urlscan.io logo urlscan.io
SecurityTrails logo

paint.toys Open in urlscan Pro
15.197.167.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2...
Effective URL: https://paint.toys/oil/
Submission: On March 01 via api from BE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 8 countries across 44 domains to perform 156 HTTP transactions. The main IP is 15.197.167.90, located in United States and belongs to AMAZON-02, US. The main domain is paint.toys.
TLS certificate: Issued by E5 on January 31st 2025. Valid for: 3 months.
This is the only time paint.toys was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 67.198.205.86 35908 (VPLSNET)
1 8 15.197.167.90 16509 (AMAZON-02)
11 104.18.21.56 13335 (CLOUDFLAR...)
2 142.250.186.104 15169 (GOOGLE)
3 142.250.185.110 15169 (GOOGLE)
1 7 142.250.185.226 15169 (GOOGLE)
2 104.18.20.56 13335 (CLOUDFLAR...)
1 143.204.215.48 16509 (AMAZON-02)
1 104.22.74.216 13335 (CLOUDFLAR...)
1 185.199.110.133 54113 (FASTLY)
10 142.250.185.238 15169 (GOOGLE)
2 104.26.2.70 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
1 178.250.1.39 44788 (ASN-CRITE...)
6 178.250.1.11 44788 (ASN-CRITE...)
3 108.138.3.93 16509 (AMAZON-02)
1 142.250.186.138 15169 (GOOGLE)
6 162.19.138.117 16276 (OVH OVH SAS)
2 52.31.98.157 16509 (AMAZON-02)
2 52.54.60.70 14618 (AMAZON-AES)
2 63.176.195.25 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
1 18.244.21.169 16509 (AMAZON-02)
3 162.19.138.120 16276 (OVH OVH SAS)
1 34.36.214.49 396982 (GOOGLE-CL...)
3 23.35.236.201 16625 (AKAMAI-AS)
4 52.30.155.174 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.89.210.46 29990 (ASN-APPNEX)
1 178.250.1.56 44788 (ASN-CRITE...)
1 35.71.170.66 16509 (AMAZON-02)
1 104.18.27.193 13335 (CLOUDFLAR...)
4 146.190.187.150 14061 (DIGITALOC...)
4 35.159.236.149 16509 (AMAZON-02)
4 69.173.156.139 26667 (RUBICONPR...)
1 18.157.230.4 16509 (AMAZON-02)
1 52.222.236.91 16509 (AMAZON-02)
1 178.250.1.38 44788 (ASN-CRITE...)
4 23.67.137.210 16625 (AKAMAI-AS)
1 65.9.66.97 16509 (AMAZON-02)
1 104.22.52.173 13335 (CLOUDFLAR...)
1 104.22.52.86 13335 (CLOUDFLAR...)
2 142.250.186.34 15169 (GOOGLE)
1 64.158.223.146 41041 (VCLK-EU-S...)
1 34.249.15.87 16509 (AMAZON-02)
1 18.184.206.66 16509 (AMAZON-02)
1 3 76.223.111.18 16509 (AMAZON-02)
1 54.158.53.253 14618 (AMAZON-AES)
1 142.250.186.97 15169 (GOOGLE)
5 142.250.181.225 15169 (GOOGLE)
3 142.250.186.33 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
1 167.99.225.56 14061 (DIGITALOC...)
1 104.18.24.18 13335 (CLOUDFLAR...)
2 23.219.149.145 16625 (AKAMAI-AS)
2 35.244.159.8 396982 (GOOGLE-CL...)
1 151.101.65.108 54113 (FASTLY)
1 52.223.40.198 16509 (AMAZON-02)
1 1 104.87.211.61 16625 (AKAMAI-AS)
1 34.245.246.135 16509 (AMAZON-02)
1 2 104.18.26.193 13335 (CLOUDFLAR...)
156 61
2    67.198.205.86 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.198.205.86.static.krypt.com
sxcqe.specialday.cl
8    15.197.167.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: afa7f374f51cc8991.awsglobalaccelerator.com
paint.toys
11    104.18.21.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
prebid.intergient.com
2    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
3    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.google-analytics.com
7    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
2    104.18.20.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.intergient.com
1    143.204.215.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-48.fra53.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    185.199.110.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-133.github.com
raw.githubusercontent.com
10    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
fundingchoicesmessages.google.com
2    104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net
ad.doubleclick.net
1    178.250.1.39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
static.criteo.net
6    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
3    108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
imasdk.googleapis.com
6    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
2    52.31.98.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-98-157.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    52.54.60.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-60-70.compute-1.amazonaws.com
idx.liadm.com
2    63.176.195.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-176-195-25.eu-central-1.compute.amazonaws.com
cd836371f1d.cdn.intergient.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.244.21.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-21-169.fra56.r.cloudfront.net
aax.amazon-adsystem.com
3    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    52.30.155.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-155-174.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    178.250.1.56 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid.bidswitch.net
1    35.71.170.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
1    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    146.190.187.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
exchange.cootlogix.com
4    35.159.236.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    69.173.156.139 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    18.157.230.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-230-4.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    52.222.236.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-91.fra56.r.cloudfront.net
hb.yellowblue.io
1    178.250.1.38 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid-bidder.criteo.com
4    23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    104.22.52.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
1    64.158.223.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams02-convex-float1.dotomi.com
proc.ad.cpe.dotomi.com
1    34.249.15.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-15-87.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    18.184.206.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-206-66.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    54.158.53.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-53-253.compute-1.amazonaws.com
rp.liadm.com
1    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
f292c4248dcb5054f199813a5982d701.safeframe.googlesyndication.com
5    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
cdn.ampproject.org
3    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
1    167.99.225.56 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
1    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    23.219.149.145 (Santiago, Chile)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-149-145.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    151.101.65.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    104.87.211.61 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-211-61.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    34.245.246.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-246-135.eu-west-1.compute.amazonaws.com
pbs-cs.yellowblue.io
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
Apex Domain
Subdomains		 Transfer
15 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 15235
cd836371f1d.cdn.intergient.com — Cisco Umbrella Rank: 17391
prebid.intergient.com — Cisco Umbrella Rank: 20312
484 KB
10 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 692
www.google.com — Cisco Umbrella Rank: 10 Failed
71 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 300
ad.doubleclick.net — Cisco Umbrella Rank: 224
googleads.g.doubleclick.net Failed
218 KB
8 paint.toys
paint.toys
130 KB
7 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 779
eus.rubiconproject.com — Cisco Umbrella Rank: 909
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1528
4 KB
7 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 698
cdn.id5-sync.com — Cisco Umbrella Rank: 1160
33 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 625
grid-bidder.criteo.com — Cisco Umbrella Rank: 1755
3 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 165
f292c4248dcb5054f199813a5982d701.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 244
142 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 395
104 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1760
match.sharethrough.com — Cisco Umbrella Rank: 890
523 B
5 cootlogix.com
exchange.cootlogix.com — Cisco Umbrella Rank: 6594
sync.cootlogix.com — Cisco Umbrella Rank: 2822
2 KB
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2010
rtb.gumgum.com — Cisco Umbrella Rank: 2506
969 B
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 424
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 953
aax.amazon-adsystem.com — Cisco Umbrella Rank: 546
100 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1658
106 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 929
eb2.3lift.com — Cisco Umbrella Rank: 685
1 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 839
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 800
109 B
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 802
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 810
2 KB
3 openx.net
pa.openx.net — Cisco Umbrella Rank: 5794
rtb.openx.net Failed
u.openx.net — Cisco Umbrella Rank: 1092
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1192
844 B
3 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2318
rp.liadm.com — Cisco Umbrella Rank: 1440
746 B
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 4165
tags.crwdcntrl.net — Cisco Umbrella Rank: 1357
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 113
2 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2874
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 3597
623 B
2 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 2608
match.adsrvr.org — Cisco Umbrella Rank: 550
563 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 426
acdn.adnxs.com — Cisco Umbrella Rank: 957
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1589
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 107
216 KB
2 specialday.cl
sxcqe.specialday.cl
2 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1019
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 123
20 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4761
459 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2290
324 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 2059
x.bidswitch.net Failed
320 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 623
137 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1134
13 KB
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3343
591 B
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1654
api.btloader.com Failed
36 KB
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 20045
919 B
0 agkn.com Failed
fid.agkn.com Failed
0 creativecdn.com Failed
invstatic101.creativecdn.com Failed
0 33across.com Failed
cdn-ima.33across.com Failed
lexicon.33across.com Failed
0 openxcdn.net Failed
oa.openxcdn.net Failed
0 dns-finder.com Failed
ag.dns-finder.com Failed
0 faucetfoot.com Failed
faucetfoot.com Failed
156 44
Domain Requested by
11 cdn.intergient.com paint.toys
cdn.intergient.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
8 paint.toys 1 redirects sxcqe.specialday.cl
paint.toys
7 securepubads.g.doubleclick.net 1 redirects cdn.intergient.com
securepubads.g.doubleclick.net
paint.toys
imasdk.googleapis.com
6 id5-sync.com cdn.intergient.com
cdn.id5-sync.com
6 gum.criteo.com static.criteo.net
cdn.intergient.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 secure.cdn.fastclick.net sxcqe.specialday.cl
secure.cdn.fastclick.net
4 fastlane.rubiconproject.com cdn.intergient.com
4 btlr.sharethrough.com cdn.intergient.com
4 exchange.cootlogix.com cdn.intergient.com
4 g2.gumgum.com cdn.intergient.com
3 tpc.googlesyndication.com paint.toys
3 eb2.3lift.com 1 redirects cdn.intergient.com
3 ads.pubmatic.com cdn.intergient.com
3 lb.eu-1-id5-sync.com cdn.intergient.com
cdn.id5-sync.com
3 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
2 ssum-sec.casalemedia.com 1 redirects cdn.intergient.com
2 u.openx.net cdn.intergient.com
2 eus.rubiconproject.com cdn.intergient.com
2 pagead2.googlesyndication.com paint.toys
2 prebid.intergient.com cdn.intergient.com
2 cd836371f1d.cdn.intergient.com cdn.intergient.com
2 idx.liadm.com cdn.intergient.com
2 id.crwdcntrl.net cdn.intergient.com
2 ad-delivery.net paint.toys
2 www.googletagmanager.com paint.toys
www.googletagmanager.com
2 sxcqe.specialday.cl 1 redirects
1 pbs-cs.yellowblue.io cdn.intergient.com
1 secure-assets.rubiconproject.com 1 redirects
1 match.adsrvr.org paint.toys
1 acdn.adnxs.com cdn.intergient.com
1 js-sec.indexww.com cdn.intergient.com
1 sync.cootlogix.com cdn.intergient.com
1 www.googleadservices.com paint.toys
1 f292c4248dcb5054f199813a5982d701.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rp.liadm.com cdn.intergient.com
1 match.sharethrough.com paint.toys
1 rtb.gumgum.com cdn.intergient.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cdn.id5-sync.com sxcqe.specialday.cl
1 cdn.hadronid.net sxcqe.specialday.cl
1 tags.crwdcntrl.net sxcqe.specialday.cl
1 grid-bidder.criteo.com cdn.intergient.com
1 hb.yellowblue.io cdn.intergient.com
1 tlx.3lift.com cdn.intergient.com
1 htlb.casalemedia.com cdn.intergient.com
1 direct.adsrvr.org cdn.intergient.com
1 grid.bidswitch.net cdn.intergient.com
1 ib.adnxs.com cdn.intergient.com
1 hbopenbid.pubmatic.com cdn.intergient.com
1 pa.openx.net cdn.intergient.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 imasdk.googleapis.com cdn.intergient.com
1 static.criteo.net securepubads.g.doubleclick.net
1 ad.doubleclick.net paint.toys
1 raw.githubusercontent.com paint.toys
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
0 api.btloader.com Failed btloader.com
0 googleads.g.doubleclick.net Failed paint.toys
0 x.bidswitch.net Failed paint.toys
0 www.google.com Failed paint.toys
0 rtb.openx.net Failed cdn.intergient.com
0 lexicon.33across.com Failed cdn.intergient.com
0 fid.agkn.com Failed cdn.intergient.com
0 invstatic101.creativecdn.com Failed securepubads.g.doubleclick.net
0 cdn-ima.33across.com Failed securepubads.g.doubleclick.net
0 oa.openxcdn.net Failed securepubads.g.doubleclick.net
0 ag.dns-finder.com Failed btloader.com
0 faucetfoot.com Failed cdn.intergient.com
156 73

