painthy.com Open in urlscan Pro
45.130.41.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rb.gy/3jyanw
Effective URL:
https://painthy.com/amazon-jobs-work-from-anywhere/
Submission: On March 04 via manual (March 4th 2024, 3:56:19 pm UTC) from SG — Scanned from SG

Summary HTTP 175 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 175 HTTP transactions. The main IP is 45.130.41.84, located in St Petersburg, Russian Federation and belongs to BEGET-AS, RU. The main domain is painthy.com.
TLS certificate: Issued by R3 on February 1st 2024. Valid for: 3 months.

This is the only time painthy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.196.211.73 44.196.211.73	14618 (AMAZON-AES) (AMAZON-AES)
35	45.130.41.84 45.130.41.84	198610 (BEGET-AS) (BEGET-AS)
4	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
24	2404:6800:400... 2404:6800:4003:c01::9b	15169 (GOOGLE) (GOOGLE)
11	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4 10	2404:6800:400... 2404:6800:4003:c01::69	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
6 23	2404:6800:400... 2404:6800:4003:c02::9c	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
11	2404:6800:400... 2404:6800:4003:c05::8b	15169 (GOOGLE) (GOOGLE)
35	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
2	142.251.175.94 142.251.175.94	15169 (GOOGLE) (GOOGLE)
12	74.125.68.155 74.125.68.155	15169 (GOOGLE) (GOOGLE)
175	15

1 44.196.211.73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-211-73.compute-1.amazonaws.com

rb.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 45.130.41.84 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.codia2.beget.com

painthy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c04::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2404:6800:4003:c01::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

i.insider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c01::69 (Singapore, Singapore) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4003:c02::9c (Singapore, Singapore) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c02::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c05::8b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2404:6800:4003:c03::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f94.1e100.net

p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	1 MB
35	painthy.com painthy.com	443 KB
23	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	255 KB
21	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647	109 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com	739 KB
12	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
11	insider.com i.insider.com — Cisco Umbrella Rank: 20241	353 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	5 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2760 pixel.wp.com — Cisco Umbrella Rank: 2744	3 KB
1	w.org s.w.org — Cisco Umbrella Rank: 3340	661 B
1	rb.gy 1 redirects rb.gy — Cisco Umbrella Rank: 123269	179 B
175	11

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net painthy.com pagead2.googlesyndication.com tpc.googlesyndication.com
35	painthy.com	painthy.com
24	pagead2.googlesyndication.com	painthy.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
23	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net painthy.com
12	www.googleadservices.com	painthy.com googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net painthy.com
11	i.insider.com	painthy.com
10	www.google.com	4 redirects painthy.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	fonts.googleapis.com	painthy.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com
1	s.w.org	painthy.com
1	pixel.wp.com	painthy.com
1	stats.wp.com	painthy.com
1	rb.gy	1 redirects
175	16

This site contains links to these domains. Also see Links.

Domain
yesijob.com
itjobzy.com
gulfjab.com
feedbegin.com
www.facebook.com
twitter.com
plus.google.com
pinterest.com
www.linkedin.com
www.tumblr.com

Subject Issuer	Validity	Valid
painthy.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.insider.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-04` - `2024-10-05`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://painthy.com/amazon-jobs-work-from-anywhere/
Frame ID: 5098AFDEBA72D780E9B6210A79AEADE0
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: C99506D9F33423EDCE133360CFC8438B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&adk=1812271804&adf=3025194257&lmt=1709567772&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772809&bpp=6&bdt=797&idt=110&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=249843842091&frm=20&pv=2&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=151
Frame ID: CB11B7510498E9E5C0D9D80BC6544863
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=280&slotname=6557565023&adk=4083621110&adf=1732872635&pi=t.ma~as.6557565023&w=760&fwrn=4&fwrnh=100&lmt=1709567772&rafmt=1&format=760x280&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772815&bpp=2&bdt=803&idt=164&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=170
Frame ID: BF1D7F335A71CF8159F4937DC7CAE645
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=198&slotname=8984148311&adk=3405074144&adf=1624500146&pi=t.ma~as.8984148311&w=790&fwrn=4&lmt=1709567773&rafmt=11&format=790x198&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772817&bpp=1&bdt=804&idt=194&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=204
Frame ID: 969822ECE87700B9E0CAF2170E1FF7E8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=190&slotname=3047912464&adk=3212204741&adf=2724231415&pi=t.ma~as.3047912464&w=760&fwrn=4&lmt=1709567773&rafmt=11&format=760x190&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772818&bpp=1&bdt=806&idt=230&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=236
Frame ID: 96C816331897C3D365AFDF227F4D2BD8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=190&slotname=1543259106&adk=2564446532&adf=3941887933&pi=t.ma~as.1543259106&w=760&fwrn=4&lmt=1709567773&rafmt=11&format=760x190&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772819&bpp=1&bdt=806&idt=251&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=255
Frame ID: 668B3C197107B86B32FF88238AEC7E2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=250&slotname=6557565023&adk=931971336&adf=2566144417&pi=t.ma~as.6557565023&w=325&fwrn=4&fwrnh=100&lmt=1709567773&rafmt=1&format=325x250&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772823&bpp=1&bdt=811&idt=344&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190%2C760x190&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&fsb=1&dtd=347
Frame ID: B77276E9C9112A9BA6FF84C841E3A114
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=1118&slotname=9671647671&adk=3302792388&adf=2749042063&pi=t.ma~as.9671647671&w=325&cr_col=1&cr_row=13&fwrn=2&lmt=1709567773&rafmt=9&format=325x1118&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772824&bpp=1&bdt=812&idt=355&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190%2C760x190%2C325x250&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=357
Frame ID: 884BB3BEF9250F25E12A94BEEFAE17DA
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY&co=aHR0cHM6Ly9wYWludGh5LmNvbTo0NDM.&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=normal&cb=8lv2ike2gfvt
Frame ID: 1822C47CA9B6262BEF9D8BB89954BFB7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DFEBB4BF7845FC1B285A232904DF4133
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY
Frame ID: C58BC62C8D0B7B1F4C1802FF8191EE5D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8F33D5590DA2EABAA961BA3AD70EF3F7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F332A0796DF8B37CFCA35DE30A151383
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: F339ACFE290D59BB790DE636014D8121
Requests: 6 HTTP requests in this frame

Frame: https://p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 09ACDD4A0978315612799B81A2454E87
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 97F40124D32C968066EE776D24797676
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 16EA4271AC9E10A931E00D048584F527
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 38D876FE01A6F0F73B7B97835B7846EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 98AE828EBCCB5F9D57162224B59AC049
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 7BE9ED3041A8BD26F28B687C8C256FD7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 5398029B803F4802506739AE2BB58AD9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: E5D511DA1C7D5FB6ED36292CA135100D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0704D9E8EA661906D4FAC794EF67A4EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37228FE4C2F2ED930E82E8DF2480AA22
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

11 Amazon jobs that will let you work from anywhere

Page URL History Show full URLs

https://rb.gy/3jyanw HTTP 301
https://painthy.com/amazon-jobs-work-from-anywhere/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

175
Requests

96 %
HTTPS

53 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

3308 kB
Transfer

8544 kB
Size

8
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://yesijob.com/amazon-is-hiring-for-work-from-home/
Title: Amazon Is Hiring For Work From Home | Salary: $18 Hourly

Search URL Search Domain Scan URL

URL: https://itjobzy.com/150-work-from-home-jobs/
Title: 150 Work From Home Jobs–The Big List You Won’t Want to Miss

Search URL Search Domain Scan URL

URL: https://yesijob.com/19-high-paying-jobs-you-can-get-with-a-2-year-degree/
Title: 19 High-Paying Jobs You Can Get With a 2-Year Degree

Search URL Search Domain Scan URL

URL: https://gulfjab.com/amazon-work-from-home-jobs-what/
Title: Amazon Work-From-Home Jobs: What You Need to Know to Get Hired

Search URL Search Domain Scan URL

URL: https://feedbegin.com/work-from-home-with-zero-experience/
Title: How to Find Legitimate Work From Home with Zero Experience

Search URL Search Domain Scan URL

URL: https://itjobzy.com/deloitte-internship-10-best-deloitte/
Title: Best 5 Companies Hiring for Flood Management Jobs in USA

Search URL Search Domain Scan URL

URL: https://gulfjab.com/high-paying-hsbc-careers-in/
Title: 10 High-Paying HSBC Careers: A Comprehensive Guide

Search URL Search Domain Scan URL

URL: https://feedbegin.com/hiring-seo-expert-marketing-guru/
Title: Hiring SEO Expert: Marketing Guru: Salary $100K per year

Search URL Search Domain Scan URL

URL: https://itjobzy.com/hiring-erp-system-developers/
Title: Hiring ERP System Developers in QATAR, DUBAI, SAUDI ARABIA

Search URL Search Domain Scan URL

URL: https://gulfjab.com/digital-marketing-agency-belgium/
Title: Digital Marketing Agency is Hiring in Belgium: €65K per year

Search URL Search Domain Scan URL

URL: https://yesijob.com/hiring-factory-worker-in-canada/
Title: Hiring Factory Worker In Canada: 1000+ Job Vacancies

Search URL Search Domain Scan URL

URL: https://feedbegin.com/office-jobs-in-australia-visa-sponsor/
Title: Best IT and Office Jobs in Australia: Visa Sponsor: $100K

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://painthy.com/amazon-jobs-work-from-anywhere/

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https://painthy.com/amazon-jobs-work-from-anywhere/%20-%2011%20Amazon%20jobs%20that%20will%20let%20you%20work%20from%20anywhere

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://painthy.com/amazon-jobs-work-from-anywhere/

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://painthy.com/amazon-jobs-work-from-anywhere/&media=https://painthy.com/wp-content/uploads/2024/01/amazon4.jpg

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://painthy.com/amazon-jobs-work-from-anywhere/&title=https://painthy.com/amazon-jobs-work-from-anywhere/

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https://painthy.com/amazon-jobs-work-from-anywhere/&name=https://painthy.com/amazon-jobs-work-from-anywhere/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rb.gy/3jyanw HTTP 301
https://painthy.com/amazon-jobs-work-from-anywhere/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 137

https://googleads.g.doubleclick.net/pagead/adview?ai=CM9PNHe_lZbWuDKLwjMwPvaeHmAvIz7XMa_yg-8K0D_iflphDEAEgtq6xkAEoAmCdAaABz6KqlAHIAQapAkf1gZuHLrI-qAMByAMCqgSWAk_QI9J8AP8nvcm13BIIlNe_2yatY-946RxRMjhOC_weKAlXIiSXV1G9PaEbr5wpLvZHTD6RxUUBPwxHjQ5ypt3Lu4BE1SPz0N84s2S2k4kkK80jUiTRiBdruFOj6zaEKLF0RCdsI4PSloyZJ3azmKMtOw173yYr1quNJKWXmjGUw8v9GIT5NW_cc491Phmm3-mdrK26u7CepdtZALpahGhqwIHnAeDV0PH8XMuMeKSdxvSDdZdf_1bqU7QOSso-_lVXCm8dmkUYvOxRpT_dHw9Gw2gOBbM6HQNgpEuVUahDr5l2ByJ_sML7zQj1ZMgfVhIDRb2KtCkskCo1rtoKpX8pm1u5niX4UFPnXD8TlbxnGuUnDxxUwATwnrawkgSIBdeiivs-kgUECAQYAZIFBAgFGASgBjeAB5il4OsCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQvMAF0ggkCIBhEAEYHzICigI6CYBAgMCAgICAKEi9_cE6WO2M3Z782oQDmgkjaHR0cHM6Ly93d3cuam9ic2Vla2VyLmNvbS9lbi9yZXN1bWWACgHICwHaDBEKCxCA0Ke8t5Tnno0BEgIBA9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi05Nzc5MTM0ODM1NDg5NzgxGAA&sigh=xlEQkh32oko&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqH6NFc3AOyplXgX6KjNnAcjzPzlTDusRsS4IXbqNHO5rEQqE04ouFjTlnCYWX8xnUm9xen_2LSH8NEdXxmMVyJ3Drg6DOxm6mIAcYAQ&template_id=492&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2dfbee0b1e383850000000000000000%22,%222%22:%220x16bf1ad73fa586a40000000000000000%22,%223%22:%220x84fe219ba08a90070000000000000000%22,%224%22:%220xd1543968d66351a70000000000000000%22,%225%22:%220xeba0b7764559b7130000000000000000%22},%22debug_key%22:%2214365888264612103708%22,%22debug_reporting%22:true,%22destination%22:%22https://jobseeker.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22311071055%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223533479135146887777%22}&andc=true

