urlscan.io logo urlscan.io
SecurityTrails logo

paintref.com Open in urlscan Pro
65.181.111.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paintref.com/
Effective URL: https://paintref.com/
Submission: On March 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 22 HTTP transactions. The main IP is 65.181.111.152, located in United States and belongs to WHG-USE1, GB. The main domain is paintref.com.
TLS certificate: Issued by R3 on February 17th 2024. Valid for: 3 months.
This is the only time paintref.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 65.181.111.152 14670 (WHG-USE1)
3 142.250.185.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 173.201.249.4 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.142 15169 (GOOGLE)
22 8
10    65.181.111.152 (United States)

ASN14670 (WHG-USE1, GB)
PTR: mocha3040.mochahost.com
paintref.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    173.201.249.4 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-173-201-249-4.ip.secureserver.net
seal.godaddy.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
10 paintref.com
paintref.com
221 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 719
120 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 138
188 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 godaddy.com
seal.godaddy.com — Cisco Umbrella Rank: 40321
6 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 105
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 112
6 KB
22 7
Domain Requested by
10 paintref.com paintref.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 pagead2.googlesyndication.com paintref.com
pagead2.googlesyndication.com
2 fonts.gstatic.com paintref.com
2 seal.godaddy.com paintref.com
1 lh3.googleusercontent.com paintref.com
1 fonts.googleapis.com
22 7
Subject Issuer Validity Valid
paintref.com
R3		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
mastercert.ext.pki.godaddy.com
Go Daddy Secure Certificate Authority - G2		 2023-09-22 -
2024-10-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://paintref.com/
Frame ID: ED08DE9D8AB5B743CB2C1E574484146C
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PaintRef.com - Automotive Truck Fleet Paint Color Code Cross Reference

Page URL History Show full URLs

  1. http://paintref.com/ HTTP 307
    https://paintref.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

722 kB
Transfer

2590 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paintref.com/ HTTP 307
    https://paintref.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paintref.com/
Redirect Chain
  • http://paintref.com/
  • https://paintref.com/
67 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paintref.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
3cdfcf810c5aafd4b3cf1304a2cf3810daf110730d82b0c881b25ebf798fcba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html
date
Tue, 26 Mar 2024 18:17:03 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent

Redirect headers

Location
https://paintref.com/
Non-Authoritative-Reason
HttpsUpgrades
paintrefmenu.js
paintref.com/paintref/ 		1000 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paintref.com/paintref/paintrefmenu.js
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
bc2442afc9dc619e8ab28699d54ac770313cabdd42ffc48dbdb05e9d84535533

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:03 GMT
content-encoding
br
last-modified
Tue, 26 Dec 2023 14:53:51 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
80046
expires
Tue, 02 Apr 2024 18:17:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a8e814fa18d2bb5d6ebfbb94423b6f3e785f78a3ae4868e080624ef296d8be4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51170
x-xss-protection
0
server
cafe
etag
11674767590037698391
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 26 Mar 2024 18:17:03 GMT
mag.png
paintref.com/graphics/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paintref.com/graphics/mag.png
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
cb77fe30ff9572f4aa6d277b123d21718dae4e69733493b1303d2488b1ae32ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:03 GMT
last-modified
Wed, 16 Aug 2023 19:40:52 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8150
expires
Tue, 02 Apr 2024 18:17:03 GMT
paintsquareclose.jpg
paintref.com/graphics/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paintref.com/graphics/paintsquareclose.jpg
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
f56d5973b2a1832190022a1793a1195afbfe9b4098466020bda7771d8492c096

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
last-modified
Thu, 07 Sep 2023 20:02:19 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3639
expires
Tue, 02 Apr 2024 18:17:04 GMT
paintsquareopen.jpg
paintref.com/graphics/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paintref.com/graphics/paintsquareopen.jpg
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
591c8c1fdba8d162b73e9d871aebd58b3c98911a895e90c98c2494e8145be51d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
last-modified
Thu, 07 Sep 2023 20:02:20 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3631
expires
Tue, 02 Apr 2024 18:17:04 GMT
mag.png
paintref.com/graphics/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paintref.com/graphics/mag.png
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
cb77fe30ff9572f4aa6d277b123d21718dae4e69733493b1303d2488b1ae32ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
last-modified
Wed, 16 Aug 2023 19:40:52 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8150
expires
Tue, 02 Apr 2024 18:17:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4783715416914738&plah=paintref.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bbdc54bf13221b2d5c141fac2068036e55699b113c47f8c78293aaf29fd829af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141513
x-xss-protection
0
server
cafe
etag
8894975461111016674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Mar 2024 18:17:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2724253365399415&num=0&dvc=0&eid=44759876%2C44759927%2C44759842%2C31082032%2C44795921%2C95326315%2C95322329%2C21065725
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 18:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-4783715416914738
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4783715416914738?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4783715416914738&plah=paintref.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa57cfddcd9590b6d6a6584d18eaed12cf38b4c7940158128070d602aee3601e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-k1uZaa1IQvY7ZtHfpWta7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-k1uZaa1IQvY7ZtHfpWta7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDsWBRzwY2gRmLFr1iBADbdjDs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
mustangspecialeditions336.jpg
paintref.com/graphics/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paintref.com/graphics/mustangspecialeditions336.jpg
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
b75b222e4ea43864f8bd762eaa2fe62a318cf06d70198b371f124740addbf825