This site contains links to these domains. Also see Links.

Domain
toms.toys
Subject Issuer Validity Valid
trustmailboxes.com
E5		 2024-12-29 -
2025-03-29		 3 months crt.sh
paint.toys
E5		 2025-01-31 -
2025-05-01		 3 months crt.sh
834af943.sni.cloudflaressl.com
WE1		 2025-02-28 -
2025-05-29		 3 months crt.sh
*.google-analytics.com
WE2		 2025-02-26 -
2025-05-21		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-02-26 -
2025-05-21		 3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-12-12 -
2026-01-09		 a year crt.sh
btloader.com
WE1		 2025-02-03 -
2025-05-04		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
*.google.com
WE2		 2025-02-26 -
2025-05-21		 3 months crt.sh
ad-delivery.net
WE1		 2025-01-08 -
2025-04-08		 3 months crt.sh
*.doubleclick.net
WE2		 2025-02-26 -
2025-05-21		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-03 -
2025-05-03		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-09 -
2025-05-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
upload.video.google.com
WE2		 2025-02-26 -
2025-05-21		 3 months crt.sh
id5-sync.com
E5		 2025-01-01 -
2025-04-01		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.cdn.intergient.com
Go Daddy Secure Certificate Authority - G2		 2024-04-17 -
2025-04-01		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-01-22 -
2026-02-20		 a year crt.sh
eu-1-id5-sync.com
R10		 2025-01-01 -
2025-04-01		 3 months crt.sh
pa.openx.net
WR3		 2025-01-09 -
2025-04-09		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh
prebid.intergient.com
WE1		 2025-02-19 -
2025-05-20		 3 months crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M03		 2024-07-02 -
2025-08-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-01 -
2025-04-28		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
casalemedia.com
E5		 2025-02-08 -
2025-05-09		 3 months crt.sh
*.cootlogix.com
Starfield Secure Certificate Authority - G2		 2024-10-13 -
2025-10-13		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.3lift.com
Amazon RSA 2048 M03		 2025-02-11 -
2026-03-12		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M02		 2025-02-16 -
2026-03-17		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
hadronid.net
WE1		 2025-01-20 -
2025-04-20		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
misc-sni.google.com
WE2		 2025-02-26 -
2025-05-21		 3 months crt.sh
tpc.googlesyndication.com
WE2		 2025-02-26 -
2025-05-21		 3 months crt.sh
indexww.com
WE1		 2025-01-28 -
2025-04-28		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh

This page contains 24 frames:

Primary Page: https://paint.toys/oil/
Frame ID: 65301FC3DFBFCB39D9AC135C4B28D872
Requests: 119 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/V.20250228.1/iframe/iframe.html
Frame ID: D9AA508B898A4B04D6E3F54761AA2C20
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: FC0E1F4AC9835088017A83715A97C78F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Frame ID: C90B748EEDC4C1281B00AC091D0AA06E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/V.20250228.1/iframe/iframe.html
Frame ID: 3A673BEED4179DC8CC1C79F6CE8A75BF
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 002E63E8AF6964A62770D3E9FEF37BE7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: A9C2DE4349DB6C83ED8B5A4677DFB085
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 99C5086076CA9D1C0672B84891280DFE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: F968172290F9C2A3C3204B9E4670B535
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: B27F7AF878A4034366F99ECD4D5DC686
Requests: 1 HTTP requests in this frame

Frame: https://f292c4248dcb5054f199813a5982d701.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Frame ID: C18CC56D57D2E92EEA4C181BFA60DCC8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012502032353000/amp4ads-v0.mjs
Frame ID: F7556C644782021D57A4B10F78BC9E71
Requests: 14 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 9C3D5966AE2096EFCEDE8CA30AD9BDA3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 164BEA0F153008CF8085E5C71B24130D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B82102FBDF267E9ACED007E84B41A8D5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 542C57CD0F4D86C018282B25F49C3F61
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 65319F26BAE16DC1DB5CAA44FE588989
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paint.toys&gpp=
Frame ID: 5E64D2FB8E683F036438CD86F6524BFC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D69EA75C555C13CE8DE3F5C826568DA4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Frame ID: 7A9DFEB218D35E21BB943068BF14A6EA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 4A632D30361212134B5FA852A5FE8243
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Frame ID: 4A93A72DEC8A90FDA67901B326258C55
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Frame ID: 774D2CFEFA39F5BB71F24EAC602C8BC4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: A6F48D999CBCEAFD0A57E8133EF3FBBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paint with Oils

Page URL History Show full URLs

  1. http://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZm... HTTP 307
    https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZm... Page URL
  2. https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZm... HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

156
Requests

88 %
HTTPS

0 %
IPv6

44
Domains

73
Subdomains

61
IPs

8
Countries

1822 kB
Transfer

5823 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel HTTP 307
    https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel Page URL
  2. https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel?in=1 HTTP 302
    https://paint.toys/oil HTTP 301
    https://paint.toys/oil/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel HTTP 307
  • https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Request Chain 108
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 125
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cem2O01LCZ_aNNOaEjuwPk8ykmAuCl8HSfaTMkp7ME6KftuOODhABIPub1Ulg7QKgAb6Q0uAqyAEC4AIAqAMByAMIqgT1Ak_QnIdXGm0hPBv4afyjO-ztIPuQCvfEdW7D-cicDlwqcmV80T7Qk5BU9YGltvBFC96JoHIgo5gFWcaAxQyOLkfR0aD1dO1w1i5vyyEHXfsBaXCllLPUSOCwrd3Vo2lxmJcBXRUCzcPQKhifbDfg-zAqriQC__bR1HdU8NmLjBMwUa8qlpAHpxmWymPPNv--gIwS9M9mSvA41GlmrihSfbRNi33C9K2cZ_vLwWi2UrRQcE7CvACDy1cUspPat9cUg86G-mxxdGZ-i-NiOrvrlqf71wLSp4W6XOPEUdNpWjDhSlX-eE6neORo9Gky5sjUDnBcucMuxQjdZ6V6PEbQ-kQIpJS84J74Y_YF-rguFhmUDr1l4rJTuUMDQl0ZzhY-VVtxaYS70FfwZP_hmgD0-k62nZRGGTosogMLTjZ6fcoEyJrzfJ9yNIaF24zTYIecDPQg1sGX0aFEyAGm7Vit47l0qCtWrFGMEd1q1QIqqIiDz9T2I1bABKHa2p2EBeAEAYgFjNuAulKSBQQIBBgBkgUECAUYBKAGAoAHvsiiwAWoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcEEL-XAtIIKQiA4YBgEAEYnQEyAssCOguAQIDAgICAoKiAAki9_cE6WK2546LO54sDmgnUA2h0dHBzOi8vcXVpei50aGVsaXZlbi5jb20vZW4_dXRtX3NvdXJjZT1nb29nbGUmYWNjb3VudD1jaGVzbWludCZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPTIyMTMzMzUzODY4JnV0bV9kZXZpY2U9YyZwbGFjZW1lbnQ9cGFpbnQudG95cyZ1dG1fY3JlYXRpdmU9NzI5MjgwODI3MzMzJmNhbXBhaWduX25hbWU9MDI4Ml9Hb29nbGUtRGlzcGxheV93b1RhcmdfdzJ3X1B1cmNoLUdUTV9Ub3AyOF9Ub3BDcmVvX2FkaGQtbXBmXzE2MDFfSEkmYWRzZXRfbmFtZT1NQ19BZmZpbml0eUFsbF9Ub3AyOF9hbGxHXzI1LTY1K19hbGxMX1RvcENyZW9fYWRoZC1tcGZfVG9wLTNfMTQwOCZtYXRjaHR5cGU9JmtleXdvcmQ9JnV0bV9hZHNldD0xNzI5MzQ3MzcxODUmdXRtX2FkPTcyOTI4MDgyNzMzMyZhZF9uYW1lPTEzMDM3LTY4NzAtQWR0LVN0YS0zMDB4NjAwLWFkaGQtR0ctRU4tVkFELUZJTC1WSUstU2VlJmdhZF9zb3VyY2U9NYAKA8gLAdoMEAoKEJDo_abT797-bBICAQPiDRMI793jos7niwMVZoKDBx0TJgmz6g0TCLye5KLO54sDFWaCgwcdEyYJs9gTDNAVAZgWAYAXAbIXIAocCAASFHB1Yi02NTMxNTAzMjYwNjcxNDcxGNuiIRgBuhcCOAGyGAkSArFpGAIiAQDQGAHoGAE&sigh=qBjLshzWJ_Y&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSOwCjtLzMQT5XAw2EF1gAJB-3yNSgTFX6sFpLBrR7H-rcI9me85dIg00WQq7Q-Z1Q-9QTeLt6-EfHGYkBGAE&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc875e61e89922ba20000000000000000%22,%222%22:%220x6bfae1ea54b7b860000000000000000%22,%223%22:%220xbfc271fe8b13a4a40000000000000000%22,%224%22:%220x65aa2457be7b13ed0000000000000000%22,%225%22:%220x6a7b9eeef97445150000000000000000%22},%22debug_key%22:%226362665091729750674%22,%22debug_reporting%22:true,%22destination%22:%22https://theliven.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211476961342%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214913812300216521793%22}&andc=true
Request Chain 145
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 146
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 149
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1