Request Chain 138

https://googleads.g.doubleclick.net/pagead/adview?ai=CooDNHe_lZbWuDKLwjMwPvaeHmAvBo9S_dY-YwamVEpOe0vnlQBACILausZABKAJgnQGgAY7io_EpyAEGqQLAK71JV6aCPqgDAcgDAqoElgJP0H3BdQD8J73JtdwSCJTXv9smrWPveOkcUTI4Tgv8HigJVyIkl1dRvT2hG6-cKS72R0w-kcVFAT8MR40Ocqbdy7uARNUj89DfOLNktpOJJCvNI1Ik0YgXa7hTo-s2hCindEQTBy-I0JaMmSd2s5ijLTsNe98mK9arjSSll5oxlMPL_RiE-TVv3HOPdT4Zpt_pnayturuwnqXbWQC6WoRoasCB5wHg1dDx_FzLjHikncb0g3WXX_9W6lO0DkrKPv5VVwpvHZpFGLzsUaU_3R8OB497CAWzOh0DYKRLlVGoQ6-ZdgdLJ9SswM1SyxjeJ1ZGBCPQhbR1L5AqNa7aXqIZRJRbuZ4l-EgH3HMHE5W8ZxrOFSxLb8AE0I724NUEiAWhxe-HTZIFBAgEGAGSBQQIBRgEoAY3gAeOmvTQBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEELzABdIIJAiAYRABGB8yAooCOgmAQIDAgICAgChIvf3BOljtjN2e_NqEA5oJFGh0dHBzOi8vYnVtby5haS9jaGF0gAoByAsB2gwQCgoQ4Kal7Za94apfEgIBA9gTDIgUB9AVAYAXAbIXHAoaCAASFHB1Yi05Nzc5MTM0ODM1NDg5NzgxGAA&sigh=qDduW3s-fqQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqH6NFc3AOyplXgX6KjNnAcjzPzlTDusRsS4IXbqNHO5rEQqE04ouFjTlnCYWX8xnUm9xen_2LSH8NEdXxmMVyJ3Drg6DOxm6mIAcYAQ&template_id=492&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xab9f17f47f74fc00000000000000000%22,%222%22:%220xbb2e7f59a760dad00000000000000000%22,%223%22:%220x56ee07ff28e7d6ee0000000000000000%22,%224%22:%220x1bfdae62459ca9ac0000000000000000%22,%225%22:%220x6a63537bbd8222270000000000000000%22},%22debug_key%22:%2216860117196185812551%22,%22debug_reporting%22:true,%22destination%22:%22https://bumo.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211243417870%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217495465363437563985%22}&andc=true

Request Chain 140

https://googleads.g.doubleclick.net/pagead/adview?ai=CkfD8He_lZcEjqq7zwQ_OtomQA4mk3Y92lO-f9uUSZBABILausZABYL8FoAGv8bj0KMgBAqgDAcgDyQSqBIICT9A_obKtszOy_2oHop3S3a-el1sTE2YcRNcRVCZgM_hD4vSy6H03doI0iLStRCvB2NgucrQex7P_QN0854E6OyRVp6LWFSO3Jr3uPSrSlJorWj1QRGgVDWlFoHszh2pCfmj-A3zBFwoREPN8EcUl8vLtv3FBwj2NNYXbAdWyK2wcMWGBGXQlIv-UgKbyFn8re23KZo1nXbcTedzFLytqh2sDbmUbMkFhdIyJ2Cw0RbKJZUapirGjoUsBV5Z6KmrAPrsBF02XdioFGl2aty1FRoiEtA6Vba_iLYcc9T61QquFsqW_dqGlCuASBSvJx9rZG6-oXx9qCcnaocFKVY6D3XUkwAT_5u7e2ASIBfKul5NOkgUECAQYAZIFBAgFGASgBgKAB6-pidQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQx4sF0ggkCIBhEAEYHzICigI6CYBAgMCAgICAKEi9_cE6WMv50J782oQDmgnIAWh0dHBzOi8vb21vLWFwcC5pby8_YnJhbmNoLW5hbWU9YmxvY2tlcnMmdGVzdC1uYW1lPWdvMmhhbiZ0cmFjaz10cnVlJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwOTc4MTk0MjkwJmFkZ3JvdXBfaWQ9MTYxMjYwMjIxMzExJmFkX2lkPTY4OTQ5NzMwMjQwNCZ1dG1fdGVybT0mcGxhY2VtZW50PXBhaW50aHkuY29tgAoByAsB2gwQCgoQkMO36aP4sYZgEgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05Nzc5MTM0ODM1NDg5NzgxGAA&sigh=saTblc6F2cM&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq8YMSXCXY0WzTMXXJT-bLLZaLj9ad5bPHuxHCLd_8dVQ5F8z7OjmDpW_YGsBx2jB__23WRz2KZSEa8FTV84Nukdjyy_X08k-zFBgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96904f8489c73af00000000000000000%22,%222%22:%220x1ac8f747194584e50000000000000000%22,%223%22:%220xd215c808ee15b2370000000000000000%22,%224%22:%220x760cd3032d6dca960000000000000000%22,%225%22:%220x10c9815b147d91e20000000000000000%22},%22debug_key%22:%2213503241030698225208%22,%22debug_reporting%22:true,%22destination%22:%22https://omo-app.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210981619887%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229028774489585648881%22}&andc=true

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://googleads.g.doubleclick.net/pagead/adview?ai=C5QiXHe_lZfi5BMOzjMwP5u2Q6A_CsL2ddqSloOm3EuvA7LOQDhABILausZABYL8FoAHv2sjXAcgBAqkCi7kG-0q-qD6oAwHIA8kEqgT_AU_QzePqqthLxjAELEvyqdu8CCYirYm0QAI0twri0G6yswOdLM7bg5do89SH38kQb9BIgUTlWrrjUO-xMRr6Zre5d7c_l5ys_uCmTnijqOWlKBhhhUXjSx-GZ7771Apy2ADd_ulAGxTUCnwAtG-m92rMQoNHt5wXOA0yTpZFIPLZoKYCqqvHDjQDmuoU1CYXJTM3w-G7DZfT89rrtVCOqTCj3r1YeciwH2xi8PSld832EPi6R6EJ_VeLRadJS_gGRaL35w0lYusDylPCsvkzGF4Gk-LW1JwzZFsC-FH14kVpSPK3_qaB5aaq5PdjD_r4raLWT1-t7-dZH1fEPefQxcAEnpWPs8IEiAXxu7DxTJIFBAgEGAGSBQQIBRgEoAYCgAf5pLeoAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEELiRBtIIJAiAYRABGB8yAooCOgmAQIDAgICAgChIvf3BOliBntWe_NqEA5oJX2h0dHBzOi8vaW5zdGFsbGFwcHMuY29tL3JlZ2lzdGVyLW5vdy8_Y2FtcGFpZ25pZD0yMDYzODg2NjkyOSZwbGFjZW1lbnQ9cGFpbnRoeS5jb20mZGV2aWNlbW9kZWw9gAoByAsB2gwQCgoQwN3pm-bD27szEgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05Nzc5MTM0ODM1NDg5NzgxGAA&sigh=ZAb2A9XcoDA&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq10GeQlIm_wXmJuhikiwjDrBe6AkxWv3Yg5n4u48Uv4B6Mo1x4pn0Swef_tA6kFyC0I2bydoJ8ajT7Un-QNvMnLm89Kb1Uhc-cBgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xce8ac1e99731166c0000000000000000%22,%222%22:%220xb6637a182e2b73e30000000000000000%22,%223%22:%220x92d12a868ea6032e0000000000000000%22,%224%22:%220xb524f37f115e8dcb0000000000000000%22,%225%22:%220xe7477345406c459c0000000000000000%22},%22debug_key%22:%224631215218927715435%22,%22debug_reporting%22:true,%22destination%22:%22https://installapps.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22452078959%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22383463178295772369%22}&andc=true

Request Chain 149

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvx53He_lZYTSApfPjMwPna6DsAnrqImuc7zxz8bmEc-u8_0IEAEgtq6xkAFgnQGgAbXlyosDyAECqAMByAPJBKoE-wFP0HXpjrvjIqjYc5h96900sBmaeGIzxW5J772Y6IyfkKqQerMoA8A_bF31ppk5WiQMXgt_s_RYHrOunPY3JgYpFvK64ge8wMf_9EBFNDQbIyKy1-OKrxGg828jWWhqpmWtFV8nbjOHMELZeM_gGFige7SSsQnOrXWBg97Lvu6jiLwuRPG5oCV7TnB2d1yNxJhAzv3yisrOyciff7Va60E2_Z9giPqPAzURSY1o9WvgrznZovzPxRZglD9u6HScNW6Rtfa81Yyecx3sifhTSDr1OuxIlRrNb_L3K0buF8Rnw-KI3FN_VYoXJlyl6s69onBaN07v_jrzyqooE8AEuO2-9LgBiAXlo8TbA5IFBAgEGAGSBQQIBRgEoAYCgAezmrV0qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQtLQI0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WK-x05782oQDmgkcaHR0cHM6Ly93d3cucmVzdW1lY29hY2guY29tL4AKAcgLAdoMEAoKEJD0lqrwgei9MxICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTc3OTEzNDgzNTQ4OTc4MRgA&sigh=fB_rt3G7hFw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqiDBIChCls4TD3boJH81NkMw9g97Od8zT-RiaUw0bLpt2vLxGuykFVDSfCUHSKnEr0pQuP2ZESVFRXq8DbZgvP_5hZYoQUYej4zkYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xed51512714f77f9d0000000000000000%22,%222%22:%220x4f76150aa1bc26f30000000000000000%22,%223%22:%220x816c5a37ea7ffa570000000000000000%22,%224%22:%220xfef6023cbc29a6e80000000000000000%22,%225%22:%220xb9a095e67870d2610000000000000000%22},%22debug_key%22:%221161573194201703903%22,%22debug_reporting%22:true,%22destination%22:%22https://resumecoach.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22829600437%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229596745045519275825%22}&andc=true

Request Chain 151

https://googleads.g.doubleclick.net/pagead/adview?ai=CGyZGHe_lZZnfC97JjMwPyeG4wA-JpN2PdpT-n_blEmQQASC2rrGQAWC_BaABr_G49CjIAQKoAwHIA8kEqgSCAk_Qi240iYRhqneuc7PyoK9EdK6S2zHBMgc8vvy0FKjcPKfMenS1a6f7FI7u99Nic3H-fgHFtK_tFl_qbYXw9BhqGqxLLzT-uo5ypSfF6nSE4-XH5f3zZLFkCPD0QUDYbgQOUt3indsOMznNz78KkBl_dOH_gEkI9SV0lEo2079t3LchAGE9cT0ZoajyyBAHCtcNHxuAlWWzvAlgcGDIh3h5G4dmRGb0LFS_0kwzN86_Wss8Wk9WFK_V3Q0JRePbMim3ScIU1StUcyMHLG7l27ZXx4VZeiUZkyBgEVwkltqI54vRFSkQOJBTqupf-Rn8tsFVEe1GXNgBtQOKZIUuFxM2EMAE_-bu3tgEiAXyrpeTTpIFBAgEGAGSBQQIBRgEoAYCgAevqYnUA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEIuEBNIIJAiAYRABGB8yAooCOgmAQIDAgICAgChIvf3BOli6uNye_NqEA5oJyAFodHRwczovL29tby1hcHAuaW8vP2JyYW5jaC1uYW1lPWJsb2NrZXJzJnRlc3QtbmFtZT1nbzJoYW4mdHJhY2s9dHJ1ZSZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZjYW1wYWlnbl9pZD0yMDk3ODE5NDI5MCZhZGdyb3VwX2lkPTE2MTI2MDIyMTMxMSZhZF9pZD02ODk0OTczMDI0NzYmdXRtX3Rlcm09JnBsYWNlbWVudD1wYWludGh5LmNvbYAKAcgLAdoMEAoKEPDIvtzelP3dHRICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTc3OTEzNDgzNTQ4OTc4MRgA&sigh=SVDoGvGtCeE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqrEWq26kYU0kqGLAaHTeRzqfae9Q0wrelS0EAPukr8cwLoWJrlVL277SNUpi3vhCG9Ts8S_zhU8oqPDIEKNh3kNeiK1-DwZimPeYYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96904f8489c73af00000000000000000%22,%222%22:%220x1ac8f747194584e50000000000000000%22,%223%22:%220xd215c808ee15b2370000000000000000%22,%224%22:%220x760cd3032d6dca960000000000000000%22,%225%22:%220x10c9815b147d91e20000000000000000%22},%22debug_key%22:%225185243384403363821%22,%22debug_reporting%22:true,%22destination%22:%22https://omo-app.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210981619887%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221282559623837736753%22}&andc=true

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

175 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
painthy.com/amazon-jobs-work-from-anywhere/
Redirect Chain

https://rb.gy/3jyanw
https://painthy.com/amazon-jobs-work-from-anywhere/

117 KB
24 KB

1455ms
1036ms

Document
text/html

45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: 1cbad15280ed20f2fbc36feb85a93ca87b646e7f3b707877121e329d9d12410c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 15:56:11 GMT
link: <https://painthy.com/wp-json/>; rel="https://api.w.org/" <https://painthy.com/wp-json/wp/v2/posts/4785>; rel="alternate"; type="application/json" <https://painthy.com/?p=4785>; rel=shortlink
server: nginx-reuseport/1.21.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

cache-control: no-cache, no-store
content-length: 0
date: Mon, 04 Mar 2024 15:56:10 GMT
engine: Rebrandly.redirect, version 2.1
expires: -1
location: https://painthy.com/amazon-jobs-work-from-anywhere/
strict-transport-security: max-age=15552000

GET
H2 200 style.min.css
painthy.com/wp-includes/css/dist/block-library/ 108 KB
14 KB 215ms
212ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 19:30:06 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba9fbe-1ae43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
painthy.com/wp-includes/js/mediaelement/ 11 KB
3 KB 215ms
212ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 11:58:07 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a611cf-2bf8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 wp-mediaelement.min.css
painthy.com/wp-includes/js/mediaelement/ 4 KB
1 KB 216ms
213ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.3
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 11:58:07 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a611cf-105a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
847 B 20ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A%2C400%7CPoppins%3A%2C400%7CPoppins%3A%2C400%2C%2C400&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Cvietnamese&ver=1.6

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee534ebd2a20259114de62ebbddca7e8b19f6948ac9654f36f9c056f254bf571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:56:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 15:56:12 GMT

