.net
paint.toys
pixel-sync.sitescout.com
prebid.intergient.com
proc.ad.cpe.dotomi.com
qwxz.itgeekdomain.com
raw.githubusercontent.com
region1.google-analytics.com
rp.liadm.com
rtb.openx.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
storage.ml-cachehost.net
tags.crwdcntrl.net
tlx.3lift.com
u.openx.net
um.simpli.fi
www.googletagmanager.com
ad4m.at
ag.dns-finder.com
exchange.cootlogix.com
fid.agkn.com
grid-bidder.criteo.com
gum.criteo.com
ib.adnxs.com
match.adsrvr.org
paint.toys
pixel-sync.sitescout.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
tlx.3lift.com
um.simpli.fi
104.18.20.56
104.18.21.56
104.18.27.193
104.22.52.86
104.22.74.216
104.26.0.244
104.26.11.184
108.138.36.23
130.211.23.194
141.95.98.65
142.250.184.226
142.250.185.106
142.250.185.72
142.250.186.102
142.250.186.130
142.250.186.142
162.19.138.116
172.64.153.66
172.67.11.120
172.67.36.110
178.250.1.11
178.250.1.56
18.184.206.66
18.245.46.100
185.199.109.133
185.64.189.112
216.239.32.36
216.58.212.163
23.45.96.101
3.33.186.135
3.72.78.234
3.73.242.72
34.36.214.49
34.8.176.186
35.186.253.211
35.244.159.8
35.244.193.51
52.17.48.58
52.19.224.221
52.222.136.93
52.223.6.21
52.85.65.109
52.85.65.39
52.85.67.113
54.192.2.156
54.197.251.116
54.77.4.15
64.158.223.146
67.198.205.86
69.173.156.139
95.100.185.43
98.80.86.86
007036d465b81110214bfc2593974dfd94e31304794dd2e2f0a85adf880cf472
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b35367386570f17ff5be2b4d3f5a9ef2816b7947869005cfae73ec88dcba460
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e43fe4df6e4c9593bb594184ad3b13f849e5b22b623030dea929f2dae7bae8a
0f2603960258dd04339b1635fb441c99d01880948109a27d77f5a175654eb14e
1088b93c0fce807bec8efb6dc22fb8d4870987824718fc105d4ae55057622805
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
1ad6463c491bad3e6ff05176ae83edb501fb1621dd170ae0b0c0ab06582d5eac
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658
2552b2e73a3444d70cd03b3be7e52f93e0fdd0556993d0512bedeaac4660696d
2aed279b0a29e774ca22dafc6a078e7582490608c9d18bda1a138ca55d0d5be9
2d7a19137bad040a0a32de4c9a6d6aed31d607ca1b97912ff04f65bf540e6ece
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
3064aa0f0e8b22f406c231a9331931b472c5067dcb57476a2601ebaeaeebb46a
30a007a99e491d9e1b2b72c02e4a8454334c6ea2b3a03316d50135b20464fccc
31e988de147264b3ff0990eac51ed08398a7346729cbd42b231876431fbb4020
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cf4e88b472433e2273c4de0a7fceb430f0f3ac49425ec77a99697a944d53ec4
3d403581f9c944a398103ba56f99a04d99a9a9814a87b52f83ab8564bb2ed8a2
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4df7e33be494be9d06f032c3ab28aa912d802cb92ab39a0dd648f6f1d16a1a39
50e6b2bccb3f889bf35badc933d9beecd2219914e6ba548166b196a64574ab78
540c25e086f94be80f4ad320bb14d9d0a78685aa6d6aff1b7a6527c5147bb543
5583e27c7e01d6e8014d0ba38ab8a7137f279395504d2ed3a0ef2786cf263ff5
5602968f97de9a8d5cad65f93c5d8f84d8bebfada502b686195de940235622b0
60c7145e43d0d0c098eb46181f23ba7e5a8cb64a21bbd550eb67f100389299e6
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7594b7ee23338f76d0bb4a05eaca3786426b530c0342bceb62312eba506ca327
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676
843b1f9a354b48dac90a3287f0219d215a73fbad39fcaa1ef2f4e2ef272f6f2f
8d7a2ac42be2f8acb22dd52cc3493cb67bd727fde3d8a113e262248c6a2ec236
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
974b286045e0df13ef32d16ac8d0ce044103be26f9b77a46d39b661f7867137d
9944793c8f93f14268d359a9cd5d810c6eeb761b721dd174e2962189ca95f46a
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ad7d0d55c693f50a025e443da2f37eaea32dad37cbfe918cde1717f8f33af733
ae7c1a84bb19162d2a978b6b8224e8c9859b3a86562d80d9fec825cd2f8c3a7b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0e3396eaeb6815e8b4ba2b58b5247e41aceb485d162c813237923c5bfebc7fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7dcc7c56d033ae493bbadf6078dae1bd1e6d1e1a4ad2689f2020c4f1bd41d03
c16a536e9381a97c5d473a2b70aa9057bceebe38f05bb7d90360c96bff579033
c369395c3b2b85cf71e37c1bbf7b96db3c4ee54aa9879001542e4da9608c820d
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c7f1e3461861ecd8fbcb25e620b8649a7658ce22428ab0180676b00a58648234
c8145f870624e1acc3cf2adc73f5dc16c2248d2139fa41f503840581e5f08a56
c884a639023a4e6ba8a42318fbaf58ecd4cca97577bbffc5849a3c4fc5875eca
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
cc005d7c18c0a6cbbfff91edc3c1068e48f779bec0315f1664161db3721ede76
cc50811911c1b2ef14c9277d1e52f0d13664465444f792696c22f86c1ae0ad9a
cce72c91fa1a156aaec5098a8b30934d682220a65040ebdc5b951ebeef56bb35
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d9437bbd8e1b411ac2959c5feb149da21e06786134cf9090c103a2f9761da761
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1f6bb4df43a4e3aded46465e55b8749b64817d13ed9557075c596d218c340
e821663dddb56fb07c8670392dd396621a47e7816534ba539c02694a115f9254
e930c51162bf6c4dfb7d137218120d69c19414bf78ed8576977a55da9f5c5178
e9bf302a1128b73c5bce9a19b6189d89a09df8bdbc893ee120bc2575143f5cd3
ea0b452ea245d3d6dcc6cf5895f136fc7e84a48ca28ed084769bf861aebb2a71
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
f8b3e2bf06580cc9b1bf9f449a6dce5cd1072c11a1e0c62ab3c5ed5f77222662