156 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
dssrel
sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/
Redirect Chain
  • http://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
  • https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
681 B
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.198.205.86 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.198.205.86.static.krypt.com
Software
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2 / PHP/7.4.33
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
364
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Mar 2025 00:20:33 GMT
Developed-by
Mohamed Amine El Attabi
Email
mohamed.amine.elattabi@gmail.com
Expires
Sat, 2 Aug 1980 15:15:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.62 (CentOS Stream) OpenSSL/3.2.2
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
paint.toys/oil/
Redirect Chain
  • https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel?in=1
  • https://paint.toys/oil
  • https://paint.toys/oil/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/
Requested by
Host: sxcqe.specialday.cl
URL: https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
15968
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
1669
content-type
text/html; charset=UTF-8
date
Sat, 01 Mar 2025 00:20:34 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JN7H71BFWVQK5QG4NARPFAWW

Redirect headers

accept-ranges
bytes
age
15968
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-length
1668
content-type
text/html; charset=UTF-8
date
Sat, 01 Mar 2025 00:20:34 GMT
etag
"7afa2eee23cef4ed7f87aab76b5bc74d-ssl-df"
location
/oil/
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01JN7H71B618Y2YAYMTEDH7NGG
ramp_config.js
cdn.intergient.com/1024872/74068/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024872/74068/ramp_config.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af91ca81486a90eb2a10e43735fa3e14eef4fefcb46d6f3db6b95854e11fabe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-ray
91947d42afe39f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
apps.css
paint.toys/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paint.toys/apps.css
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"58d01e65c6625681e8891f6fbc8c18f5-ssl-df"
age
125450
accept-ranges
bytes
content-length
1395
x-nf-request-id
01JN7H71C1Q56JW37V973HWXXP
cache-status
"Netlify Edge"; hit
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
Netlify
index.js
paint.toys/oil/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paint.toys/oil/index.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"687211e2ced405124b38663a13c97091-ssl-df"
age
15968
accept-ranges
bytes
content-length
1206
x-nf-request-id
01JN7H71C1K58HVHZM25EZ4SD3
cache-status
"Netlify Edge"; hit
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
art-icon.png
paint.toys/assets/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/art-icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"1394f8469f2ca5750397e3d7b6ec70a1-ssl"
age
37469
accept-ranges
bytes
content-length
33562
x-nf-request-id
01JN7H71C1TSZJWBVMB1721N8T
cache-status
"Netlify Edge"; hit
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
image/png
server
Netlify
icon-hand.png
paint.toys/assets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-hand.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"a0822110a4671ffdf710da1467460fba-ssl"
age
125450
accept-ranges
bytes
content-length
27394
x-nf-request-id
01JN7H71C1VYEKXA7J1P9GVGSS
cache-status
"Netlify Edge"; hit
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
image/png
server
Netlify
icon-disk.png
paint.toys/assets/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-disk.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"26852fa1548a91e004629b01e4abf1dd-ssl"
age
122576
accept-ranges
bytes
content-length
13766
x-nf-request-id
01JN7H71CG8XF3V1FEFG1D8SQ0
cache-status
"Netlify Edge"; hit
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
image/png
server
Netlify
icon-trash.png
paint.toys/assets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paint.toys/assets/icon-trash.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.167.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afa7f374f51cc8991.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/oil/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"e91ef5e34b5154d392e8560031eaaa4c-ssl"
age
127966
accept-ranges
bytes
content-length
51680
x-nf-request-id
01JN7H71CJEVP4M9XS520WYXWF
cache-status
"Netlify Edge"; hit
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
image/png
server
Netlify
ramp_core.js
cdn.intergient.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23ff77a1f319848c1e2354f465046d1c664913be6a28ca3b4d42eb5537e549e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-ray
91947d42afe59f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		346 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2f9f2004b40bde65167c69741a1daaff72563fdd5447993d664a6639bbfac00d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
expires
Sat, 01 Mar 2025 00:20:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1003:0
content-length
118457
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		282 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je52q0v9101576445za200&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453~102717421~102732003
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f5624a5cc57e615affbffcf7cba17057f2eb21d26243c412104e4eaa8e3094a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
expires
Sat, 01 Mar 2025 00:20:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1003:0
content-length
101909
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je52q0v9101576445za200&_p=1740788434308&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453~102717421~102732003&cid=1069762894.1740788434&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1740788434&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fsxcqe.specialday.cl%2F&dt=Paint%20with%20Oils&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=694
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"ascnsrsggc:86:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:86:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/plain
server
Golfe2
c6_79b3d6a9081972795d723a5cae38d9f0fb2e692.min.js
faucetfoot.com/build/5ab3079/ 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
57971afbc630517a859ad5c3a4c82fd6428dcc1afe80c43cf3673bbda6d82f53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
739 / 20148 / 31090692 / config-hash: 9008786146610258964
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 00:20:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34025
x-xss-protection
0
server
cafe
prebid.js
cdn.intergient.com/prebid/ 		564 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/prebid/prebid.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74068/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930f76466a9eb4f30d5eb615b47214dbde199ea4e41372f0a0f4234999effd26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"a7d87a2b75d40afc93980b7bf5387309"
age
4314
cf-ray
91947d43382b9f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript
last-modified
Thu, 13 Feb 2025 13:59:49 GMT
vary
Accept-Encoding
server
cloudflare
pageos.js
cdn.intergient.com/pageos/V.20250228.1/ 		411 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1038bb8f948edae0a2a31fbf8a89801e11c658f322c13144b4f4fc9a78a9586b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"4adb87baeb4f6026933f5942aedd3b88"
age
4455
cf-ray
91947d43382d9f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript
last-modified
Fri, 28 Feb 2025 14:21:23 GMT
vary
Accept-Encoding
server
cloudflare
runtime.1488b526f430f23c5d25.js
cdn.intergient.com/pageos/V.20250228.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/runtime.1488b526f430f23c5d25.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6616543a9c8be78c62ee898d07da99fe8cc44d6f287e23dd0106bb7106c2c6e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"cdc65c8f3a140f02880f9f229b598d2d"
age
4455
cf-ray
91947d4368499f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript
last-modified
Fri, 28 Feb 2025 14:21:25 GMT
vary
Accept-Encoding
server
cloudflare
main.19e7fd1c194c46a17c25.js
cdn.intergient.com/pageos/V.20250228.1/ 		1 MB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d64e38115d43b7176523245d3cf745f69146ef4254fcbd0de8ecd804cdcfb9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"43ffb4ca87078d1a63d0e822caae5861"
age
4455
cf-ray
91947d43684a9f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript
last-modified
Fri, 28 Feb 2025 14:21:21 GMT
vary
Accept-Encoding
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CEFZJ359V8&gtm=45je52q0v9102396898za200zb9101576445&_p=1740788434308&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101732279~101732281~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453~102717421~102732003&cid=1069762894.1740788434&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1740788434&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fsxcqe.specialday.cl%2F&dt=Paint%20with%20Oils&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1740788434308&tfd=756
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFZJ359V8&l=dataLayer&cx=c&gtm=45je52q0v9101576445za200&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453~102717421~102732003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"ascnsrsggc:86:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:86:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/plain
server
Golfe2
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/ 		515 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f9fdbdc7d871ddedd144ca9ca9cf55de0ced30e71062c4abe224977f92e76908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
5594346831847035664
age
44347
x-content-type-options
nosniff
expires
Sat, 28 Feb 2026 12:01:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 28 Feb 2025 12:01:27 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
163608
x-xss-protection
0
server
cafe
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/V.20250228.1/ 		559 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/runtime.1488b526f430f23c5d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"6880c1609e3243c11c7b4f1285e14d89"
age
4313
cf-ray
91947d4458c09f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript
last-modified
Fri, 28 Feb 2025 14:21:28 GMT
vary
Accept-Encoding
server
cloudflare
iframe.html
cdn.intergient.com/pageos/V.20250228.1/iframe/ Frame D9AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