GET
H2 200 bootstrap.css
painthy.com/wp-content/themes/disto/css/ 221 KB
34 KB 215ms
213ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6c38dc17dbebb7e00014f3ea1025d5bb245baff733b50069eff5403b5dfaeeb8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-373fb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 style.css
painthy.com/wp-content/themes/disto/ 733 KB
89 KB 216ms
213ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/style.css?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ceee574841dd9f8ff1f1d23a93e3115a2c6b0392f804f3c6b35fd6c53d754073

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-b7494"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 responsive.css
painthy.com/wp-content/themes/disto/css/ 93 KB
13 KB 216ms
213ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/css/responsive.css?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: dc94b334bdbade3c6e278dcb6568556f0ce413d97a49d046e94a67f56472f0ff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-17598"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 jquery.min.js Show response
painthy.com/wp-includes/js/jquery/ 86 KB
30 KB 216ms
214ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 18:31:50 GMT
server: nginx-reuseport/1.21.1
etag: W/"654bd416-15601"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
painthy.com/wp-includes/js/jquery/ 13 KB
5 KB 216ms
214ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 07:30:14 GMT
server: nginx-reuseport/1.21.1
etag: W/"64d34086-3509"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 script.min.js Show response
painthy.com/wp-content/plugins/cookie-law-info/lite/frontend/js/ 19 KB
7 KB 216ms
214ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.1.8
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: aaa98cf9a1d05fcc65d948ce5712cf5ffee25659b1ab42553f1d60222ba0bb35

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 24 Jan 2024 08:29:44 GMT
server: nginx-reuseport/1.21.1
etag: W/"65b0ca78-4af1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 44ms
24ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9779134835489781

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e867668172b74cf750119a2fb530c068712ab2e4ec90447c49b00176e2300a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Origin: https://painthy.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51326
x-xss-protection: 0
server: cafe
etag: 10868813070132233859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 04 Mar 2024 15:56:12 GMT

GET
H2 200 logo-painthy.png
painthy.com/wp-content/uploads/2022/07/ 3 KB
4 KB 675ms
674ms Image
image/png 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painthy.com/wp-content/uploads/2022/07/logo-painthy.png
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 566165820cb347905665472e5e57227f1a034c64299787686311ffa124d9082b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
last-modified: Wed, 06 Jul 2022 23:14:45 GMT
server: nginx-reuseport/1.21.1
etag: "62c61765-d7f"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3455
expires: Wed, 03 Apr 2024 15:56:12 GMT

GET
H2 200 amazon4-1000x567.jpg
painthy.com/wp-content/uploads/2024/01/ 40 KB
40 KB 216ms
215ms Image
image/jpeg 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painthy.com/wp-content/uploads/2024/01/amazon4-1000x567.jpg
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2b3ecc048a06e3d533fb7b6351afe165c9443cc4b2a49962a508deb63c8498fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
last-modified: Sat, 27 Jan 2024 18:15:16 GMT
server: nginx-reuseport/1.21.1
etag: "65b54834-a0b5"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 41141
expires: Wed, 03 Apr 2024 15:56:12 GMT

GET
H2 200 5a58e31d28eecc6c0f8b484f
i.insider.com/ 28 KB
28 KB 20ms
4ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a58e31d28eecc6c0f8b484f?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ac7a16059a4a1168d45a7f8ba027c752ed631f01206d81be0a7ba5414cb6834

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-link: https%3A%2F%2Fwww.flickr.com%2Fphotos%2Fstrelka%2F27225305904%2F
x-amz-meta-x-description: working+woman+laptop
fastly-io-served-by: vpop-kiad7010226
x-amz-request-id: Y702NMD1E005DD4Z
age: 480497
x-amz-meta-x-image-width: 910
fastly-io-info: ifsz=1153309 idim=910x683 ifmt=png ofsz=28482 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 28482
x-amz-id-2: Dwn03Ks2Dzv2qHCT1Qsr0Cumt4Yz2I9lQPEi67zl5FTHM3TB46Q9b74IPwrW+TXBSZNwPsImqXc=
x-served-by: cache-iad-kiad7000160-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Gleb+Leonov%2FStrelka+Institute%2FFlickr
x-amz-meta-x-image-height: 683
server: AmazonS3
x-timer: S1709567772.035900,VS0,VE1
etag: "C2KWqUPnkL97Xv2TP2WEkwaXNki5qWkMCd7VYY6nh2U"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 10, 1

GET
H2 200 5a61f3bc00d0ef91048b474e
i.insider.com/ 19 KB
19 KB 7ms
6ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61f3bc00d0ef91048b474e?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b4afaba06a17bf52f333ce73b8b3e175348e0c8efecb4447ea0909ce4a62d27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: Canada+Canadian+woman+maple+leaf
fastly-io-served-by: vpop-kiad7010250
x-amz-request-id: QSY6V3RA2X2FZR6Z
age: 187552
x-amz-meta-x-image-width: 1747
fastly-io-info: ifsz=2289151 idim=1747x1310 ifmt=png ofsz=19066 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 19066
x-amz-id-2: eE6J2Jc8a97B7BluITDn6Izh3/dHGq6BmvwvvaAvStBwf36PDYVJ4lvnFedETwwgNYuKq61Lk04=
x-served-by: cache-iad-kcgs7200164-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Kevin+Frayer%2FAP+Images
x-amz-meta-x-image-height: 1310
server: AmazonS3
x-timer: S1709567772.049080,VS0,VE4
etag: "MRxGqSKuyhWBCVseGkTQRCG3oXzdeKSSiGWWwsZXvas"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 31, 1

GET
H2 200 5a61f57500d0ef6f048b4755
i.insider.com/ 24 KB
25 KB 5ms
5ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61f57500d0ef6f048b4755?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39f248b63346ef7c082049f75b448d4c14790f1bf5184e9eb111a4bbccc1103c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: work+from+home
fastly-io-served-by: vpop-kiad7010215
x-amz-request-id: 91D14NJJEHRM4RN5
age: 294885
x-amz-meta-x-image-width: 889
fastly-io-info: ifsz=940472 idim=889x667 ifmt=png ofsz=24724 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 24724
x-amz-id-2: Sxa87Tx6j46bbvwylgHvK3pbGfzFm0Mr+NmNUcH0/Xsoyp5lR3uzm3owyPX8VEJibPYqJUWGceY=
x-served-by: cache-iad-kcgs7200138-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Stock+Rocket%2FShutterstock
x-amz-meta-x-image-height: 667
server: AmazonS3
x-timer: S1709567772.059651,VS0,VE2
etag: "s/Z1R30r8WWG30Kdxxn3ol3PbytAJZQyqHs/hcWqpGE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 15, 1

GET
H2 200 5a61f58900d0ef91048b4753
i.insider.com/ 78 KB
79 KB 11ms
6ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61f58900d0ef91048b4753?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e2ce796e54f5e091dd8ccc1a30cee28b40e8886af5df03f7e420296d5709735

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: man+desk+work+from+home+tech+laptop+computer
fastly-io-served-by: vpop-kiad7010214
x-amz-request-id: P7JJ3RD88BEBM3H5
age: 4463
x-amz-meta-x-image-width: 911
fastly-io-info: ifsz=1365180 idim=911x683 ifmt=png ofsz=80048 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 80048
x-amz-id-2: 3x+0djvFhIxphnYAQOV7PexF4XioAmd6Iay/oqM7PdcB0ckZIMJHEGyaSnQ/AIqU3aCUjB4zzc0=
x-served-by: cache-iad-kjyo7100100-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Omar+Havana+%2F+Stringer+%2F+Getty+Images
x-amz-meta-x-image-height: 683
server: AmazonS3
x-timer: S1709567773.722107,VS0,VE2
etag: "vmhjXKA5WNoY6zLmEeDNRJ1xxWTEABF1eShJGFChfls"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 87, 1

GET
H2 200 5a61f66700d0ef1d008b47ba
i.insider.com/ 35 KB
36 KB 34ms
30ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61f66700d0ef1d008b47ba?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23ee66a86b5d4d0f347fac6beb80b0aa495fdd3db044d46a66d84d0679607e06

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: woman+computer+laptop+work+from+home
fastly-io-served-by: vpop-kiad7010229
x-amz-request-id: KSEFQN4141AH365Q
age: 297853
x-amz-meta-x-image-width: 889
fastly-io-info: ifsz=1087305 idim=889x667 ifmt=png ofsz=36214 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 36214
x-amz-id-2: vft6556nIYXKy7yfRIsPjn9y51F1OHgugNo71UVexgPB77+LzWbBAVD92fsINOgYnQnH0kAmU00=
x-served-by: cache-iad-kcgs7200064-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: DouglasJennifer%2FShutterstock
x-amz-meta-x-image-height: 667
server: AmazonS3
x-timer: S1709567773.722081,VS0,VE2
etag: "2HsUyUSSCy2DpZmGvkD17Zq+w5fckZZVEDUm2mdcO/E"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 38, 1

GET
H2 200 5a61f712a244441d008b47be
i.insider.com/ 19 KB
19 KB 8ms
5ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61f712a244441d008b47be?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24364ac89cfd69f60eab8e59f971adbb1da72f05dc862af71703545f3d720278

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: man+laptop+computer+work+from+home+tech
fastly-io-served-by: img04-us-east4
x-amz-request-id: TPEB083FRDNQ2HKH
age: 363913
x-amz-meta-x-image-width: 1000
fastly-io-info: ifsz=1085642 idim=1000x750 ifmt=png ofsz=19368 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 19368
x-amz-id-2: Nced1YjD/jpa+mlGgvOAgBkqWzf9OOX1cpq2pTPnAeY9cWxanK5MY3MV4zlVTPimzvP4SAIP8zo=
x-served-by: cache-iad-kiad7000040-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Rawpixel.com%2FShutterstock
x-amz-meta-x-image-height: 750
server: AmazonS3
x-timer: S1709567773.722043,VS0,VE2
etag: "Obt+YiNf/2AAv1CmO5OEFwJ8pKG/h8Sf23gMkMzCOV0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 77, 1

GET
H2 200 5a61fa3e00d0eff6048b4735
i.insider.com/ 28 KB
28 KB 26ms
22ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61fa3e00d0eff6048b4735?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b74367341607264b2d54c41f17fb5b6918ba49e4901e67c427816c2ae47946f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: man+computer+laptop+work+from+home
fastly-io-served-by: vpop-kiad7010247
x-amz-request-id: P69KQW17ZR86YVE3
age: 152811
x-amz-meta-x-image-width: 889
fastly-io-info: ifsz=1015493 idim=889x667 ifmt=png ofsz=28308 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 28308
x-amz-id-2: 0cIjZEB+qHhAATKygd4AYZXMheP5Xui5aamg3PkRQ5knpGsTMn67Dv01EZcGN++yfEzB/sl57ts=
x-served-by: cache-iad-kiad7000077-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Tim+Gray%2FShutterstock
x-amz-meta-x-image-height: 667
server: AmazonS3
x-timer: S1709567773.722862,VS0,VE1
etag: "lMnvela55llIOFHqMD+9l+0C9DJsTnG62z/HEwKc+jU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 76, 1

GET
H2 200 5a61fb29a2444426008b4825
i.insider.com/ 24 KB
25 KB 31ms
27ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61fb29a2444426008b4825?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f1c6b2c2683d13d4d299d8ad10caba2a2238130fd39f9a470d6bc6a706fafc3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: man+computer+work
fastly-io-served-by: vpop-mnz1300712
x-amz-request-id: PND21Y9F2087V1B9
age: 442242
x-amz-meta-x-image-width: 886
fastly-io-info: ifsz=853209 idim=886x664 ifmt=png ofsz=24830 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 24830
x-amz-id-2: ppO/KanQI43x6TmjffI4aI9kM1Ta8kZsD+Yqbf0Goub47ehmOrI0POT4w/KhkrGC71njEmOHMP0=
x-served-by: cache-iad-kiad7000167-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Ilze+Filipova%2FShutterstock
x-amz-meta-x-image-height: 664
server: AmazonS3
x-timer: S1709567773.722881,VS0,VE2
etag: "zqXaNjMGnvKVkKZEkPzGPxVSvGYgvlBM9/TiY9a4njU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 35, 1

GET
H2 200 5a61fc5400d0ef32018b4793
i.insider.com/ 37 KB
37 KB 36ms
33ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61fc5400d0ef32018b4793?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 131e4d9b107467e5301263e6a7cee833fbba9f58a51a321e21e41857e939cbd0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: woman+laptop+computer
fastly-io-served-by: vpop-kiad7010251
x-amz-request-id: 38BD01CEC1CXT007
age: 453478
x-amz-meta-x-image-width: 889
fastly-io-info: ifsz=995346 idim=889x667 ifmt=png ofsz=37728 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 37728
x-amz-id-2: 6OVwJ9nmURG/veCPY2zIfwWXEq2QvI3yMbPm0ZbJP4hLK1vpVQT8EoyPwq9gk1hfmO4bGrU1r2I=
x-served-by: cache-iad-kiad7000118-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Alissa+Kumarova%2FShutterstock
x-amz-meta-x-image-height: 667
server: AmazonS3
x-timer: S1709567773.722827,VS0,VE3
etag: "DlfUbzdmYReoaqfHj6fkQ1TJXTwmIU6hVe6wBNergYI"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 82, 1