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
last-modified
Wed, 16 Aug 2023 19:44:01 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
93162
expires
Tue, 02 Apr 2024 18:17:04 GMT
paintsquareopen.jpg
paintref.com/graphics/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paintref.com/graphics/paintsquareopen.jpg
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
591c8c1fdba8d162b73e9d871aebd58b3c98911a895e90c98c2494e8145be51d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
last-modified
Thu, 07 Sep 2023 20:02:20 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3631
expires
Tue, 02 Apr 2024 18:17:04 GMT
paintsquareclose.jpg
paintref.com/graphics/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paintref.com/graphics/paintsquareclose.jpg
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
f56d5973b2a1832190022a1793a1195afbfe9b4098466020bda7771d8492c096

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
last-modified
Thu, 07 Sep 2023 20:02:19 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3639
expires
Tue, 02 Apr 2024 18:17:04 GMT
AGSKWxWB3kfp82NOx1WRfECj4h2n25IuFhgdB2bYul-Yhz-m_HGS_ST3hTHQTBhlesAH-9mnQZyGtxq7okiO14tel3tO6aUKwiAIkNL-dqJLMh27BAruy1qodjmbIf4D0IX2bGBmPKezdg==
fundingchoicesmessages.google.com/f/ 		372 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWB3kfp82NOx1WRfECj4h2n25IuFhgdB2bYul-Yhz-m_HGS_ST3hTHQTBhlesAH-9mnQZyGtxq7okiO14tel3tO6aUKwiAIkNL-dqJLMh27BAruy1qodjmbIf4D0IX2bGBmPKezdg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNDc3MDI0LDU4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludHJlZi5jb20vIixudWxsLFtbOCwiQlhYd0tNQUNvZmciXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyooh4RC1q1pfG_49ALpteblc73hw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56b04ff6afec1736c4bccf6131fa9086486943bc1e0fc0fa8a0df23dfb4cf003
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-M4oRzd3ojhWtFu0xFO4dpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-M4oRzd3ojhWtFu0xFO4dpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw05BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEw7FgUc8GNoEZk7quMgEALAg1wQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
getSeal
seal.godaddy.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seal.godaddy.com/getSeal?sealID=clpqC2r5uNgZAt55TcS4S8E6HJevsgkchgZlV3gAxmR5yEMFWoQPHTA6ir3i
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-249-4.ip.secureserver.net
Software
Apache /
Resource Hash
06fd945b58a9ec68342d0cfa4133e7a966b058001013520736edce77482f3f66