age
4454
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
91947d449ac4d352-FRA
content-encoding
br
content-type
text/html
date
Sat, 01 Mar 2025 00:20:34 GMT
hw-country-code
SE
last-modified
Fri, 28 Feb 2025 14:21:18 GMT
server
cloudflare
vary
Accept-Encoding
gdpr.80ecc6d950abd7ae1e79.js
cdn.intergient.com/pageos/V.20250228.1/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/gdpr.80ecc6d950abd7ae1e79.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/runtime.1488b526f430f23c5d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af7d6e87956d5fa4efa79a20dadf99c8646b041ae992cc64f53cf7e4ca5dc4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"5f9d5d36376d3631f41c8f82fda1adbf"
age
4453
cf-ray
91947d4478c69f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript
last-modified
Fri, 28 Feb 2025 14:21:17 GMT
vary
Accept-Encoding
server
cloudflare
GDPR
impression-inferences-edge-prod.playwire.com/websites/74068/v1/Fri/19/desktop/Chrome/ 		583 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74068/v1/Fri/19/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-48.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
455c38d0f481826382c5fea7b95c202f23e3c291c762866dca250fc76259ed7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600, public, must-revalidate
access-control-expose-headers
*
age
1078
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
583
x-amz-cf-id
2x9sH3YpRZykj01XyYzCyAMqDiA6quYwy5QFin1muN5uX3uVdeoHew==
date
Sat, 01 Mar 2025 00:02:36 GMT
content-type
application/json
x-amz-cf-pop
FRA53-C1
server
CloudFront
tag
btloader.com/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb758cc2b5126150d0085d9125b1a4ebb9fd0d7447a374b7b2b622bd85b60513

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"ccb88393fd7285aaaddfa6401c28e874"
age
1201
via
1.1 google
cf-ray
91947d44a95a5c56-FRA
accept-ranges
bytes
content-length
36190
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript
last-modified
Fri, 28 Feb 2025 23:58:04 GMT
vary
Origin, Accept-Encoding
server
cloudflare
1x1.gif
raw.githubusercontent.com/easylist/easylist/master/docs/ 		43 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/easylist/easylist/master/docs/1x1.gif
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-133.github.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-fastly-request-id
f93254a8e33ec3e252901b4063c0c37dfc18377f
etag
W/"0c4a5773f7e435c57c40bd270aef756513eba26bd7ba5317b5bd765569a7325d"
x-content-type-options
nosniff
x-github-request-id
69B8:C3144:19B4C2:1DFBCE:67C0FEF0
expires
Sat, 01 Mar 2025 00:25:34 GMT
x-cache
HIT
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
image/gif
x-served-by
cache-fra-eddf8230033-FRA
x-cache-hits
12
source-age
169
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1740788435.656326,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
154013155
fundingchoicesmessages.google.com/i/ 		192 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
6d49c0dda45a7e64720a0b2506adcb2ba36a34bd7ac5df547a4a4982bf86853d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--3h8bpew2eoiJHQjwvciWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw05BiaL15jnUyEButPc_qAMSGCpdY7YH4_rpLrM-B-EP9ZdYfQFwkcYW1AYgZvl5h5QDiky5XWS8C8WUgvg3EQjwcl5Z27mMTOPF20XkmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDI1MDIyNzPQOD-AIDAGZMN4w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--3h8bpew2eoiJHQjwvciWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
px.gif
ag.dns-finder.com/ 		0
0
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
677849
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jln4FDO4hNJCq6MN4zHe9mm%2BJAJcZXsKjggHBRYyujgZ%2FAyLiV13PQXceaK%2BilEF6ou%2FA8t8G4kPnEniJaMc8kG6SG0OTOarVfDS5l0Ge4BgefmTvscW0YkKJF5iO%2BaWyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Fri, 21 Feb 2025 05:00:02 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=6579&min_rtt=6115&rtt_var=1423&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4358&recv_bytes=2351&delivery_rate=674004&cwnd=253&unsent_bytes=0&cid=18ababa76595596e&ts=20&x=0"
x-goog-stored-content-length
43
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFIdbgSM45LKVcnLOM-To2Ft-BhM1HWcuh0RT5zKyhywnAY8s_EzF00nJyjFi9HkB6cEMk7urewrYzU
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
91947d4508e29244-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
age
80131
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 02:05:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 28 Feb 2025 02:05:03 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9847017959657733
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
677849
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHK5wdUeMwLGHezoyXdOjZpkW%2BGGR0lGOy0cL0EBm3Glhd%2B50JWvY2Cy0XZ7X3m4tznomaQpWERNXW3gTlkpLjoX1IA75%2B6QCaNN96PqmqIR3ogf7OGRpZbfm0bp8UYJkA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Fri, 21 Feb 2025 05:00:02 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=6579&min_rtt=6115&rtt_var=1423&sent=11&recv=12&lost=0&retrans=0&sent_bytes=5489&recv_bytes=2351&delivery_rate=674004&cwnd=253&unsent_bytes=0&cid=18ababa76595596e&ts=21&x=0"
x-goog-stored-content-length
43
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFIdbgSM45LKVcnLOM-To2Ft-BhM1HWcuh0RT5zKyhywnAY8s_EzF00nJyjFi9HkB6cEMk7urewrYzU
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
91947d4508e39244-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202502270101/ 		31 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202502270101/gpt
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
68c94403979dcb79d4ba1e46d8e486eb0f6c3e836cc7e31a4888be90f74bb92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
3002619700444264426
age
26330
x-content-type-options
nosniff
expires
Fri, 07 Mar 2025 17:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 28 Feb 2025 17:01:44 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
12602
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202502270101"
AGSKWxXBPzeLr6iKZITNxRewyV8EzZLY68O4LdE0thc8qjuDDkVrQqaD72lIoLYL9_MJT_2nq4Hzv71vlmHMTpUq1gU4dOrPyJaQY6sIOTXbPOBfIJhcM9IllE8IHa53h9SkBmVpNFsFmA==
fundingchoicesmessages.google.com/f/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXBPzeLr6iKZITNxRewyV8EzZLY68O4LdE0thc8qjuDDkVrQqaD72lIoLYL9_MJT_2nq4Hzv71vlmHMTpUq1gU4dOrPyJaQY6sIOTXbPOBfIJhcM9IllE8IHa53h9SkBmVpNFsFmA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQwNzg4NDM0LDc0OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJkbTlFWmVMOG8wdyJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDhdLG51bGwsMTJdIl0sWzI2LCIxMiJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCJzeGNxZS5zcGVjaWFsZGF5LmNsIl0sWzI1LCJbWzMxMDg4MjQ4LDk1MzQwMjUyLDk1MzQwMjU0XV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
8d9a4ad1815e1afc5016fa94927a5498e214d0a525de85a2004d8b96e0cbf217
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xl1bJ2mhsAgkpPgvjLResQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII0JBiOHnrNtNFIG69eY51MhAbrT3P6gDEhgqXWO2B-P66S6zPgfhD_WXWH0BcJHGFtQGIGb5eYeUA4pMuV1kvAvFlIL4NxEI8HJeWdu5jE1iw78YnJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyNTAyMjcz0Dg_gCAwASjTyg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xl1bJ2mhsAgkpPgvjLResQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame FC0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28718
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Mar 2025 00:15:09 GMT
expires
Sat, 01 Mar 2025 01:05:09 GMT
last-modified
Mon, 24 Feb 2025 20:43:13 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		0
0
ob.js
cdn-ima.33across.com/ 		0
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		0
0
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Sun, 02 Mar 2025 00:20:34 GMT
access-control-allow-origin
*
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
AGSKWxXhGakjz8b73yQN1UqFkbeDXcDsZXdi60zo1JyebrR8NHnrI39dpykuxMo4VT9ki6UXlEnJvHMpQGKWbAiw3o7g3QlYXpl_sZ3vrzAGe2oltO3CeNwczO7oKFGWQ0qJDfzIwmU-zw==
fundingchoicesmessages.google.com/f/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXhGakjz8b73yQN1UqFkbeDXcDsZXdi60zo1JyebrR8NHnrI39dpykuxMo4VT9ki6UXlEnJvHMpQGKWbAiw3o7g3QlYXpl_sZ3vrzAGe2oltO3CeNwczO7oKFGWQ0qJDfzIwmU-zw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQwNzg4NDM0LDc4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGFpbnQudG95cy9vaWwvIixudWxsLFtbOCwiZG05RVplTDhvMHciXSxbOSwiZW4tVVMiXSxbMjAsIltudWxsLG51bGwsWzMxMDg4MjQ4XSxudWxsLDEyXSJdLFsyNiwiMTIiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsyNCwic3hjcWUuc3BlY2lhbGRheS5jbCJdLFsyNSwiW1szMTA4ODI0OCw5NTM0MDI1Miw5NTM0MDI1NF1dIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
ae6a48e7dafe5432093acda9fc6cb51708a33068ee6ed42ca3a825e6ef651f37
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X4dB1nLXn0H6IbX-hgD7Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw15BiOHnrNtNFIG69eY51MhAbrT3P6gDEhgqXWO2B-P66S6zPgfhD_WXWH0BcJHGFtQGIGb5eYeUA4pMuV1kvAvFlIL4NxEI8HJeWdu5jE3ix5FsLs5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpgZGRuZ6BQXyBAQANFjx-"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X4dB1nLXn0H6IbX-hgD7Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
syncframe
gum.criteo.com/ Frame C90B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paint.toys&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Mar 2025 00:20:34 GMT
server
Kestrel
server-processing-duration-in-ticks
265969
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
iframe.html
cdn.intergient.com/pageos/V.20250228.1/iframe/ Frame 3A67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

age
4455
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
91947d47fe4cd352-FRA
content-encoding
br
content-type
text/html
date
Sat, 01 Mar 2025 00:20:35 GMT
hw-country-code
SE
last-modified
Fri, 28 Feb 2025 14:21:18 GMT
server
cloudflare
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		377 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a79e72b537756e14ba14118072eecc572693653d5cd5fc8a44a721890b0ed417