GET
H2 200 5a61fd8a00d0ef84008b47dc
i.insider.com/ 24 KB
24 KB 22ms
19ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61fd8a00d0ef84008b47dc?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb149c853c7175821da2775dcf4f35e80f9d84d341f1b5a10880fe03e3a3c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: woman+laptop+computer
fastly-io-served-by: vpop-kiad7010212
x-amz-request-id: 55M095KBMDA2AK9N
age: 500972
x-amz-meta-x-image-width: 889
fastly-io-info: ifsz=1006233 idim=889x667 ifmt=png ofsz=24072 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 24072
x-amz-id-2: PvUODRCunpMsCIbOe2xVn7fi1y6iaW4kIJHMifjFjajBWV4zBkodIhsRXBs8L2/Vl3evccP3eE4=
x-served-by: cache-iad-kiad7000066-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: Dean+Drobo%2FShutterstock
x-amz-meta-x-image-height: 667
server: AmazonS3
x-timer: S1709567773.722813,VS0,VE1
etag: "kaIgV5hh1X6iN/DBvNMoJ0mYDlsuWK7vsTK2qvlIqR8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 12, 1

GET
H2 200 5a61fdb5a244448d048b47a5
i.insider.com/ 33 KB
34 KB 24ms
22ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.insider.com/5a61fdb5a244448d048b47a5?width=800&format=jpeg&auto=webp
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef2a23ace0fc097bdaf8ce3a59c7acff6fc0a78fd3a9869309ed7fcb5c462e25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-meta-x-description: man+computer+laptop+work+from+home
fastly-io-served-by: vpop-kiad7010213
x-amz-request-id: PBNSBXX7YC323WKT
age: 458426
x-amz-meta-x-image-width: 889
fastly-io-info: ifsz=1102647 idim=889x667 ifmt=png ofsz=33890 odim=800x600 ofmt=webp
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 33890
x-amz-id-2: idM27grZjmpDAkcnvoMdNxnVou7QV0q6Nw7QxCb0ByLi+ql8KgNP2PTRdhH4hgbql/YnpAcGk40=
x-served-by: cache-iad-kiad7000165-IAD, cache-qpg120085-QPG
x-amz-meta-x-source: fivepointsix%2FShutterstock
x-amz-meta-x-image-height: 667
server: AmazonS3
x-timer: S1709567773.722760,VS0,VE2
etag: "VB2Ok+KbHVQEf1DqyRD0w6cYSl9ypRZmVWYxs/9A8Mk"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 18, 1

GET
H2 200 style-3801.css
painthy.com/wp-content/uploads/forminator/3801_ed150202242d39d5c11167ebcdaca666/css/ 36 KB
3 KB 628ms
627ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/uploads/forminator/3801_ed150202242d39d5c11167ebcdaca666/css/style-3801.css?ver=1683471826
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3e30577a7198874c10eca11f146e85196fd4160c7055463b3ddd63c63137bca3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Sun, 07 May 2023 15:03:46 GMT
server: nginx-reuseport/1.21.1
etag: W/"6457bdd2-8e9a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 forminator-icons.min.css
painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/ 5 KB
1 KB 208ms
208ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/forminator-icons.min.css?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2a51c0e3455ad7119e8dc76b3be4341c2b68574ac71ce34c4ee909d89130265a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-1477"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 forminator-utilities.min.css
painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/ 914 B
589 B 216ms
206ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/forminator-utilities.min.css?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 96b465d3fdedec8a7a466adde1cf0b94c69d3c809886d55d4723edd80ee61dd1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-392"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 forminator-grid.open.min.css
painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/grid/ 6 KB
851 B 217ms
207ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/grid/forminator-grid.open.min.css?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 43e372283eb9dfba817a4891642f715ff6e3fb6282f4df05f0efe165093c45c0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-178e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 forminator-form-default.base.min.css
painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/form/ 65 KB
5 KB 217ms
207ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/form/forminator-form-default.base.min.css?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3f7b6e8b97ffa9648ea638a1caeb5a7af3ee518234a43e415623421f1d15f2bd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-10423"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 forminator-form-default.full.min.css
painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/form/ 59 KB
5 KB 217ms
207ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/form/forminator-form-default.full.min.css?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 78c74fd73d76581528a666ccd75672f59c8f2c8551c3304025410d77074ec2af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-ea13"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 buttons.min.css
painthy.com/wp-includes/css/ 6 KB
2 KB 217ms
208ms Stylesheet
text/css 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-includes/css/buttons.min.css?ver=6.4.3
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: be47f84097fc1dcfe4a183ec10218db49578053af37a7d4bcf83d946fdeabc82

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 18:31:51 GMT
server: nginx-reuseport/1.21.1
etag: W/"654bd417-1725"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 post-like.js Show response
painthy.com/wp-content/plugins/disto-function/ 918 B
629 B 217ms
208ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/disto-function/post-like.js?ver=1.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f278bf82a64ac1a5ae8f69e06890047a914b3d0100bf856aabd758d2e15edf36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:56:33 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c61321-396"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 fluidvids.js Show response
painthy.com/wp-content/themes/disto/js/ 1 KB
863 B 217ms
208ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/js/fluidvids.js?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d9ce958515e4c42199afa5f6f985d7038047c2ca5821147d68fe3604b138e5aa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-484"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 infinitescroll.js Show response
painthy.com/wp-content/themes/disto/js/ 10 KB
4 KB 217ms
209ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/js/infinitescroll.js?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: aaadde89b0db2f97f270379b4762e025c85a1a4d8a4c9ae2421ab48198cc3ae6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-2971"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 justified.js Show response
painthy.com/wp-content/themes/disto/js/ 37 KB
12 KB 217ms
209ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/js/justified.js?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 25fdc7a17a7b3884e86c6f6b72b60288025980e5bcfff6b736f077902c1697ef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-94e2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 slick.js Show response
painthy.com/wp-content/themes/disto/js/ 42 KB
10 KB 224ms
216ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/js/slick.js?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2c55dea800c7c131d9f3e3ac8a411abf3ca2b4fa836a7376aba3e99c43a621ba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-a77b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
painthy.com/wp-content/themes/disto/js/ 5 KB
2 KB 224ms
216ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/js/theia-sticky-sidebar.js?ver=1.5
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ad386e83074906780dfa1feec2070ff6e11f15c07953ac3d8431300ae0ba175b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-1509"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 aos.js Show response
painthy.com/wp-content/themes/disto/js/ 14 KB
5 KB 224ms
216ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/js/aos.js?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-37a3"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 custom.js Show response
painthy.com/wp-content/themes/disto/js/ 18 KB
3 KB 224ms
217ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/js/custom.js?ver=1.6
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c0a71ca2c2b80121a9db00dd745294b6a10f3904add5781197d3f6db69e4a574

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"62c612f1-48ce"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 e-202410.js Show response
stats.wp.com/ 7 KB
3 KB 19ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202410.js
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT sin
date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356680.846
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 03 Mar 2025 15:06:28 GMT

GET
H2 200 jquery.validate.min.js Show response
painthy.com/wp-content/plugins/forminator/assets/js/library/ 24 KB
8 KB 223ms
217ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/assets/js/library/jquery.validate.min.js?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-6019"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 forminator-form.min.js Show response
painthy.com/wp-content/plugins/forminator/assets/forminator-ui/js/ 14 KB
4 KB 223ms
217ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/assets/forminator-ui/js/forminator-form.min.js?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3a6ba20cfe22bd75eb973b5ae2e7f46837eb098f51d06b15355f8b4d7b9e7aca

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-392f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 front.multi.min.js Show response
painthy.com/wp-content/plugins/forminator/build/front/ 227 KB
41 KB 223ms
217ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/plugins/forminator/build/front/front.multi.min.js?ver=1.29.0
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 26e9dcd1c53b6378f8689af6e064a0c43e6dd94e439154a6e94623e04f206630

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 17:50:38 GMT
server: nginx-reuseport/1.21.1
etag: W/"65ba886e-38d13"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:12 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 36ms
16ms Script
text/javascript 2404:6800:4003:c01::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en_US&onload=forminator_render_captcha&render=explicit&ver=1.29.0

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

040cec898556b5507f837f89145f8ec21866fcb83cff8de84b6d506bbcb129da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2024 15:56:12 GMT

GET
BLOB 200
OK 95d4ef56-a4f3-4e57-998a-3249fee1a92f
https://painthy.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://painthy.com/95d4ef56-a4f3-4e57-998a-3249fee1a92f
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 34ms
7ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A%2C400%7CPoppins%3A%2C400%7CPoppins%3A%2C400%2C%2C400&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Cvietnamese&ver=1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://painthy.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:15:44 GMT
x-content-type-options: nosniff
age: 463228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 07:15:44 GMT

GET
H2 200 fontawesome-webfont.woff2
painthy.com/wp-content/themes/disto/css/fonts/ 65 KB
65 KB 225ms
224ms Font
application/font-woff2 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-content/themes/disto/css/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: painthy.com
URL: https://painthy.com/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://painthy.com/wp-content/themes/disto/css/bootstrap.css?ver=1.6
Origin: https://painthy.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
last-modified: Wed, 06 Jul 2022 22:55:45 GMT
server: nginx-reuseport/1.21.1
etag: "62c612f1-10440"
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 66624
expires: Wed, 03 Apr 2024 15:56:12 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/ 404 KB
137 KB 58ms
50ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9779134835489781

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bad7cde68ddad2f12a8d451171fbada30d0f9ae5ec8a735d26e4b5cafb0c0cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140436
x-xss-protection: 0
server: cafe
etag: 11121380586791657593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 15:56:12 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame C995 9 KB
4 KB 16ms
4ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9779134835489781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 70107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 20:27:45 GMT
etag: 5035419970550746386
expires: Sun, 17 Mar 2024 20:27:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB11 203 KB
55 KB 524ms
523ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&adk=1812271804&adf=3025194257&lmt=1709567772&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772809&bpp=6&bdt=797&idt=110&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=249843842091&frm=20&pv=2&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=151

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf9eb6e27d03737dbb6e05caff84e0347b19e0122f7de9e3dde0175d11b4422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55627
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 04 Mar 2024 15:56:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
45ms Image
image/gif 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header-wraper%20header_magazine_full_screen%20header_magazine_full_screen%20jl_topa_menu_sticky%20options_dark_header%20jl_cus_sihead&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 15:56:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF1D 104 KB
38 KB 598ms
598ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=280&slotname=6557565023&adk=4083621110&adf=1732872635&pi=t.ma~as.6557565023&w=760&fwrn=4&fwrnh=100&lmt=1709567772&rafmt=1&format=760x280&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772815&bpp=2&bdt=803&idt=164&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

904dbd6399971c9fe50a87a85a67e119c5ebd51b802a14cdf19629c74210325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 04 Mar 2024 15:56:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9698 113 KB
40 KB 654ms
653ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=198&slotname=8984148311&adk=3405074144&adf=1624500146&pi=t.ma~as.8984148311&w=790&fwrn=4&lmt=1709567773&rafmt=11&format=790x198&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772817&bpp=1&bdt=804&idt=194&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ee6456e824f457658942b8ec75ac033279ac5a4ea4de15d7a14e1e1b77e9e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40557
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 04 Mar 2024 15:56:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96C8 117 KB
41 KB 596ms
595ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=190&slotname=3047912464&adk=3212204741&adf=2724231415&pi=t.ma~as.3047912464&w=760&fwrn=4&lmt=1709567773&rafmt=11&format=760x190&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772818&bpp=1&bdt=806&idt=230&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

864b49e72cb53d212de00394715314ccb255e8cafd02bab6b3cfacfeb742d50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 04 Mar 2024 15:56:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 492 KB
196 KB 15ms
5ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en_US&onload=forminator_render_captcha&render=explicit&ver=1.29.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Origin: https://painthy.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:52:19 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 668B 847 B
431 B 437ms
437ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=190&slotname=1543259106&adk=2564446532&adf=3941887933&pi=t.ma~as.1543259106&w=760&fwrn=4&lmt=1709567773&rafmt=11&format=760x190&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772819&bpp=1&bdt=806&idt=251&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=255

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec27c97205ce6bbd7d60f6a1814faa698d1c113ad08944d422ff534975b2072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 04 Mar 2024 15:56:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 5ms
4ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=205086879&post=4785&tz=3&srv=painthy.com&j=1%3A13.0&host=painthy.com&ref=&fcp=2966&rand=0.5306229755348411
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Mar 2024 15:56:13 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
painthy.com/wp-includes/js/ 18 KB
5 KB 208ms
208ms Script
application/x-javascript 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painthy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 19:30:09 GMT
server: nginx-reuseport/1.21.1
etag: W/"642491c1-4904"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:13 GMT

GET
H2 200 revisit.svg
painthy.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ 2 KB
1 KB 212ms
212ms Image
image/svg+xml 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painthy.com/wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
content-encoding: gzip
last-modified: Wed, 24 Jan 2024 08:29:44 GMT
server: nginx-reuseport/1.21.1
etag: W/"65b0ca78-923"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:13 GMT

GET
H2 200 close.svg
painthy.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ 1 KB
862 B 212ms
212ms Image
image/svg+xml 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painthy.com/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg
Requested by: Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.codia2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
content-encoding: gzip
last-modified: Wed, 24 Jan 2024 08:29:44 GMT
server: nginx-reuseport/1.21.1
etag: W/"65b0ca78-541"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Mon, 11 Mar 2024 15:56:13 GMT

POST
H2 200 admin-ajax.php Show response
painthy.com/wp-admin/ 36 B
378 B 481ms
481ms XHR
application/json 45.130.41.84
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://painthy.com/wp-admin/admin-ajax.php

Requested by

Host: painthy.com
URL: https://painthy.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.130.41.84 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),