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 18:17:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html
Cache-Control
max-age=14400
Expires
Tue, 26 Mar 2024 22:17:05 GMT
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.BXXwKMACofg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxsy78HEBSOmDEus3whGvvaJblSpg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Mar 2024 18:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 18:17:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Mar 2024 18:17:04 GMT
abC-WffFcS9GABeiZN6xF9w2sVM0anPiTW50aBaUGh_UmHbZMb34aynXZtHyplFtHl0xHBw3AlS3Ppu_s4huobGNjibsh5zVs3dgUqi3Ku9iFEUhvkOlxg=h60
lh3.googleusercontent.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/abC-WffFcS9GABeiZN6xF9w2sVM0anPiTW50aBaUGh_UmHbZMb34aynXZtHyplFtHl0xHBw3AlS3Ppu_s4huobGNjibsh5zVs3dgUqi3Ku9iFEUhvkOlxg=h60
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fd0f9b02ce9d7c9d9e30f4971bcafc922a930d46e895eef5319fcde5be2a9871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 14:38:44 GMT
x-content-type-options
nosniff
age
13100
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8245
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 27 Mar 2024 14:38:44 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
Origin
https://paintref.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 07:57:29 GMT
x-content-type-options
nosniff
age
37175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 07:57:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
Origin
https://paintref.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 07:57:26 GMT
x-content-type-options
nosniff
age
37178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 07:57:26 GMT
AGSKWxUoqiFHy0Dq_-Y5qWavuERw2hFn1H7rx4KZj47zQQJpLBkibxKIDjFkftlhhf3eqMOhhIWsfJufsEiea08stRTUbWNy0o6gLz0b-RzPXqopbf8RG9wcVBKvW2u29yx5B3r-9fZWkQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUoqiFHy0Dq_-Y5qWavuERw2hFn1H7rx4KZj47zQQJpLBkibxKIDjFkftlhhf3eqMOhhIWsfJufsEiea08stRTUbWNy0o6gLz0b-RzPXqopbf8RG9wcVBKvW2u29yx5B3r-9fZWkQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyooh4RC1q1pfG_49ALpteblc73hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pNWGNoRtWsY6OWC2SATJOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Mar 2024 18:17:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-pNWGNoRtWsY6OWC2SATJOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh2PBop4NbAI7prfOZwYAwkgLnw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paintref.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
siteseal_gd_3_h_l_m.gif
seal.godaddy.com/images/3/en/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal.godaddy.com/images/3/en/siteseal_gd_3_h_l_m.gif
Requested by
Host: paintref.com
URL: https://paintref.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-249-4.ip.secureserver.net
Software
Apache /
Resource Hash
1449346947ba3d2266f702cc5488e1a0fb75ef67cdb105d5dbe178eff0af14b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Wed, 27 Mar 2024 18:17:05 GMT
Date
Tue, 26 Mar 2024 18:17:05 GMT
Cache-Control
max-age=86400
Server
Apache
Accept-Ranges
bytes
Content-Length
3827
Content-Type
image/gif
favicon.ico
paintref.com/ 		1 KB
992 B 		Other
General
Check archive.org
Download Go to
Full URL
https://paintref.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.181.111.152 , United States, ASN14670 (WHG-USE1, GB),
Reverse DNS
mocha3040.mochahost.com
Software
LiteSpeed /
Resource Hash
6a4797dc16512b14a8ce9c340578b9789d0ce89418da882545435f6913a80854

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paintref.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:17:05 GMT
content-encoding
br
last-modified
Fri, 18 Aug 2023 19:53:28 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
image/x-icon
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
868
expires
Tue, 02 Apr 2024 18:17:05 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onpagereveal object| a object| b object| c function| initBoxes function| fillBox1 function| fillBox2 function| fillBox3 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state object| google_image_requests function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NzcwNTZlOGFkMTA2OGZlN2xvYWRlcl9qcw== string| NzcwNTZlOGFkMTA2OGZlN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| seal_getFlashVersion function| seal_useFlash function| seal_installSeal function| verifySeal

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
paintref.com
seal.godaddy.com
142.250.185.142
142.250.185.98
173.201.249.4
2a00:1450:4001:806::2003
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:829::200a
65.181.111.152
06fd945b58a9ec68342d0cfa4133e7a966b058001013520736edce77482f3f66
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
1449346947ba3d2266f702cc5488e1a0fb75ef67cdb105d5dbe178eff0af14b2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cdfcf810c5aafd4b3cf1304a2cf3810daf110730d82b0c881b25ebf798fcba9
56b04ff6afec1736c4bccf6131fa9086486943bc1e0fc0fa8a0df23dfb4cf003
591c8c1fdba8d162b73e9d871aebd58b3c98911a895e90c98c2494e8145be51d
6a4797dc16512b14a8ce9c340578b9789d0ce89418da882545435f6913a80854
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
a8e814fa18d2bb5d6ebfbb94423b6f3e785f78a3ae4868e080624ef296d8be4b
b75b222e4ea43864f8bd762eaa2fe62a318cf06d70198b371f124740addbf825
bbdc54bf13221b2d5c141fac2068036e55699b113c47f8c78293aaf29fd829af
bc2442afc9dc619e8ab28699d54ac770313cabdd42ffc48dbdb05e9d84535533
cb77fe30ff9572f4aa6d277b123d21718dae4e69733493b1303d2488b1ae32ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f56d5973b2a1832190022a1793a1195afbfe9b4098466020bda7771d8492c096
fa57cfddcd9590b6d6a6584d18eaed12cf38b4c7940158128070d602aee3601e
fd0f9b02ce9d7c9d9e30f4971bcafc922a930d46e895eef5319fcde5be2a9871