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"7f6cbde964778f65b4292dbc2f853b3e"
age
1425
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HjZuJQV8yO5FWS60t11-o_EbPlhMA2WhbzGEe36L3B_TyMuHL30hXQ==
date
Fri, 28 Feb 2025 23:56:51 GMT
content-type
application/javascript
last-modified
Wed, 26 Feb 2025 22:17:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
b5cbe9ce-d249-48c8-ab53-617633a36dcb
https://paint.toys/ 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=HPtExF8waXNKMjh4QlUyZFM0ekIwQllveUg4R21VMzNHciUyQlUlMkZ2amJlWGljN0FlMkt4VFZDUDZEa3RtJTJGem9GckIxTktZSzliYnAlMkJvZGt2cnBlWVdJazBaUWNZcXdKalBwN21GYWU0ODM2R3pwSzdCREdkZzI5aDliWTlJNG90ZUxXV3NyOGcyUGsya1RxUDhWUXd6UW1xczBNdyUzRCUzRA&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paint.toys
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 01 Mar 2025 00:20:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
211958
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
474.9e5e7d94b0ad365e11fa.js
cdn.intergient.com/pageos/V.20250228.1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/V.20250228.1/474.9e5e7d94b0ad365e11fa.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/runtime.1488b526f430f23c5d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

hw-country-code
SE
content-encoding
br
cf-cache-status
HIT
etag
W/"f32f7966b1a24d5db4c7e8891271dc87"
age
768
cf-ray
91947d484ab49f24-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/javascript
last-modified
Fri, 28 Feb 2025 14:21:10 GMT
vary
Accept-Encoding
server
cloudflare
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		433 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
cafe /
Resource Hash
192c03f1c3373dad10ffc6028b2f0d3801352f86e72ebdfa3409879a700517f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
6612498520694724243
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 00:20:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
140266
x-xss-protection
0
server
cafe
prebid
id5-sync.com/api/config/ 		194 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
p3p
CP="CAO PSA OUR"
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.98.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-98-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=utf-8
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		0
0
any
idx.liadm.com/idex/did-0046/ 		0
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jn7h729czkaqbr84xv78wca6&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3599, private
trace-id
5713cef5436d0ab2
request-time
0
access-control-allow-credentials
true
expires
Sat, 01 Mar 2025 01:20:35 GMT
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
vary
Origin
json
gum.criteo.com/sid/ 		423 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=HPtExF8waXNKMjh4QlUyZFM0ekIwQllveUg4R21VMzNHciUyQlUlMkZ2amJlWGljN0FlMkt4VFZDUDZEa3RtJTJGem9GckIxTktZSzliYnAlMkJvZGt2cnBlWVdJazBaUWNZcXdKalBwN21GYWU0ODM2R3pwSzdCREdkZzI5aDliWTlJNG90ZUxXV3NyOGcyUGsya1RxUDhWUXd6UW1xczBNdyUzRCUzRA&cw=1&pbt=1&lsw=1&gdpr=0
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
183e92f475b06860f8f9434cfdcf5a8236e5affa4cf86177a36a4014614dea2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
application/json
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1004348
expires
0
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.176.195.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-176-195-25.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/octet-stream
server
nginx/1.24.0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
65147
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
DmOW6fsYuIaTkjccz0P0P014KrcUMUuwtHu3pR3qIW8q4tuZKtk4vg==
date
Fri, 28 Feb 2025 06:23:31 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
e91c87de4de6d6ac01cf83cc344603d7f3e7a4c07a21628997bbfbdc4506dad4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=3600
age
1042
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
8m1ZhZElf6AblxCIuEXhFH5F5ZduXwdD2syjOL6EniJdUUNk0KoEAA==
date
Sat, 01 Mar 2025 00:03:13 GMT
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpaint.toys&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
57234c0361bef55cff0569a18aa6d5be13af21f714f8eea3d56e4a35badf0ff0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
3516
x-amz-cf-id
hy1SUPQE3E2NTm46aMjiVjJOiNPDz6-hI27Jw8A4dbt5exPkOX1kqQ==
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpaint.toys%2Foil%2F&pr=https%3A%2F%2Fsxcqe.specialday.cl%2F&pid=hpCJA98G1liTU&cb=0&ws=1600x1200&v=25.225.1644&t=2500&slots=%5B%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-desktop_leaderboard%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22693%22%5D%2C%22sectioncat%22%3A%5B%22693%22%5D%2C%22pagecat%22%3A%5B%22693%22%5D%7D%7D%7D&schain=1.0%2C1%21playwire.com%2C1024872%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.21.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-21-169.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
TV4ODIyjIwFnGo9g3rqHdG4rUzZn10unZ5dx2OkpmxE3BTdJJGeV9Q==
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P11
server
Server
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
topics_frame.html
pa.openx.net/ Frame 002E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
supports-loading-mode
fenced-frame
x-allow-fledge
true
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame A9C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=26372
content-encoding
gzip
content-length
859
content-type
text/html
date
Sat, 01 Mar 2025 00:20:35 GMT
expires
Sat, 01 Mar 2025 07:40:07 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie_sync
prebid.intergient.com/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.intergient.com/cookie_sync
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24035bd97b7610a17e0c4c3bc77035f8ced6aebcee9fc8fb62530d458ea1adcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1740788435&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RNo7weWZ4R18JLvVJkx32QK%2B446fWdDD2p1%2FMzi8Taw%3D"}]}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json; charset=utf-8
vary
Origin
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1740788435&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RNo7weWZ4R18JLvVJkx32QK%2B446fWdDD2p1%2FMzi8Taw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
91947d4939d8194b-FRA
access-control-allow-origin
https://paint.toys
server
cloudflare
auction
prebid.intergient.com/openrtb2/ 		390 B
946 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.intergient.com/openrtb2/auction
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dfa09e7f0ab5391fe82a245bfffbb1f0dc25f8969075e99fc09b47b5f75aac9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1740788435&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RNo7weWZ4R18JLvVJkx32QK%2B446fWdDD2p1%2FMzi8Taw%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Origin
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1740788435&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=RNo7weWZ4R18JLvVJkx32QK%2B446fWdDD2p1%2FMzi8Taw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
91947d4939da194b-FRA
access-control-allow-origin
https://paint.toys
x-prebid
pbs-go/unknown
server
cloudflare
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1740788435364&to=-60&aun=pw-160x600_atf&pubcid=b01bf1be-ec87-477e-bae8-474bbdd76440&criteoId=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE&gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.155.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-155-174.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1740788435364&to=-60&aun=pw-160x600_btf&pubcid=b01bf1be-ec87-477e-bae8-474bbdd76440&criteoId=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE&gpid=pw-160x600_btf&t=8ylgv2wd&pi=3&maxw=160&maxh=600&si=1111716&bf=160x600%2C120x600&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.155.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-155-174.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1740788435365&to=-60&aun=leaderboard_atf&pubcid=b01bf1be-ec87-477e-bae8-474bbdd76440&criteoId=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE&gpid=leaderboard_atf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.155.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-155-174.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		2 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.11.0&lt=1740788435365&to=-60&aun=leaderboard_btf&pubcid=b01bf1be-ec87-477e-bae8-474bbdd76440&criteoId=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE&gpid=leaderboard_btf&t=8ylgv2wd&pi=3&maxw=970&maxh=250&si=1111709&bf=728x90%2C970x250%2C970x90&ae=true&gdprApplies=0&schain=1.0%2C1!playwire.com%2C1024872%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&tpl=https%3A%2F%2Fpaint.toys%2Foil%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.11.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.155.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-155-174.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
content-length
2
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
server
nginx
translator
hbopenbid.pubmatic.com/ 		0
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
06977d3a0665452c9c2594a7441cc07b029ec8128fa4b9154abfa9cb61a31216
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
172.111.204.130; 172.111.204.130; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://paint.toys
an-x-request-uuid
eb0c841b-3a2e-4139-8498-9722784088cc
content-length
260
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 01 Mar 2025 00:20:35 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
hbjson
grid.bidswitch.net/ 		24 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53663dc276aadfa5047b7b576dd88296423f13116fc7e2948f78435aac40088e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store, must-revalidate, no-cache
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
playwire
direct.adsrvr.org/bid/bidder/ 		0
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/playwire
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.170.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
0
date
Sat, 01 Mar 2025 00:20:34 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
pbjs
htlb.casalemedia.com/openrtb/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031634
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016f2975220c19a7ad713f8b01e4e2ccfdd8bcd6be40d43afbee12672b253b23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nXlDAoz33tVhKZNXkYRaljtzPhhEHfteOUAiMzT08VkfvRvyMUMlbTZUADIfRtSc5gwpEAb45r1Zx5lG7FIB1UhGTTZ8p7CsHECaQvrLX%2FaiaqhTXKwdKrsWxdFipXtD5I12fH2"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
91947d494803904c-FRA
access-control-allow-origin
https://paint.toys
server
cloudflare
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.190.187.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 01 Mar 2025 00:20:35 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.190.187.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 01 Mar 2025 00:20:35 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.190.187.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 01 Mar 2025 00:20:35 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
665db4754b2ec067196b8f78
exchange.cootlogix.com/prebid/multi/ 		0
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/665db4754b2ec067196b8f78
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.190.187.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://paint.toys
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Sat, 01 Mar 2025 00:20:35 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://paint.toys
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		688 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=b01bf1be-ec87-477e-bae8-474bbdd76440%5E1&eid_criteo.com=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE%5E1&eid_linkedin.com=1c179027-a644-406f-9d5a-e46a5731eaf9%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fsxcqe.specialday.cl%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_atf&tg_i.pbadslot=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2d53d129-8098-44af-92da-5900c538fac4&l_pb_bid_id=96c1eabb7ea3777&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=70235f4c-5c28-4197-8777-5cd6ad406b63&rp_maxbids=1&p_gpid=%2F154013155%2F1024872%2F74068%2Fpublisher%3A1024872-website%3A74068-160x600%2Fpublisher%3A1024872-website%3A74068-160x600-CP%2Fpublisher%3A1024872-website%3A74068-160x600-CP-160x600&m_ch_mobile=%3F0&slots=1&rand=0.10033169430688704
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
da6fb44a02d82693afe1d3567e6f50d1ee48293e5604cc5d2d07784c78ce6179