Reverse DNS

ssl.codia2.beget.com

Software

nginx-reuseport/1.21.1 / PHP/7.4.33

Resource Hash

601c726da99512b631035afaac434dc03c315c915696d9b266878ad222f4173b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://painthy.com/amazon-jobs-work-from-anywhere/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://painthy.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 36
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B772 104 KB
39 KB 485ms
485ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=250&slotname=6557565023&adk=931971336&adf=2566144417&pi=t.ma~as.6557565023&w=325&fwrn=4&fwrnh=100&lmt=1709567773&rafmt=1&format=325x250&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772823&bpp=1&bdt=811&idt=344&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190%2C760x190&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&fsb=1&dtd=347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61ca6edb59777d0e0e48614df18f5638da590d764b64b3bf6494b3c68cd6619b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39785
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 04 Mar 2024 15:56:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 884B 107 KB
33 KB 352ms
352ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=1118&slotname=9671647671&adk=3302792388&adf=2749042063&pi=t.ma~as.9671647671&w=325&cr_col=1&cr_row=13&fwrn=2&lmt=1709567773&rafmt=9&format=325x1118&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772824&bpp=1&bdt=812&idt=355&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190%2C760x190%2C325x250&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=357

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2f5fad3410d3d126c6bffc1a5d7d91082e946307bcf595bcac560b84c87805a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33253
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 04 Mar 2024 15:56:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1822 46 KB
29 KB 24ms
23ms Document
text/html 2404:6800:4003:c01::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY&co=aHR0cHM6Ly9wYWludGh5LmNvbTo0NDM.&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=normal&cb=8lv2ike2gfvt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c382617d1ac17821f706acb04bb3a6ca83b0db88b8cde547895a5fd7e504fcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dadcsNwjuep80T4H4mnbyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dadcsNwjuep80T4H4mnbyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 1f449.svg
s.w.org/images/core/emoji/14.0.0/svg/ 563 B
661 B 16ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f449.svg

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT sin 2
date: Mon, 04 Mar 2024 15:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 1822 55 KB
24 KB 20ms
5ms Stylesheet
text/css 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY&co=aHR0cHM6Ly9wYWludGh5LmNvbTo0NDM.&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=normal&cb=8lv2ike2gfvt

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 02:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Mar 2025 02:49:20 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 1822 492 KB
195 KB 23ms
9ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:52:19 GMT

GET
DATA 200
OK truncated
/ Frame 1822 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1822 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1822 2 KB
2 KB 4ms
4ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:02:21 GMT
x-content-type-options: nosniff
age: 464032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Mar 2024 07:02:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1822 15 KB
15 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:15:33 GMT
x-content-type-options: nosniff
age: 463240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 07:15:33 GMT

GET
H3 200 sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js Show response
www.google.com/js/bg/ Frame 1822 17 KB
7 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c01::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b3c8a08afff51d87d6f144eb76c25bdfd19943cc6cb93e5f22b00c0728d06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY&co=aHR0cHM6Ly9wYWludGh5LmNvbTo0NDM.&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=normal&cb=8lv2ike2gfvt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 463731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6937
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 07:07:22 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1822 102 B
135 B 8ms
7ms Other
text/javascript 2404:6800:4003:c01::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY&co=aHR0cHM6Ly9wYWludGh5LmNvbTo0NDM.&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=normal&cb=8lv2ike2gfvt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2024 15:56:13 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/ 166 KB
56 KB 19ms
18ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/reactive_library_fy2021.js?bust=31081512

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c756b8b2b42a2aa1a55756b8a2b1df7cc69c349e2108bc3638633f503e4fa13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57356
x-xss-protection: 0
server: cafe
etag: 8510793495435605859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 15:56:13 GMT

GET
H2 200 ca-pub-9779134835489781 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 116ms
105ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9779134835489781?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

700862d6f58663eeb294f5543211a4b800636c0ec8e204133b74e257a121a227

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ScEug1hMLaYWA2mweE1VJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ScEug1hMLaYWA2mweE1VJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMffe9PVsAg92z1_NBAAGCi2C"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a557c05b701b7d3041e507ef957cdd82.js Show response
www.gstatic.com/mysidia/ Frame 884B 8 KB
4 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a557c05b701b7d3041e507ef957cdd82.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=1118&slotname=9671647671&adk=3302792388&adf=2749042063&pi=t.ma~as.9671647671&w=325&cr_col=1&cr_row=13&fwrn=2&lmt=1709567773&rafmt=9&format=325x1118&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772824&bpp=1&bdt=812&idt=355&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190%2C760x190%2C325x250&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&fsb=1&dtd=357

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3757
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 May 2024 06:51:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 884B 22 KB
2 KB 16ms
14ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

923bb1d333ca289850f06f8c32113212357241945d07ac9d2fc7790a1bdf5f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 15:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:42:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 15:56:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 884B 2 KB
822 B 16ms
12ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 13:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 13:24:04 GMT

GET
H3 200 f30634b4a3ab8fb661763ee5d6c29381.js Show response
www.gstatic.com/mysidia/ Frame 884B 22 KB
9 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f30634b4a3ab8fb661763ee5d6c29381.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e38585fe1420e1227de54c45057bfbe84ae69461b8ba4e4fc5bbd1a2b31484c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9382
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 May 2024 07:12:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 884B 23 KB
9 KB 14ms
9ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 884B 3 KB
1 KB 13ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 884B 20 KB
8 KB 28ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 01:11:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 884B 207 KB
63 KB 9ms
9ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:39:56 GMT

GET
H2 200 13462328794026197403
tpc.googlesyndication.com/daca_images/simgad/ Frame BF1D 85 KB
86 KB 10ms
9ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13462328794026197403

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=280&slotname=6557565023&adk=4083621110&adf=1732872635&pi=t.ma~as.6557565023&w=760&fwrn=4&fwrnh=100&lmt=1709567772&rafmt=1&format=760x280&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772815&bpp=2&bdt=803&idt=164&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ef12ae0f9252dc05c6750084efcdbfa6cbb59d8798d14ab13656c95c9e4f411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Tue, 04 Mar 2025 15:42:58 GMT
date: Mon, 04 Mar 2024 15:42:58 GMT
x-content-type-options: nosniff
age: 795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87143
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 14:11:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame BF1D 23 KB
9 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BF1D 3 KB
1 KB 11ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BF1D 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 01:11:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BF1D 207 KB
63 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:39:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BF1D 36 KB
14 KB 11ms
11ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 18:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 18:36:08 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFEB 143 B
166 B 8ms
4ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=280&slotname=6557565023&adk=4083621110&adf=1732872635&pi=t.ma~as.6557565023&w=760&fwrn=4&fwrnh=100&lmt=1709567772&rafmt=1&format=760x280&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772815&bpp=2&bdt=803&idt=164&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=170
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 3335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:00:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 10638282260584882890
tpc.googlesyndication.com/simgad/ Frame 96C8 12 KB
12 KB 9ms
8ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10638282260584882890?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk-uQiTVWmjDVMbmvdIARARzZ5a7A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=190&slotname=3047912464&adk=3212204741&adf=2724231415&pi=t.ma~as.3047912464&w=760&fwrn=4&lmt=1709567773&rafmt=11&format=760x190&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772818&bpp=1&bdt=806&idt=230&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578c646d5ca65662938d902d9441ab3e760dc2e20544263b75827aae7dda804f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 16:12:02 GMT
x-content-type-options: nosniff
age: 171851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12517
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 02:00:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Mar 2025 16:12:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 96C8 23 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 96C8 3 KB
1 KB 26ms
25ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 96C8 20 KB
8 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 01:11:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 96C8 207 KB
63 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:39:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 96C8 36 KB
14 KB 26ms
25ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 18:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 18:36:08 GMT

GET
H3 200 5889263273077577210
tpc.googlesyndication.com/simgad/ Frame B772 52 KB
52 KB 9ms
8ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5889263273077577210?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkK4TS1vuBH2Qsznh19vDQV2Jw_pg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=250&slotname=6557565023&adk=931971336&adf=2566144417&pi=t.ma~as.6557565023&w=325&fwrn=4&fwrnh=100&lmt=1709567773&rafmt=1&format=325x250&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772823&bpp=1&bdt=811&idt=344&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190%2C760x190&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&fsb=1&dtd=347

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81423501ec87edd7e9a5d69e9d48d0fd78539ac456873b1fb9fae3e87037f03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 01:38:59 GMT
x-content-type-options: nosniff
age: 397034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52839
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 10:41:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Feb 2025 01:38:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame B772 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame B772 3 KB
1 KB 11ms
8ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame B772 20 KB
8 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 01:11:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B772 207 KB
63 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:39:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame B772 36 KB
14 KB 13ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 18:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 18:36:08 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2427663054652861389/ Frame 884B 175 KB
175 KB 13ms
9ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2427663054652861389/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df344d00de25952994db106382bf6ec0e2f44697c63daa8d251acf4b0769df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Sun, 02 Mar 2025 15:58:44 GMT
date: Sat, 02 Mar 2024 15:58:44 GMT
x-content-type-options: nosniff
age: 172649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179261
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 02:45:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9776170651638299460/ Frame 884B 86 KB
86 KB 14ms
11ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9776170651638299460/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e37fb64062c9a83d7440f9067d4025bbc33194c348c5fa0a0bb07c6f67bf901a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Tue, 04 Mar 2025 12:45:28 GMT
date: Mon, 04 Mar 2024 12:45:28 GMT
x-content-type-options: nosniff
age: 11445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88432
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 11:54:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 16929416598658166129
tpc.googlesyndication.com/daca_images/simgad/ Frame 9698 27 KB
27 KB 19ms
16ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16929416598658166129

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=198&slotname=8984148311&adk=3405074144&adf=1624500146&pi=t.ma~as.8984148311&w=790&fwrn=4&lmt=1709567773&rafmt=11&format=790x198&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772817&bpp=1&bdt=804&idt=194&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=204

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8324528e50184f928586b77f3412d5cd0798c4b6edb2a8f33e224d789cb5acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 03 Mar 2025 03:49:35 GMT
date: Sun, 03 Mar 2024 03:49:35 GMT
x-content-type-options: nosniff
age: 129998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27669
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 08:56:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 9698 23 KB
9 KB 33ms
30ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9698 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9698 20 KB
8 KB 20ms
17ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 01:11:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9698 207 KB
63 KB 13ms
11ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:39:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9698 36 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 18:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 18:36:08 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C58B 7 KB
1 KB 27ms
24ms Document
text/html 2404:6800:4003:c01::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

80df2f6f86de748acbbdc62e61a5ec6148c45911182589d61395fa0faaff9be4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_QRs_Thr2cHcWCiGpehoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_QRs_Thr2cHcWCiGpehoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F33 143 B
166 B 16ms
14ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=190&slotname=3047912464&adk=3212204741&adf=2724231415&pi=t.ma~as.3047912464&w=760&fwrn=4&lmt=1709567773&rafmt=11&format=760x190&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772818&bpp=1&bdt=806&idt=230&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&rplot=4&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=236
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 3335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:00:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F332 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779134835489781&output=html&h=250&slotname=6557565023&adk=931971336&adf=2566144417&pi=t.ma~as.6557565023&w=325&fwrn=4&fwrnh=100&lmt=1709567773&rafmt=1&format=325x250&url=https%3A%2F%2Fpainthy.com%2Famazon-jobs-work-from-anywhere%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567772823&bpp=1&bdt=811&idt=344&shv=r20240228&mjsv=m202402280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x280%2C790x198%2C760x190%2C760x190&nras=1&correlator=249843842091&frm=20&pv=1&ga_vid=145990523.1709567773&ga_sid=1709567773&ga_hid=2125400560&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C31081512%2C95322180%2C95324160%2C95326436&oid=2&pvsid=2243547856521346&tmod=1861099159&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&fsb=1&dtd=347
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 3335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:00:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 884B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bffd7c8b1396bd10e1304626cf06667c3c95ed31e81ac93a7683594cc947850f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame F339 9 KB
4 KB 5ms
4ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 64771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 21:56:42 GMT
etag: 5035419970550746386
expires: Sun, 17 Mar 2024 21:56:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxV2EUXF9dspHJ9RsyWEcgeIxUZDTrqjvqux9AIptU2FDZbaQg9e0bhAEP2YRGQE6OkfZksbinKqqO1e_2-gRYVSM98ZPCi3_ahEZkZ1pF6CIMinqInMEfZn10qWMEz4KVtzF94g2A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 21ms
20ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV2EUXF9dspHJ9RsyWEcgeIxUZDTrqjvqux9AIptU2FDZbaQg9e0bhAEP2YRGQE6OkfZksbinKqqO1e_2-gRYVSM98ZPCi3_ahEZkZ1pF6CIMinqInMEfZn10qWMEz4KVtzF94g2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTY3NzczLDk1MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludGh5LmNvbS9hbWF6b24tam9icy13b3JrLWZyb20tYW55d2hlcmUvIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzI1OTkxXSw4LDldIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMz6nfe--ZfiJdqhAO36EofTJTmOHw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6b37ecc19a8242168019a4011a8bbfbbca9f46c60f85b8090e55063d3a70e8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vW6ZuABRzlv-W1aiucQUhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-vW6ZuABRzlv-W1aiucQUhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMffe9PVsAi_-fTzPDAALfy5L"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame C58B 55 KB
24 KB 4ms
4ms Stylesheet
text/css 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 02:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Mar 2025 02:49:20 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame C58B 492 KB
195 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LdH-YklAAAAADyBTLwS6sLF70v0TAQgJ-bHcWCY

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 06:52:19 GMT

GET
H2 200 redir.html Show response
p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 09AC 247 B
871 B 32ms
6ms Document
text/html 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

sffe /

Resource Hash

330dc6a23e527b02487bdaccfa9754341c6815755bf96343292f3952c1f09486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 206
content-security-policy-report-only: script-src 'nonce-BS_qVj_m0KT5Am3I9FzJAA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF1D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8087482b9068c6f41e0bd55a2efaee5898239c92c91e55724eb982e7889b9de5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 884B 47 KB
47 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:04:48 GMT
x-content-type-options: nosniff
age: 463886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 07:04:48 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame F339 5 KB
694 B 6ms
6ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 15:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:11:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 15:56:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 97F4 14 KB
1 KB 7ms
6ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 15:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 14:23:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 15:56:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 97F4 2 KB
824 B 25ms
24ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 13:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 13:24:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 97F4 23 KB
9 KB 25ms
25ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16EA 143 B
166 B 30ms
26ms Document
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 3336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:00:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 97F4 3 KB
1 KB 24ms
13ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 02:06:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 97F4 20 KB
8 KB 26ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 01:11:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 97F4 207 KB
63 KB 17ms
6ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 16:39:56 GMT

GET
H3 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 97F4 36 KB
15 KB 24ms
13ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 May 2024 06:59:36 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame F339 15 KB
6 KB 25ms
15ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 20:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 7487576354850247333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 20:41:43 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F339 205 B
229 B 24ms
14ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 15:56:19 GMT
x-content-type-options: nosniff
age: 172795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 02 Mar 2025 15:56:19 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F339 604 B
628 B 26ms
16ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:56:55 GMT
x-content-type-options: nosniff
age: 464359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Feb 2025 06:56:55 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame F339 22 KB
9 KB 25ms
15ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 00:19:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 00:19:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFEB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

6ms
5ms

Document
text/html

2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
expires: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 96C8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bae9940f716ecfb33ab00ab1fdf108fe0e89d47fc5e8f20ebc5e4e7a7350006

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B772 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00e6ec4f93eb21b92219030bbe059bb0aaf782728a3d79177001324d9aadf14c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 884B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CM9PNHe_lZbWuDKLwjMwPvaeHmAvIz7XMa_yg-8K0D_iflphDEAEgtq6xkAEoAmCdAaABz6KqlAHIAQapAkf1gZuHLrI-qAMByAMCqgSWAk_QI9J8AP8nvcm13BIIlNe_2yatY-946RxRMjh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2dfbee0b1e383850000000000000000%22,%222%22:%220x16bf1ad73fa586a40000000000000000%22,%223%22:%220x84fe219...

0
0

46ms
45ms

Fetch
text/css

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2dfbee0b1e383850000000000000000%22,%222%22:%220x16bf1ad73fa586a40000000000000000%22,%223%22:%220x84fe219ba08a90070000000000000000%22,%224%22:%220xd1543968d66351a70000000000000000%22,%225%22:%220xeba0b7764559b7130000000000000000%22},%22debug_key%22:%2214365888264612103708%22,%22debug_reporting%22:true,%22destination%22:%22https://jobseeker.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22311071055%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223533479135146887777%22}&andc=true

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x2dfbee0b1e383850000000000000000","2":"0x16bf1ad73fa586a40000000000000000","3":"0x84fe219ba08a90070000000000000000","4":"0xd1543968d66351a70000000000000000","5":"0xeba0b7764559b7130000000000000000"},"debug_key":"14365888264612103708","debug_reporting":true,"destination":"https://jobseeker.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["311071055"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"3533479135146887777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Mar 2024 15:56:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2dfbee0b1e383850000000000000000","2":"0x16bf1ad73fa586a40000000000000000","3":"0x84fe219ba08a90070000000000000000","4":"0xd1543968d66351a70000000000000000","5":"0xeba0b7764559b7130000000000000000"},"debug_key":"14365888264612103708","debug_reporting":true,"destination":"https://jobseeker.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["311071055"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"3533479135146887777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 884B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CooDNHe_lZbWuDKLwjMwPvaeHmAvBo9S_dY-YwamVEpOe0vnlQBACILausZABKAJgnQGgAY7io_EpyAEGqQLAK71JV6aCPqgDAcgDAqoElgJP0H3BdQD8J73JtdwSCJTXv9smrWPveOkcUTI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xab9f17f47f74fc00000000000000000%22,%222%22:%220xbb2e7f59a760dad00000000000000000%22,%223%22:%220x56ee07f...

0
0

61ms
49ms

Fetch
text/css

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xab9f17f47f74fc00000000000000000%22,%222%22:%220xbb2e7f59a760dad00000000000000000%22,%223%22:%220x56ee07ff28e7d6ee0000000000000000%22,%224%22:%220x1bfdae62459ca9ac0000000000000000%22,%225%22:%220x6a63537bbd8222270000000000000000%22},%22debug_key%22:%2216860117196185812551%22,%22debug_reporting%22:true,%22destination%22:%22https://bumo.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211243417870%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217495465363437563985%22}&andc=true

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xab9f17f47f74fc00000000000000000","2":"0xbb2e7f59a760dad00000000000000000","3":"0x56ee07ff28e7d6ee0000000000000000","4":"0x1bfdae62459ca9ac0000000000000000","5":"0x6a63537bbd8222270000000000000000"},"debug_key":"16860117196185812551","debug_reporting":true,"destination":"https://bumo.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11243417870"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"17495465363437563985"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Mar 2024 15:56:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xab9f17f47f74fc00000000000000000","2":"0xbb2e7f59a760dad00000000000000000","3":"0x56ee07ff28e7d6ee0000000000000000","4":"0x1bfdae62459ca9ac0000000000000000","5":"0x6a63537bbd8222270000000000000000"},"debug_key":"16860117196185812551","debug_reporting":true,"destination":"https://bumo.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11243417870"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"17495465363437563985"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 09AC 5 KB
2 KB 7ms
5ms Document
text/html 142.251.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f94.1e100.net

Software

sffe /

Resource Hash

cbf176afd9942985c040f9acf0d348cb5f53bb7f0906f4e4d25822629e38da95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-eyO10WQbvCKtc_KI3UERTA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BF1D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkfD8He_lZcEjqq7zwQ_OtomQA4mk3Y92lO-f9uUSZBABILausZABYL8FoAGv8bj0KMgBAqgDAcgDyQSqBIICT9A_obKtszOy_2oHop3S3a-el1sTE2YcRNcRVCZgM_hD4vSy6H03doI0iLS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96904f8489c73af00000000000000000%22,%222%22:%220x1ac8f747194584e50000000000000000%22,%223%22:%220xd215c8...

0
0

48ms
48ms

Fetch
text/css

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96904f8489c73af00000000000000000%22,%222%22:%220x1ac8f747194584e50000000000000000%22,%223%22:%220xd215c808ee15b2370000000000000000%22,%224%22:%220x760cd3032d6dca960000000000000000%22,%225%22:%220x10c9815b147d91e20000000000000000%22},%22debug_key%22:%2213503241030698225208%22,%22debug_reporting%22:true,%22destination%22:%22https://omo-app.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210981619887%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229028774489585648881%22}&andc=true

Requested by

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x96904f8489c73af00000000000000000","2":"0x1ac8f747194584e50000000000000000","3":"0xd215c808ee15b2370000000000000000","4":"0x760cd3032d6dca960000000000000000","5":"0x10c9815b147d91e20000000000000000"},"debug_key":"13503241030698225208","debug_reporting":true,"destination":"https://omo-app.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10981619887"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"9028774489585648881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Mar 2024 15:56:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x96904f8489c73af00000000000000000","2":"0x1ac8f747194584e50000000000000000","3":"0xd215c808ee15b2370000000000000000","4":"0x760cd3032d6dca960000000000000000","5":"0x10c9815b147d91e20000000000000000"},"debug_key":"13503241030698225208","debug_reporting":true,"destination":"https://omo-app.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10981619887"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"9028774489585648881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9698 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b771cc378608b527884c6aa96b5078052e89ceaf3a99565eeb5dba603008aea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AGSKWxX3CCjQLsR2or677WhquK725lkuup5BYbwxXk3Bag-kNsk0VP67p_AreyRGOJ2gfdsiiwQApIgl24LOGEc0CWpn0_Rluf7xWRTj3jd0UX714ev5LZzoyA88Df86kk67WY_hVVBhVA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 27ms
27ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX3CCjQLsR2or677WhquK725lkuup5BYbwxXk3Bag-kNsk0VP67p_AreyRGOJ2gfdsiiwQApIgl24LOGEc0CWpn0_Rluf7xWRTj3jd0UX714ev5LZzoyA88Df86kk67WY_hVVBhVA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTY3Nzc0LDI5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsInpoLUNOIl0sImh0dHBzOi8vcGFpbnRoeS5jb20vYW1hem9uLWpvYnMtd29yay1mcm9tLWFueXdoZXJlLyIsbnVsbCxbWzgsInZ6ck52SFEtY3lvIl0sWzksInpoLUNOIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyNTk5MV0sOCw5XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c0275a07af721cb2bcb0f01e0861e754cafea89a013b545ed352c587c4a1ed2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BclgvtR5i8HL4Bi8jvrbhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-BclgvtR5i8HL4Bi8jvrbhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMe_e9PVsAh-W7pjKCAAGmS2A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F33
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

5ms
5ms

Document
text/html

2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
expires: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F332
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

9ms
8ms

Document
text/html

2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
expires: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 96C8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5QiXHe_lZfi5BMOzjMwP5u2Q6A_CsL2ddqSloOm3EuvA7LOQDhABILausZABYL8FoAHv2sjXAcgBAqkCi7kG-0q-qD6oAwHIA8kEqgT_AU_QzePqqthLxjAELEvyqdu8CCYirYm0QAI0twr...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xce8ac1e99731166c0000000000000000%22,%222%22:%220xb6637a182e2b73e30000000000000000%22,%223%22:%220x92d12a...

0
0

47ms
47ms

Fetch
text/css

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xce8ac1e99731166c0000000000000000%22,%222%22:%220xb6637a182e2b73e30000000000000000%22,%223%22:%220x92d12a868ea6032e0000000000000000%22,%224%22:%220xb524f37f115e8dcb0000000000000000%22,%225%22:%220xe7477345406c459c0000000000000000%22},%22debug_key%22:%224631215218927715435%22,%22debug_reporting%22:true,%22destination%22:%22https://installapps.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22452078959%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22383463178295772369%22}&andc=true

Requested by

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xce8ac1e99731166c0000000000000000","2":"0xb6637a182e2b73e30000000000000000","3":"0x92d12a868ea6032e0000000000000000","4":"0xb524f37f115e8dcb0000000000000000","5":"0xe7477345406c459c0000000000000000"},"debug_key":"4631215218927715435","debug_reporting":true,"destination":"https://installapps.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["452078959"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"383463178295772369"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Mar 2024 15:56:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xce8ac1e99731166c0000000000000000","2":"0xb6637a182e2b73e30000000000000000","3":"0x92d12a868ea6032e0000000000000000","4":"0xb524f37f115e8dcb0000000000000000","5":"0xe7477345406c459c0000000000000000"},"debug_key":"4631215218927715435","debug_reporting":true,"destination":"https://installapps.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["452078959"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"383463178295772369"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 105ms
49ms Preflight
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 148ms
92ms Preflight
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 188ms
133ms Preflight
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9698
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvx53He_lZYTSApfPjMwPna6DsAnrqImuc7zxz8bmEc-u8_0IEAEgtq6xkAFgnQGgAbXlyosDyAECqAMByAPJBKoE-wFP0HXpjrvjIqjYc5h96900sBmaeGIzxW5J772Y6IyfkKqQerMoA8A...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xed51512714f77f9d0000000000000000%22,%222%22:%220x4f76150aa1bc26f30000000000000000%22,%223%22:%220x816c5a...

0
0

47ms
46ms

Fetch
text/css

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xed51512714f77f9d0000000000000000%22,%222%22:%220x4f76150aa1bc26f30000000000000000%22,%223%22:%220x816c5a37ea7ffa570000000000000000%22,%224%22:%220xfef6023cbc29a6e80000000000000000%22,%225%22:%220xb9a095e67870d2610000000000000000%22},%22debug_key%22:%221161573194201703903%22,%22debug_reporting%22:true,%22destination%22:%22https://resumecoach.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22829600437%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229596745045519275825%22}&andc=true

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xed51512714f77f9d0000000000000000","2":"0x4f76150aa1bc26f30000000000000000","3":"0x816c5a37ea7ffa570000000000000000","4":"0xfef6023cbc29a6e80000000000000000","5":"0xb9a095e67870d2610000000000000000"},"debug_key":"1161573194201703903","debug_reporting":true,"destination":"https://resumecoach.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["829600437"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"9596745045519275825"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Mar 2024 15:56:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xed51512714f77f9d0000000000000000","2":"0x4f76150aa1bc26f30000000000000000","3":"0x816c5a37ea7ffa570000000000000000","4":"0xfef6023cbc29a6e80000000000000000","5":"0xb9a095e67870d2610000000000000000"},"debug_key":"1161573194201703903","debug_reporting":true,"destination":"https://resumecoach.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["829600437"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"9596745045519275825"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 38D8 51 KB
20 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 13:15:07 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B772
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGyZGHe_lZZnfC97JjMwPyeG4wA-JpN2PdpT-n_blEmQQASC2rrGQAWC_BaABr_G49CjIAQKoAwHIA8kEqgSCAk_Qi240iYRhqneuc7PyoK9EdK6S2zHBMgc8vvy0FKjcPKfMenS1a6f7FI7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96904f8489c73af00000000000000000%22,%222%22:%220x1ac8f747194584e50000000000000000%22,%223%22:%220xd215c8...