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		520 B
858 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&alt_size_ids=8&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=b01bf1be-ec87-477e-bae8-474bbdd76440%5E1&eid_criteo.com=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE%5E1&eid_linkedin.com=1c179027-a644-406f-9d5a-e46a5731eaf9%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fsxcqe.specialday.cl%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=pw-160x600_btf&tg_i.pbadslot=pw-160x600_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2d53d129-8098-44af-92da-5900c538fac4&l_pb_bid_id=9739797b975360a&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=93a462e9-6fae-4b06-a7b6-167a6ccca297&rp_maxbids=1&p_gpid=pw-160x600_btf&m_ch_mobile=%3F0&slots=1&rand=0.2703574260411299
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
85045ada978bb385679e1d0076929b9ea53e0874764abf348c3c148b33fd3ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
520
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		526 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=b01bf1be-ec87-477e-bae8-474bbdd76440%5E1&eid_criteo.com=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE%5E1&eid_linkedin.com=1c179027-a644-406f-9d5a-e46a5731eaf9%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fsxcqe.specialday.cl%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=atf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_atf&tg_i.pbadslot=leaderboard_atf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2d53d129-8098-44af-92da-5900c538fac4&l_pb_bid_id=982e81f3ac249e&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=93ff6621-40de-41de-898e-1825e261eaf4&rp_maxbids=1&p_gpid=leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.4961129592704654
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
fdc87e4e5e8777adf9ba4a2db46429489403b145bb2c9d61653e12851179b2d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
526
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		526 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!playwire.com,1024872,1,,,&eid_pubcid.org=b01bf1be-ec87-477e-bae8-474bbdd76440%5E1&eid_criteo.com=PGBfSV9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDJTJGQklDWkVwem1PbXR6bXduWVFHdEtzJTNE%5E1&eid_linkedin.com=1c179027-a644-406f-9d5a-e46a5731eaf9%5E1&rf=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.domain=paint.toys&tg_i.page=https%3A%2F%2Fpaint.toys%2Foil%2F&tg_i.ref=https%3A%2F%2Fsxcqe.specialday.cl%2F&tg_i.cat=IAB9-5%2C693&tg_i.sectioncat=IAB9-5%2C693&tg_i.pagecat=IAB9-5%2C693&tg_i.pos=btf&tg_i.sitecont_cat=games_casual&tg_i.adunit=leaderboard_btf&tg_i.pbadslot=leaderboard_btf&tk_flint=pbjs_lite_v9.11.0&x_source.tid=2d53d129-8098-44af-92da-5900c538fac4&l_pb_bid_id=99f17d31cd0b64&p_screen_res=1600x1200&o_ae=1&rp_secure=1&x_imp.ext.tid=d92e57a2-0c35-4cd2-9711-1e86c8de0b8b&rp_maxbids=1&p_gpid=leaderboard_btf&m_ch_mobile=%3F0&slots=1&rand=0.5291367458466625
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
7ef94dc96b1d4d130a012aed35ba98e01028752c658167154088ea9255b57703

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://paint.toys
content-length
526
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
auction
tlx.3lift.com/header/ 		19 B
733 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=9.11.0&referrer=https%3A%2F%2Fpaint.toys%2Foil%2F&tmax=2500&gdpr=false&fledge=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.230.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-230-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
access-control-allow-credentials
true
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://paint.toys
x-auction-status
29, 29, 29, 29
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
hb-multi
hb.yellowblue.io/ 		83 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-91.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
41b25eb3df7d00c1a4ddf4b86c3cb63d544463651240a90301b39bdbb202a5b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
access-control-allow-origin
https://paint.toys
x-cache
Miss from cloudfront
content-length
108
x-amz-cf-id
7s1IIa03yJ8PDSjJiG5g9JdfbORei32NUM2tZHs8uHC-DSCswAH36Q==
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P4
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.11.0&cb=91912282408&lsavail=1&bundle=SYsr1l8waXNKMjh4QlUyZFM0ekIwQllveUg5QWZIVkZRR3VnbWgyRnFWOEUyMFU4Q2xNanplbzVzbDFjWk5LN21ESVg4QVV5WXpPYTQ1cTB6STQxJTJCaXlKczZma0ZobmRxJTJCWmdUeVBNekJMblN6ZHJPSWFsZW8yU2RhZ3hIcTdUd1AxTHpZbWZCNVc2NjdVM0JySG5DJTJCUVQ2NlElM0QlM0Q&networkId=6163
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.38 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpaint.toys%2Foil%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 00:20:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
35
date
Sat, 01 Mar 2025 00:20:35 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
483.json
id5-sync.com/g/v2/ 		385 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a029e173b33056af7f3d8dc6557af2068f19bd3f5434dd3aebf0d2a15c79641a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: sxcqe.specialday.cl
URL: https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Sat, 01 Mar 2025 00:35:35 GMT
accept-ranges
bytes
content-length
17407
date
Sat, 01 Mar 2025 00:20:35 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: sxcqe.specialday.cl
URL: https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
66221
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
E8psk3lzKNz-lLyByhqAW7LOsCKQWH7VdBjgyf9ZyvC0qC0wJwcS2A==
date
Fri, 28 Feb 2025 05:56:56 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ 		11 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=https%3A%2F%2Fsxcqe.specialday.cl%2F&_it=amazon&partner_id=403
Requested by
Host: sxcqe.specialday.cl
URL: https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=432000
cf-cache-status
HIT
etag
"ba4f7a703ea78ac1b72b5fe1be4fb407"
age
897
x-amz-request-id
FNSTJR38TVDDX8WT
cf-ray
91947d497fdb64b2-FRA
accept-ranges
bytes
content-length
11
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 20:48:49 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
8KOOZG2gaQE013FKzjZtpaawh28x7nOalOcdDIotoWM1rhITLyM3Yg+psgK4T6VJbwcfGFXESL4=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: sxcqe.specialday.cl
URL: https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b5f6e0901cff75304548d2b3ad58f4b6fd7ec21c2b09290e815e94700554a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

x-amz-id-2
6ph9ac0nyCoUO639aRrOOaB+DAbtdLnERDZWadQJ3rhj5U6ed1YUO9qU/kyb6J2IhkeCL6ov7q0=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"61687d9cdb029df0418aec370fca2d05"
age
2697
x-amz-request-id
RVHCRFG7Q8TR7Z03
cf-ray
91947d497e5d926e-FRA
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/javascript;charset=utf-8
last-modified
Fri, 07 Feb 2025 10:00:24 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: sxcqe.specialday.cl
URL: https://sxcqe.specialday.cl/4pndq0kkei8la394fyw9kdumiRc0RYMkZPdTB2VWF1Z01TYUVVaXAtMjAyMy0yNTg4MzM3OC0wZmE5MDI3NC0yNzI5LVZ1T2hSd0p6TGVKS01NY09CdjJV/l7wpahk2tv2do2hryu02gzbb9li3wso6o/dssrel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Sat, 01 Mar 2025 00:35:35 GMT
accept-ranges
bytes
content-length
5252
date
Sat, 01 Mar 2025 00:20:35 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
adlink
fundingchoicesmessages.google.com/f/AGSKWxX-CBCLfE8iBU5rJC9m4YCkb5jNnWoXv0RW60OXZOoQqmTB-zPsKsmv8F7JaPW3SY49KmSw1FA1nH7WiU8Gm-gyG7Vke3ysCmKkAUDakYEL-GwZq6wJKI_2PBaDtWcTky5ICZ2V-iEAqAC5lJBt4_2JaERG9... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX-CBCLfE8iBU5rJC9m4YCkb5jNnWoXv0RW60OXZOoQqmTB-zPsKsmv8F7JaPW3SY49KmSw1FA1nH7WiU8Gm-gyG7Vke3ysCmKkAUDakYEL-GwZq6wJKI_2PBaDtWcTky5ICZ2V-iEAqAC5lJBt4_2JaERG9iQwSDV47gbmNXBoPuwQyKuGYfxIRN2R/_/adlink?_ad_sidebar_/getban.php?/payperpost._adbg2.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
a3922f75ea60468615f3c74a35590430179ab22033d9026a5a08a93ab55c6801
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZZheDG_qVC1fMySpHwWTuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0ZBiOHHrNtMFIG69eY51MhAbrT3P6gDEhgqXWO2B-P66S6zPgfhD_WXWH0BcJHGFtQGIGb5eYeUA4pMuV1kvAvFlIL4NxEI8HJeXdu5jE_ixbeUVRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyNTAyMjcz0Dg_gCAwAQqDyd"
content-security-policy
script-src 'report-sample' 'nonce-ZZheDG_qVC1fMySpHwWTuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		250 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1b19b9964afc052f742d6d59e566548a450020a7714ce57eaf65092df4f915db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
12998628546138706834
age
1254
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 00:59:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 28 Feb 2025 23:59:41 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
80453
x-xss-protection
0
server
cafe
AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zinfEYkMhAt2M55Mv8qjlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDguL-3cxyYwo2nnDUYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgZGSuZ2AeX2AAADMYL8k"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zinfEYkMhAt2M55Mv8qjlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pErKEzx7UIy_0WRhmrdkXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDguL-3cxyZw4e6WB4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyMhcz8A8vsAAAGJhMGc"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pErKEzx7UIy_0WRhmrdkXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fPGdRwmmFNXcMKkMDL_C1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDguL-3cxyZw4MzVV4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyMhcz8A8vsAAAGV4MHI"
content-security-policy
script-src 'report-sample' 'nonce-fPGdRwmmFNXcMKkMDL_C1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnwg_jFfKjOLTQkarC4BknJGbCBXIgQGjQpMcyjnUeexhF1HxjB5g4eS9U_otle3GOK0feahhs-rrdfbLeJPEzF3tjKkhOidSZ865XQBMRY9U6tag9X0ITz3NRCen2VfZK2W1rAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7Q-GZY1S-9bsA14NnLCYVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDguL-3cxyZwYuPTN4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyMhcz8A8vsAAAGcCMHU"
content-security-policy
script-src 'report-sample' 'nonce-7Q-GZY1S-9bsA14NnLCYVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWeooifT1hk6RNYPg9KSiuMNKeHVMvvM03h0DMtHU3LxeKqUn3SZDAUZdrvFTzVsdCy_-oEMY_aL2Z-lN-yPZV6QoVJK_rkFKBxZ0FyhzrbiJflgbEv_D_m4Y_KsbLnfPx8MydS4Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWeooifT1hk6RNYPg9KSiuMNKeHVMvvM03h0DMtHU3LxeKqUn3SZDAUZdrvFTzVsdCy_-oEMY_aL2Z-lN-yPZV6QoVJK_rkFKBxZ0FyhzrbiJflgbEv_D_m4Y_KsbLnfPx8MydS4Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQwNzg4NDM1LDQ3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYWludC50b3lzL29pbC8iLG51bGwsW1s4LCJkbTlFWmVMOG8wdyJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDhdLG51bGwsMTJdIl0sWzI2LCIxMiJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCJzeGNxZS5zcGVjaWFsZGF5LmNsIl0sWzI1LCJbWzMxMDg4MjQ4LDk1MzQwMjUyLDk1MzQwMjU0XV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
504d234032342a3e61d5c597944d2d38152c444f41186b771a8aef315583056f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2uHjwzYwgxsPC86h3F261w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw0pBiaL15jnUyEButPc_qAMSGCpdY7YH4_rpLrM-B-EP9ZdYfQFwkcYW1AYgZvl5h5QDiky5XWS8C8WUgvg3EQjwcl5d27mMTeLFn80dGJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDI1MDIyNzPQOD-AIDAGYNN6I"
content-security-policy
script-src 'report-sample' 'nonce-2uHjwzYwgxsPC86h3F261w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Sat, 01 Mar 2025 00:35:35 GMT
accept-ranges
bytes
content-length
17042
date
Sat, 01 Mar 2025 00:20:35 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.158.223.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
ams02-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Sat, 01 Mar 2025 00:50:35 GMT
access-control-allow-origin
https://paint.toys
content-length
190
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Origin
server
nginx
prbds2s
rtb.gumgum.com/usync/ Frame 99C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.15.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-15-87.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

content-length
0
date
Sat, 01 Mar 2025 00:20:35 GMT
etag
"0d41d8cd98f00b204e9800998ecf8427e"
server
nginx
timing-allow-origin
*
AGSKWxVNVwwpeJrsxYSo7G0QzL9axX0LvZEsfo1GEYrkWfp4cYiWMSGI5Y32Z-v1rM5mZjZNPH8Wt0-BUj5-JilGdJ40ms0mND6t7ZStbWLdvj6Gjq-rtoegMm9BiNXEkdfNNv-hpgVFVw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVNVwwpeJrsxYSo7G0QzL9axX0LvZEsfo1GEYrkWfp4cYiWMSGI5Y32Z-v1rM5mZjZNPH8Wt0-BUj5-JilGdJ40ms0mND6t7ZStbWLdvj6Gjq-rtoegMm9BiNXEkdfNNv-hpgVFVw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dm9EZeL8o0w.es5.O/d=1/rs=AJlcJMzrS4dL6hA5EG2NiMSr4_CSjWpZKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y80VwfdscXEGA7VJyVQh3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05Bi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDguL-3cxybQ0dn4l1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoYGZnrGZjHFxgAACvOL68"
content-security-policy
script-src 'report-sample' 'nonce-y80VwfdscXEGA7VJyVQh3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://paint.toys
content-length
0
x-xss-protection
0
server
ESF
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Sat, 01 Mar 2025 00:35:35 GMT
accept-ranges
bytes
content-length
67550
date
Sat, 01 Mar 2025 00:20:35 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F968 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=75412
content-encoding
gzip
content-length
6694
content-type
text/html
date
Sat, 01 Mar 2025 00:20:35 GMT
expires
Sat, 01 Mar 2025 21:17:27 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
match.sharethrough.com/FGMrCMMc/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-206-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
sync
eb2.3lift.com/ Frame B27F
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3...
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1236
content-type
text/html; charset=utf-8
date
Sat, 01 Mar 2025 00:20:35 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 01 Mar 2025 00:20:35 GMT
location
/sync?gdpr=0&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
j
rp.liadm.com/ 		13 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1740788435746&did=did-0046&se=e30&duid=8e413bd09c43--01jn7h729czkaqbr84xv78wca6&tv=9.11.0&pu=https%3A%2F%2Fpaint.toys%2Foil%2F&wpn=prebid&gdpr=0&refr=https%3A%2F%2Fsxcqe.specialday.cl%2F&cd=.paint.toys
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.53.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-53-253.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

x-pixel-event-id
1bf391c2-0215-4813-9cef-672c8e384dfe
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
content-length
13
date
Sat, 01 Mar 2025 00:20:36 GMT
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3381847056606538&correlator=565395546750401&eid=31086814%2C31090692%2C31088252%2C83321072%2C95347488%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202502260101&ptt=17&impl=fifs&gdpr=0&npa=1&iu_parts=154013155%2C1024872%2C74068%2Cpublisher%3A1024872-website%3A74068-160x600%2Cpublisher%3A1024872-website%3A74068-160x600-CP%2Cpublisher%3A1024872-website%3A74068-160x600-CP-160x600&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=160x600%7C120x600&ifi=1&dids=pw-160x600_atf&adfs=3640230632&sfv=1-0-41&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1740788435819&lmt=1740788435&adxs=20&adys=614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpaint.toys%2Foil%2F&ref=https%3A%2F%2Fsxcqe.specialday.cl%2F&vis=1&psz=180x1097&msz=160x-1&fws=4&ohw=180&topics=5&tps=5&htps=5&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJGIwMWJmMWJlLWVjODctNDc3ZS1iYWU4LTQ3NGJiZGQ3NjQ0MFgBEh0KDmVzcC5jcml0ZW8uY29tGMGOzvjUMkgAUgIIZBIUCgVvcGVueBjJj8741DJIAFICCG0SGwoMMzNhY3Jvc3MuY29tGMGOzvjUMkgAUgIIZBIXCghydGJob3VzZRjHj8741DJIAFICCG0.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1740788434298&idt=337&prev_scp=pos%3Datf%26slot_id%3Dpw-160x600_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3D160x600%26lld_id%3Def2d18be5fbd4fd486ea1d7eaad2ce9088435287%26price_floor%3Dna%26amznbid%3D2%26amznp%3D2&cust_params=pf_src%3Dml%26li-module-enabled%3Dt1-e0%26salad%3Dchef%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_casual%26referrer%3Dhttps%253A%252F%252Fsxcqe.specialday.cl%252F%26tyche_code%3DV.20250228.1%26pageos_code%3DV.20250228.1%26config_id%3D1024872_74068_primary_config%26hour%3D1%26day%3DSaturday%26referrer_domain%3Dsxcqe.specialday.cl%26OS%3DLinux%2520null%26browser%3DChrome%2520133%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26website_id%3D74068%26refresh_count%3D0%26tyche_version%3DV.20250228.1%26ab_test%3Dna_A%26page_focus%3Dtrue&adks=2747221344&frm=20&eoidce=1&td=1&egid=59089&tan=d678c65e-3496-4c31-b380-2a29260a8573&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
46fb4fa054a17e9868023411547d8eae814ec10839bd50329b2281fb272c6840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 01 Mar 2025 00:20:36 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://paint.toys
content-length
12186
x-xss-protection
0
server
cafe
container.html
f292c4248dcb5054f199813a5982d701.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame C18C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f292c4248dcb5054f199813a5982d701.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Mar 2025 00:20:35 GMT
expires
Sat, 01 Mar 2025 00:20:35 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bounce
id5-sync.com/ 		30 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v3
id5-sync.com/gm/ 		453 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
246dffbaeac82d944f25c3ac8a818c5392e3f6b0b02a0cab496a94eb04e3d6a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012502032353000/ Frame F755 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
2c0f5885b10cbf98b2662d8f92a84ca1ed212ef22212dc2fe2254c52cce7cbf9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"29f4c948e21f9767"
age
125088
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 27 Feb 2026 13:35:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 27 Feb 2025 13:35:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56121
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame F755 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
6bb2ae08e0ac99e68f86a0c328eff4fadf602ff0708f5ed15f0beab736fb9936
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"e6de802dd8a82ae9"
age
125088
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 27 Feb 2026 13:35:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 27 Feb 2025 13:35:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5225
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame F755 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
b9ab3ca5311cddda666128da1a9ad7b090d4766e02b742a3df3edef43a49983a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"fc9ea00fddc3bc2d"
age
125088
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 27 Feb 2026 13:35:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 27 Feb 2025 13:35:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29095
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame F755 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
856aca2aa33b640c12ef6a7d19d6e5cad74b85dbb01c42b7beb59de3613b83f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"df539a766c224b82"
age
125089
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 27 Feb 2026 13:35:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 27 Feb 2025 13:35:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1902
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012502032353000/v0/ Frame F755 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012502032353000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202502260101/pubads_impl.js?cb=31090692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
d261d2d57a7427405a765113057358f49b2d1a65f79d67a49366a477d06aa89f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-encoding
br
etag
"affa94a736c3c3db"
age
125088
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 27 Feb 2026 13:35:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 27 Feb 2025 13:35:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12940
x-xss-protection
0
server
sffe
truncated
/ Frame F755 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0428f10fe28c155a288e4e8e2d6ed6c23f551d3a8f6530edea9e609ecf2fad46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
14358375236685572964
tpc.googlesyndication.com/daca_images/simgad/ Frame F755 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14358375236685572964
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
c73bd1b833a354f7a42ad24f5b7d467f024ea786cc6231ec701a7663d0c6e325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