0
0

52ms
52ms

Fetch
text/css

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96904f8489c73af00000000000000000%22,%222%22:%220x1ac8f747194584e50000000000000000%22,%223%22:%220xd215c808ee15b2370000000000000000%22,%224%22:%220x760cd3032d6dca960000000000000000%22,%225%22:%220x10c9815b147d91e20000000000000000%22},%22debug_key%22:%225185243384403363821%22,%22debug_reporting%22:true,%22destination%22:%22https://omo-app.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210981619887%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221282559623837736753%22}&andc=true

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x96904f8489c73af00000000000000000","2":"0x1ac8f747194584e50000000000000000","3":"0xd215c808ee15b2370000000000000000","4":"0x760cd3032d6dca960000000000000000","5":"0x10c9815b147d91e20000000000000000"},"debug_key":"5185243384403363821","debug_reporting":true,"destination":"https://omo-app.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10981619887"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"1282559623837736753"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Mar 2024 15:56:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Mar 2024 15:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x96904f8489c73af00000000000000000","2":"0x1ac8f747194584e50000000000000000","3":"0xd215c808ee15b2370000000000000000","4":"0x760cd3032d6dca960000000000000000","5":"0x10c9815b147d91e20000000000000000"},"debug_key":"5185243384403363821","debug_reporting":true,"destination":"https://omo-app.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10981619887"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"1282559623837736753"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 98AE 51 KB
20 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 13:15:07 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 244ms
242ms Preflight
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 16EA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

7ms
7ms

Document
text/html

2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
expires: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
51ms Preflight
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BE9 51 KB
20 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 13:15:07 GMT

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5398 51 KB
20 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 13:15:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 16ms
14ms XHR
application/json 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b91dcba5846a9328886d9dae684bb9781c00e013db73a9cfececb59df8f95a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12454
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E5D5 51 KB
20 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Host: painthy.com
URL: https://painthy.com/amazon-jobs-work-from-anywhere/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 13:15:07 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 50ms
50ms Preflight
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96904f8489c73af00000000000000000%22,%222%22:%220x1ac8f747194584e50000000000000000%22,%223%22:%220xd215c808ee15b2370000000000000000%22,%224%22:%220x760cd3032d6dca960000000000000000%22,%225%22:%220x10c9815b147d91e20000000000000000%22},%22debug_key%22:%225185243384403363821%22,%22debug_reporting%22:true,%22destination%22:%22https://omo-app.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210981619887%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221282559623837736753%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Mar 2024 15:56:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_fy2021.js?bust=31081512

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 15:56:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0704 13 KB
5 KB 7ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 32521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 06:54:13 GMT
expires: Tue, 04 Mar 2025 06:54:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3722 829 B
559 B 9ms
7ms Document
text/html 2404:6800:4003:c01::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::69 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e160c6973ea74e48ff0f5c0c37cd73914f0fc60a00bb7b66728f4b01cc97b35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I4LUW8c6122x00ab1CHtoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-I4LUW8c6122x00ab1CHtoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:56:14 GMT
expires: Mon, 04 Mar 2024 15:56:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3722 0
0 46ms
45ms Image
text/html 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=2243547856521346&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0704 40 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 07:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 07:37:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0704 0
12 B 4ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hImRbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF1D 42 B
64 B 51ms
50ms Fetch
image/gif 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusndXhEOq8uHpnSo25Ecv6ZTCOEbRUoK_T7NrUi8G-oGfgoDS3hYIJyI7myHTVoJnz91DaTQcwzRgMx2ELHei6BUc5wdH62cX2skBFESdA7ERElu_t7ivIAboXin8wuR7AvDDi3QjZLtT3HeUAlnH7kg0RHGBEeMM&sai=AMfl-YSvR1rNuBvRvh7UmA2xuByeQvxi2b5eWLp-HydssvKwAO6b0cug50HD6VH9kXqVZ_u0uUeOzIRwjMQYLpPKbe0NPjaC_67eH3zofF1fVSwmmwEO-l8gUMCS5YCsfjvPAZYeGUGwufvdHB8ZMy3P&sig=Cg0ArKJSzKCxjd-6HLwiEAE&cid=CAQSTgB7FLtq8YMSXCXY0WzTMXXJT-bLLZaLj9ad5bPHuxHCLd_8dVQ5F8z7OjmDpW_YGsBx2jB__23WRz2KZSEa8FTV84Nukdjyy_X08k-zFBgB&id=lidar2&mcvt=1000&p=0,170,280,590&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4083621110&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550057400&rst=1709567772986&rpt=1031&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 15:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B772 42 B
64 B 50ms
50ms Fetch
image/gif 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHcIOfeFfroVLzzYybj1PSdzEtORelRIYUv5ZXkdR5jOEqgVcdabFfhRtAEhhUKVSPsx6S_y6jXBXoAYogMizXYabRPd1L3eocPT1EKguNMQxQSm9D5fe6KuVjDfIR1oicyA5QuMXik1u9Yykt9zT-QIKey-1QHoI&sai=AMfl-YRXK2X9ruCXldnVCyOao9BiY2eXi32YGNxP2LlRJlUzkG5lhzKG73w7FnjjiHTHYE283YogICraZcG_3xzKe5OgZSDtRVhJ_tTgeH7u_GkyIc2bOzURgKFZPiBxAQ5X5NiMEtPeTbYfAYIIbYqPlQ&sig=Cg0ArKJSzCeOELBXIQAIEAE&cid=CAQSTwB7FLtqrEWq26kYU0kqGLAaHTeRzqfae9Q0wrelS0EAPukr8cwLoWJrlVL277SNUpi3vhCG9Ts8S_zhU8oqPDIEKNh3kNeiK1-DwZimPeYYAQ&id=lidar2&mcvt=1001&p=0,13,250,313&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=931971336&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550057400&rst=1709567773172&rpt=1011&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 15:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxXnfIDwwKZ7QyXNFCrBTbbo7DMeJoopU3I_BNRLiQ05wDklGmXHKc6KVNXi54qTFktaKEO5QzENcCzwXre2a90IsPfjBj8qfP2N4WTNSQ3oyDdccvrx0hFEwVGVgK8eK9phDMy12VxFxVdx-MMiVtoba_ddP... 54 B
110 B 12ms
11ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXnfIDwwKZ7QyXNFCrBTbbo7DMeJoopU3I_BNRLiQ05wDklGmXHKc6KVNXi54qTFktaKEO5QzENcCzwXre2a90IsPfjBj8qfP2N4WTNSQ3oyDdccvrx0hFEwVGVgK8eK9phDMy12VxFxVdx-MMiVtoba_ddP66km8m-o1VPXL4BiqvTb97jfvkBBZ2p/_/adwidget_/banner-ads-/adspace./ads/?page=/ads.cms

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwOYwLZNEiSR473hHuuL1SpNtff2A/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

734f07d139123101347d2c261b700389be66c8300b8ae291f0ec48ca0c56d930

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZX_LaZAjJtDfTC3rrjXOWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZX_LaZAjJtDfTC3rrjXOWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw0JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pJJ4OtLJgkg1gLiHT4eLHzrprOqALHh-umskUAc83w6awoQO6XPYA0BYp_6GaxxQCzEzTH_3vT1bAI7Ds1JBAANYzIf"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5dc4f8d803ee658ceb08850beca5415ce158fa4e7de8cda97fb44978500fd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24265
x-xss-protection: 0
server: cafe
etag: 5358710912336251067
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 15:57:30 GMT

POST
H3 204 AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 19ms
9ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y5w4I7nP2M_fy3rZAqQk3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y5w4I7nP2M_fy3rZAqQk3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTNMf_e9PVsAhdO3UsFAHsZEXc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://painthy.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 15ms
15ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3gGvBjNiXCww7ngiiXHR2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-3gGvBjNiXCww7ngiiXHR2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw15BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTNMf_e9PVsAj_m_cgEAHsTEY8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://painthy.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 14ms
14ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f2nUc_FngwuilDivNAhvXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-f2nUc_FngwuilDivNAhvXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTNMf_e9PVsAjPe7M8EAHwnEVA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://painthy.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 12ms
12ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g9No860bofdWhR-6ZaZIEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g9No860bofdWhR-6ZaZIEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw15BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTNMf_e9PVsAg0fXmUCAHt1EWM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://painthy.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWBqAKTAflq050nfl7YtggyLyzpe-uTkVdeOG0m3DCt-xPJg5c7WOqhpsz9d3IR0V2eroV2P5Ce_CWDNK8YYHeiIYJOmoay0J6lJrzx4bRZBQr4H3lFNYWs_gjfEpzIzJdGBeOWKg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 21ms
20ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBqAKTAflq050nfl7YtggyLyzpe-uTkVdeOG0m3DCt-xPJg5c7WOqhpsz9d3IR0V2eroV2P5Ce_CWDNK8YYHeiIYJOmoay0J6lJrzx4bRZBQr4H3lFNYWs_gjfEpzIzJdGBeOWKg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTY3Nzc1LDIxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiemgtQ04iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYWludGh5LmNvbS9hbWF6b24tam9icy13b3JrLWZyb20tYW55d2hlcmUvIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzI1OTkxXSw4LDldIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3427b51dd1e67b483a0dac57e0efdb2ef48c5a329ff3aef6aacf49c61f050c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TeTzF_Hu0tXexo_5LLJzgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-TeTzF_Hu0tXexo_5LLJzgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTNMf_e9PVsAhfuTsgHANVSLUE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXg7ONLGUpIMZtrC84A4tnvQnoiH3xfaViEO5PTR2iINO39auNHdRyA4O8C_574q5RrYXdQwqT5MgvaYeOTodJRI3wtTmwgIiMb52aDebEjZfbdeGNs1QgE4iJ7G6t65vPYLFzPqw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 15ms
14ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXg7ONLGUpIMZtrC84A4tnvQnoiH3xfaViEO5PTR2iINO39auNHdRyA4O8C_574q5RrYXdQwqT5MgvaYeOTodJRI3wtTmwgIiMb52aDebEjZfbdeGNs1QgE4iJ7G6t65vPYLFzPqw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aP1IpJILzndOojTmmsv1cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aP1IpJILzndOojTmmsv1cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTNMf_e9PVsAg3XP5UDAHrBEV0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://painthy.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 10ms
9ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVaoMNXd8yX55xasA2j1qEVKi-bf4dpsEBuXM8vjSiRP98Sv1e7aMtlKfg66p8XMN_rX8dkRNtyTXrHM49IXPZv6k9_W5kLPCaRvaVozFom4MZV-fqDNVg926hnUP3iGJMWdR39ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7NVDIgizPphpkmt2fWWyNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painthy.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Mar 2024 15:56:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-7NVDIgizPphpkmt2fWWyNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBiWMy_i6mW4RlTKxAz_nnBxAnEO3w8WJzSZ7AGAbEQN8f8e9PXswm8OHijFAC9bhL5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://painthy.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 884B 42 B
64 B 53ms
53ms Fetch
image/gif 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbmtUVr92k7xTvFDJLS8XIDHyKvYoTIv2a382KxlIXeL9D5DzxYXjWMYoqUkcU3yXylcGIzD2q6rELRkyzfBAjqi-zi4MjWq_PUA4DN0sAkLdoWpeDb7uZkFO_TSHzigP4AeFMHeQO9xFHXIYU8A4rhJ5W8RM882A&sai=AMfl-YQZXZUeCt7B4ksA9AMG3Fy94pQ_Gjvt5h5jBxiRxbFYKwUoL6QrF1UAvVApQ3zVhqK-IkqHXawjAtkEeowuWLfU-wuETYRTYOw2KbwLKUDA6zMaZgd4BpujX3-Amni7Cs9uOvcUq65P54SSjiDsZg&sig=Cg0ArKJSzFsaKGeyJEG8EAE&cid=CAQSTwB7FLtqH6NFc3AOyplXgX6KjNnAcjzPzlTDusRsS4IXbqNHO5rEQqE04ouFjTlnCYWX8xnUm9xen_2LSH8NEdXxmMVyJ3Drg6DOxm6mIAcYAQ&id=lidar2&mcvt=1000&p=102,0,179.296875,325&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3302792388&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550057300&rst=1709567773183&rpt=1025&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 15:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 884B 42 B
64 B 48ms
47ms Fetch
image/gif 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTYidYx_0D954M6klWLXMf64UjBkPzt7ZYFzCHZD6XMuUCxPAyTXxqI2BuIBNukvxWdPeqsOXaKA57g_bsuSZiofzDRsSU8-zq01ucq9n2QCOs5lbgBgcV0d1lnDvHxt76P_kQVaNsD6Njj25-yqheq5flT5T-014&sai=AMfl-YT8qFnK1aPW0US8f0V2VSfbOiNu96r4bFPYnKpigTJMfQgnPnoNdhzzatjP0tsJZdz7kdc9TjoVcQmBoOA_kk5WLpf9bMe1XTPgEArKzfQjzMISrrrm8fxw7lEg3oEBkcj0AgPcZGHQNvhzoOV19Q&sig=Cg0ArKJSzGfpvzAP9oFBEAE&cid=CAQSTwB7FLtqH6NFc3AOyplXgX6KjNnAcjzPzlTDusRsS4IXbqNHO5rEQqE04ouFjTlnCYWX8xnUm9xen_2LSH8NEdXxmMVyJ3Drg6DOxm6mIAcYAQ&id=lidar2&mcvt=1002&p=17,0,94.296875,325&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3302792388&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550057300&rst=1709567773183&rpt=1020&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 15:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=2243547856521346&bg=!BAelB0jNAAauXHXJjlw7ADQBe5WfOKDaXXSetD66R46F068I4tGzKERHV_UE9znxhXbXSffqPvNQaLRXNyMqpZRjLkaoAgAAAEtSAAAABGgBBwoA1VSsYqi6O2A9cYUkOkKzfS4-huZ1e-wMpugKWq6AbmIWyPki3k4DPE6uvD9Iq7wH3KCAcv2izp5VhkRHUgcmPrt6P6OufOT6WH7Qacrv9aq7TTeHRnK7zj2ReYsY3j1wGUXydR5OJD9WkMZ9kQbB0zQtiWWPWd2090rdxrHEO5bZ6sd2cW18BofRr5GMDo06DnCwWhKkZTV1EUsvmMwUilOz1MIlA8nueOo07QiH_hzOok-NdUzTnthcIhJLszC5AUOcuoVFnZ81CZ9h1MvwV5947bHbP5kCtj43BJrMDzaGZ2lUwwruIDrIA_GamADSr5hHI5MO3rvUdP6BLf43ORolNOCW8v6HYzahtc6_PJ-dQTCN79EGr8wda712Wiz0EuEweu-fQe52ruRpUVsK7ofggo8l5jyaCPCkn0ODgD_GNzTNdPkDUa0JlAMqeKAVKmSrMRIG8yQuBm1F_3ch6tyYsmVzMOiaU8P9NXHiL_gVRQjM_iGW-cXjIilg5S49oRjYztdtIzxi4vlXL71c6WPXCl4b9oQaFSAtYlzUEmGJJvidIo8KYJHdeH-oQevyLDksOR81F8YSkjVWCjFa9pJuWDfIZk862kBtpW7VWPFBlAHgxfmDvDgW64nvxYKpIW2IeBCRPad4Dv0pHhlxwB_GTaHmoqwKYT3yB3I0G0Qjau7L5bqPbFf1O1kSRT3yeQeuObs5EgEXtESKOkiGwHMHQZklw5ZR9HPRgbxdxcEkOFGlvRKubvv9hjnnPiObWxGV0BNhT1T3nALoUWd8cq6TzQECvCNEblFMx4_1gxSDSJaHTtGotBjQ43xwpQYS8r1eCe2kVPnGPJqFZCaQDgeID7HDKIIfUcADp9V87Po-NhfVw_Q5mKnZ4gn-3_3bpjn6MY5elKLLHhAG-lmGpX4E7G6kNV7hC9ZUkvCpiwDj0nbGpsEm0LKj0Ii6p22qShgv2G9tUv8NQXfDeFnmPOrFvCuEnElvPSa3pryeCR0Lda6qRU_o8voZFiI_E3sAfJu5nCKo1-fxE153fJKjr1w4HmEaaJ80oNtib29riuQaeaKItpFW8ik7L03_Nm3BROTRDUfPga7NSioQhSNwxzzQxa389xRG6W1mL1z0vdyBn6PepZTfcxaWvdNOlu-_pyiYh4754SVAzd2fDRzTN0t9Mo1sYjKbNXVkdTV4DVdSX6XT1gUhi3IBGzqYuIU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://painthy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
painthy.com/	1970-01-21 03:38:23	Name: cookieyes-consent Value: consentid:V2NYUlAyOWF1QVJYNlkxbDVsUU5lNFBQaUxLeHZhQTU,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
.painthy.com/	1970-01-21 04:14:23	Name: __gads Value: ID=ed0871e63e457615:T=1709567773:RT=1709567773:S=ALNI_MZpoSGic7-a-SbQ-cw5ChBbwa7oZQ
.painthy.com/	1970-01-21 04:14:23	Name: __gpi Value: UID=00000d250476f76e:T=1709567773:RT=1709567773:S=ALNI_Mb4667L3gDLJJ_NR6CxIGEewzDx2Q
.painthy.com/	1970-01-20 23:11:59	Name: __eoi Value: ID=8b8e57df0ad691a0:T=1709567773:RT=1709567773:S=AA-AfjZJ-BZQloh6bxya1deBapK7
.doubleclick.net/	1970-01-20 18:52:51	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 04:28:47	Name: IDE Value: AHWqTUmiZ-RpiIFtpheIO7GmsyhHLRXMb85gXVS6erVRboG0pJhcRoJC8Ndk3mid0NM
.googleadservices.com/	1970-01-20 21:02:23	Name: ar_debug Value: 1
.painthy.com/	1970-01-21 03:38:23	Name: FCNEC Value: %5B%5B%22AKsRol-A2dXxWMfluUh-AFr-aZDvqn5la7FXE4hid5H825M9Me1wxY12jIUEA9G6D1V3NZRaeFR1r6giDiezl2LfZVXrNxQdB7Y2bo8klfNTGOroq-vRlVI5kTntPpXpBZjcYl5q97F5hGDy-ag-k67S260scHidjQ%3D%3D%22%5D%5D

51 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://painthy.com/amazon-jobs-work-from-anywhere/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.insider.com
p4-afcswkodct4xe-2y2xtkx2ablsbgbz-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
painthy.com
pixel.wp.com
rb.gy
s.w.org
stats.wp.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.251.175.94
151.101.2.217
192.0.76.3
192.0.77.48
2404:6800:4003:c00::5e
2404:6800:4003:c01::69
2404:6800:4003:c01::9b
2404:6800:4003:c02::5e
2404:6800:4003:c02::9c
2404:6800:4003:c03::84
2404:6800:4003:c04::5f
2404:6800:4003:c05::8b
44.196.211.73
45.130.41.84
74.125.68.155
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
00e6ec4f93eb21b92219030bbe059bb0aaf782728a3d79177001324d9aadf14c
040cec898556b5507f837f89145f8ec21866fcb83cff8de84b6d506bbcb129da
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0bbb149c853c7175821da2775dcf4f35e80f9d84d341f1b5a10880fe03e3a3c1
0c0275a07af721cb2bcb0f01e0861e754cafea89a013b545ed352c587c4a1ed2
0ef12ae0f9252dc05c6750084efcdbfa6cbb59d8798d14ab13656c95c9e4f411
131e4d9b107467e5301263e6a7cee833fbba9f58a51a321e21e41857e939cbd0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cbad15280ed20f2fbc36feb85a93ca87b646e7f3b707877121e329d9d12410c
1e160c6973ea74e48ff0f5c0c37cd73914f0fc60a00bb7b66728f4b01cc97b35
23ee66a86b5d4d0f347fac6beb80b0aa495fdd3db044d46a66d84d0679607e06
24364ac89cfd69f60eab8e59f971adbb1da72f05dc862af71703545f3d720278
25fdc7a17a7b3884e86c6f6b72b60288025980e5bcfff6b736f077902c1697ef
26e9dcd1c53b6378f8689af6e064a0c43e6dd94e439154a6e94623e04f206630
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
2a51c0e3455ad7119e8dc76b3be4341c2b68574ac71ce34c4ee909d89130265a
2b3ecc048a06e3d533fb7b6351afe165c9443cc4b2a49962a508deb63c8498fa
2c55dea800c7c131d9f3e3ac8a411abf3ca2b4fa836a7376aba3e99c43a621ba
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
330dc6a23e527b02487bdaccfa9754341c6815755bf96343292f3952c1f09486
39f248b63346ef7c082049f75b448d4c14790f1bf5184e9eb111a4bbccc1103c
3a6ba20cfe22bd75eb973b5ae2e7f46837eb098f51d06b15355f8b4d7b9e7aca
3b74367341607264b2d54c41f17fb5b6918ba49e4901e67c427816c2ae47946f
3b91dcba5846a9328886d9dae684bb9781c00e013db73a9cfececb59df8f95a0
3bae9940f716ecfb33ab00ab1fdf108fe0e89d47fc5e8f20ebc5e4e7a7350006
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e30577a7198874c10eca11f146e85196fd4160c7055463b3ddd63c63137bca3
3f7b6e8b97ffa9648ea638a1caeb5a7af3ee518234a43e415623421f1d15f2bd
41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43e372283eb9dfba817a4891642f715ff6e3fb6282f4df05f0efe165093c45c0
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4c756b8b2b42a2aa1a55756b8a2b1df7cc69c349e2108bc3638633f503e4fa13
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566165820cb347905665472e5e57227f1a034c64299787686311ffa124d9082b
578c646d5ca65662938d902d9441ab3e760dc2e20544263b75827aae7dda804f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e867668172b74cf750119a2fb530c068712ab2e4ec90447c49b00176e2300a2
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
601c726da99512b631035afaac434dc03c315c915696d9b266878ad222f4173b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ca6edb59777d0e0e48614df18f5638da590d764b64b3bf6494b3c68cd6619b
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
6ac7a16059a4a1168d45a7f8ba027c752ed631f01206d81be0a7ba5414cb6834
6c382617d1ac17821f706acb04bb3a6ca83b0db88b8cde547895a5fd7e504fcd
6c38dc17dbebb7e00014f3ea1025d5bb245baff733b50069eff5403b5dfaeeb8
6e2ce796e54f5e091dd8ccc1a30cee28b40e8886af5df03f7e420296d5709735
6f1c6b2c2683d13d4d299d8ad10caba2a2238130fd39f9a470d6bc6a706fafc3
700862d6f58663eeb294f5543211a4b800636c0ec8e204133b74e257a121a227
734f07d139123101347d2c261b700389be66c8300b8ae291f0ec48ca0c56d930
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78c74fd73d76581528a666ccd75672f59c8f2c8551c3304025410d77074ec2af
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8087482b9068c6f41e0bd55a2efaee5898239c92c91e55724eb982e7889b9de5
80df2f6f86de748acbbdc62e61a5ec6148c45911182589d61395fa0faaff9be4
81423501ec87edd7e9a5d69e9d48d0fd78539ac456873b1fb9fae3e87037f03f
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
864b49e72cb53d212de00394715314ccb255e8cafd02bab6b3cfacfeb742d50f
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8b771cc378608b527884c6aa96b5078052e89ceaf3a99565eeb5dba603008aea
8df344d00de25952994db106382bf6ec0e2f44697c63daa8d251acf4b0769df3
8ee6456e824f457658942b8ec75ac033279ac5a4ea4de15d7a14e1e1b77e9e91
904dbd6399971c9fe50a87a85a67e119c5ebd51b802a14cdf19629c74210325e
923bb1d333ca289850f06f8c32113212357241945d07ac9d2fc7790a1bdf5f3c
96b465d3fdedec8a7a466adde1cf0b94c69d3c809886d55d4723edd80ee61dd1
9b4afaba06a17bf52f333ce73b8b3e175348e0c8efecb4447ea0909ce4a62d27
9ec27c97205ce6bbd7d60f6a1814faa698d1c113ad08944d422ff534975b2072
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a6b37ecc19a8242168019a4011a8bbfbbca9f46c60f85b8090e55063d3a70e8c
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
aaa98cf9a1d05fcc65d948ce5712cf5ffee25659b1ab42553f1d60222ba0bb35
aaadde89b0db2f97f270379b4762e025c85a1a4d8a4c9ae2421ab48198cc3ae6
ad386e83074906780dfa1feec2070ff6e11f15c07953ac3d8431300ae0ba175b
b0b3c8a08afff51d87d6f144eb76c25bdfd19943cc6cb93e5f22b00c0728d06e
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b5dc4f8d803ee658ceb08850beca5415ce158fa4e7de8cda97fb44978500fd8a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8324528e50184f928586b77f3412d5cd0798c4b6edb2a8f33e224d789cb5acf
bad7cde68ddad2f12a8d451171fbada30d0f9ae5ec8a735d26e4b5cafb0c0cea
be47f84097fc1dcfe4a183ec10218db49578053af37a7d4bcf83d946fdeabc82
bffd7c8b1396bd10e1304626cf06667c3c95ed31e81ac93a7683594cc947850f
c0a71ca2c2b80121a9db00dd745294b6a10f3904add5781197d3f6db69e4a574
c2f5fad3410d3d126c6bffc1a5d7d91082e946307bcf595bcac560b84c87805a
c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1
c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf176afd9942985c040f9acf0d348cb5f53bb7f0906f4e4d25822629e38da95
ceee574841dd9f8ff1f1d23a93e3115a2c6b0392f804f3c6b35fd6c53d754073
d9ce958515e4c42199afa5f6f985d7038047c2ca5821147d68fe3604b138e5aa
daf9eb6e27d03737dbb6e05caff84e0347b19e0122f7de9e3dde0175d11b4422
dc94b334bdbade3c6e278dcb6568556f0ce413d97a49d046e94a67f56472f0ff
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774
e37fb64062c9a83d7440f9067d4025bbc33194c348c5fa0a0bb07c6f67bf901a
e38585fe1420e1227de54c45057bfbe84ae69461b8ba4e4fc5bbd1a2b31484c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
ee534ebd2a20259114de62ebbddca7e8b19f6948ac9654f36f9c056f254bf571
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a23ace0fc097bdaf8ce3a59c7acff6fc0a78fd3a9869309ed7fcb5c462e25
f278bf82a64ac1a5ae8f69e06890047a914b3d0100bf856aabd758d2e15edf36
f3427b51dd1e67b483a0dac57e0efdb2ef48c5a329ff3aef6aacf49c61f050c5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

painthy.com Open in urlscan Pro 45.130.41.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

96 %HTTPS

53 %IPv6

11 Domains

16 Subdomains

15 IPs

3 Countries

3308 kBTransfer

8544 kBSize

8 Cookies

18 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

painthy.com Open in urlscan Pro
45.130.41.84 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

96 %
HTTPS

53 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

3308 kB
Transfer

8544 kB
Size

8
Cookies

175 HTTP transactions
7 data transactions