age
321547
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 25 Feb 2026 07:01:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 25 Feb 2025 07:01:29 GMT
last-modified
Wed, 14 Aug 2024 16:16:50 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
60543
x-xss-protection
0
server
sffe
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F755 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
15880770647744369592
age
55532
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 08:55:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2982
x-xss-protection
0
date
Fri, 28 Feb 2025 08:55:04 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F755 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
6766994032117382215
age
55315
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 08:58:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
344
x-xss-protection
0
date
Fri, 28 Feb 2025 08:58:41 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
l
www.google.com/ads/measurement/ Frame F755 		0
0
/
www.googleadservices.com/pagead/ar-adview/ Frame F755
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cem2O01LCZ_aNNOaEjuwPk8ykmAuCl8HSfaTMkp7ME6KftuOODhABIPub1Ulg7QKgAb6Q0uAqyAEC4AIAqAMByAMIqgT1Ak_QnIdXGm0hPBv4afyjO-ztIPuQCvfEdW7D-cicDlwqcmV8...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc875e61e89922ba20000000000000000%22,%222%22:%220x6bfae1ea54b7b860000000000000000%22,%223%22:%220xbfc271f...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc875e61e89922ba20000000000000000%22,%222%22:%220x6bfae1ea54b7b860000000000000000%22,%223%22:%220xbfc271fe8b13a4a40000000000000000%22,%224%22:%220x65aa2457be7b13ed0000000000000000%22,%225%22:%220x6a7b9eeef97445150000000000000000%22},%22debug_key%22:%226362665091729750674%22,%22debug_reporting%22:true,%22destination%22:%22https://theliven.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211476961342%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214913812300216521793%22}&andc=true
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 01 Mar 2025 00:20:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 01 Mar 2025 00:20:36 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc875e61e89922ba20000000000000000","2":"0x6bfae1ea54b7b860000000000000000","3":"0xbfc271fe8b13a4a40000000000000000","4":"0x65aa2457be7b13ed0000000000000000","5":"0x6a7b9eeef97445150000000000000000"},"debug_key":"6362665091729750674","debug_reporting":true,"destination":"https://theliven.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11476961342"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"14913812300216521793"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc875e61e89922ba20000000000000000","2":"0x6bfae1ea54b7b860000000000000000","3":"0xbfc271fe8b13a4a40000000000000000","4":"0x65aa2457be7b13ed0000000000000000","5":"0x6a7b9eeef97445150000000000000000"},"debug_key":"6362665091729750674","debug_reporting":true,"destination":"https://theliven.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11476961342"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"14913812300216521793"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 01 Mar 2025 00:20:36 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
/
sync.cootlogix.com/api/sync/iframe/ Frame 9C3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.225.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Sat, 01 Mar 2025 00:20:36 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
ixmatch.html
js-sec.indexww.com/um/ Frame 164B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

age
1059
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
91947d4dcc2ad35e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Mar 2025 00:20:36 GMT
expires
Sat, 01 Mar 2025 04:20:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame B821 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 01 Mar 2025 00:20:36 GMT
usync.html
eus.rubiconproject.com/ Frame 542C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.149.145 Santiago, Chile, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-149-145.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 01 Mar 2025 00:20:36 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 6531 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
syncframe
gum.criteo.com/ Frame 5E64 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=paint.toys&gpp=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Mar 2025 00:20:36 GMT
server
Kestrel
server-processing-duration-in-ticks
890249
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
async_usersync.html
acdn.adnxs.com/dmp/ Frame D69E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
30004
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 01 Mar 2025 00:20:36 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 05 Dec 2024 15:30:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1114496, 125534
X-Served-By
cache-lga21982-LGA, cache-fra-eddf8230117-FRA
X-Timer
S1740788436.149109,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7A9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326&gdpr=0&gdpr_consent=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=75411
content-encoding
gzip
content-length
6694
content-type
text/html
date
Sat, 01 Mar 2025 00:20:36 GMT
expires
Sat, 01 Mar 2025 21:17:27 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
prebid
id5-sync.com/api/config/ 		195 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
7e4d2c9111e1ca31b5e2e4bfd5a66925f07c0c232672f31481c6b66a89b26f16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		43 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17262
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.98.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-98-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://paint.toys
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Sat, 01 Mar 2025 00:20:36 GMT
content-type
application/json;charset=utf-8
f
fid.agkn.com/ 		0
0
envelope
lexicon.33across.com/v1/ 		0
0
any
idx.liadm.com/idex/did-0046/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0046/any?duid=8e413bd09c43--01jn7h729czkaqbr84xv78wca6&gdpr=0&did=did-0046&cd=.paint.toys&pu=https%3A%2F%2Fpaint.toys&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=sorvrn&resolve=thetradedesk&resolve=medianet
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://paint.toys/

Response headers

cache-control
max-age=3599, private
trace-id
5713cef5436d0ab2
request-time
0
access-control-allow-credentials
true
expires
Sat, 01 Mar 2025 01:20:35 GMT
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
vary
Origin
json
gum.criteo.com/sid/ 		426 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=SYsr1l8waXNKMjh4QlUyZFM0ekIwQllveUg5QWZIVkZRR3VnbWgyRnFWOEUyMFU4Q2xNanplbzVzbDFjWk5LN21ESVg4QVV5WXpPYTQ1cTB6STQxJTJCaXlKczZma0ZobmRxJTJCWmdUeVBNekJMblN6ZHJPSWFsZW8yU2RhZ3hIcTdUd1AxTHpZbWZCNVc2NjdVM0JySG5DJTJCUVQ2NlElM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
831572df9b118e2cece5f8b3bf46618433d6eb4a84aa1e98c2b01152d2a5d962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
content-type
application/json
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
741166
expires
0
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:35 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
sync
x.bidswitch.net/ 		0
0
usersync
match.adsrvr.org/track/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

content-length
70
date
Sat, 01 Mar 2025 00:20:36 GMT
content-type
image/gif
server
Kestrel
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaint.toys%2F&domain=paint.toys&bundle=SYsr1l8waXNKMjh4QlUyZFM0ekIwQllveUg5QWZIVkZRR3VnbWgyRnFWOEUyMFU4Q2xNanplbzVzbDFjWk5LN21ESVg4QVV5WXpPYTQ1cTB6STQxJTJCaXlKczZma0ZobmRxJTJCWmdUeVBNekJMblN6ZHJPSWFsZW8yU2RhZ3hIcTdUd1AxTHpZbWZCNVc2NjdVM0JySG5DJTJCUVQ2NlElM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paint.toys
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paint.toys
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 01 Mar 2025 00:20:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
263245
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:36 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
483.json
id5-sync.com/g/v2/ 		385 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
17445d0e2e277bc568c5ba6ac329327914b3ece6a258202b09ffce5caf8d7069
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://paint.toys
date
Sat, 01 Mar 2025 00:20:36 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
usync.html
eus.rubiconproject.com/ Frame 4A63
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.149.145 Santiago, Chile, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-149-145.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 01 Mar 2025 00:20:36 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 01 Mar 2025 00:20:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-Playwire&gdpr=0&gdpr_consent=&us_privacy=
server
AkamaiGHost
si
googleads.g.doubleclick.net/pagead/drt/ Frame F755
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
view
securepubads.g.doubleclick.net/btr/ Frame F755 		0
0
pbs-iframe
pbs-cs.yellowblue.io/ Frame 4A93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.245.246.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-245-246-135.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://paint.toys/
content-length
0
content-type
text/html
date
Sat, 01 Mar 2025 00:20:36 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to compliance policy: gdpr is not applied
usermatch
ssum-sec.casalemedia.com/ Frame 774D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_con...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
91947d504c4f193f-FRA
content-encoding
br
content-type
text/html
date
Sat, 01 Mar 2025 00:20:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oP8moQkVUgw4a3YArM%2Bz5%2F3GOx442rAAfB6XwoXhFO8KukIK88YyE82vkDmzaP4kPRD34UwSqYA3fBmxu60Bws1igl%2BoA3D1UMoqiJ4jhO9YJHy8uiCgfzJleK%2BDXKR8IoxMZVPvcq6hiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
91947d501c34193f-FRA
content-length
0
date
Sat, 01 Mar 2025 00:20:36 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fgpp%3D%26bidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=0&gdpr_consent=&gpp=&gppsid=&s=184674&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4eRezQz0Q%2BNjZq4KjTNMW%2ByNJmnY2eho2wiS1VIrU2bItqRtrAEjsByLXV4g5QThMwJ%2BE2VrvHMwcqJN8WeqS0ZfOdGfQmzuMtFsTNqD9a2OwE5v9NMaF5dJCwyQsDru%2Ft2%2Fomi7OqHdw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame F755 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoSYrK8g8T6KLDaOM7pqD66AOpW3kszOIo5LeBUakzAg6PJthh-JZZe6ciieJ5qwkQX3EeTynoK2O1mmNR_RhoYEyA27rWmeA0HmUpxbNUePwry87Qnu_-D5a0q6TSLxYTOGfyr-V45JcZLjhQBSftkleZVsDKaAifrDY70-Zkr85Dt3zH3t0CEWeMOxEX9ObzsM3hBg&sai=AMfl-YQJ-OlaLCHYaU1owI_sLTpFdcGe5vtRm5wQ6K9X985aqE0oCzBmsObM_0AUyfEEmL-Xdtm8oebFnM78lBvJLvqsNIcyEZiy-DRW_CdHzITeSelUqCmQflzdViQ&sig=Cg0ArKJSzAQkzEwfnyKmEAE&cid=CAQSOwCjtLzMQT5XAw2EF1gAJB-3yNSgTFX6sFpLBrR7H-rcI9me85dIg00WQq7Q-Z1Q-9QTeLt6-EfHGYkBGAE&id=ampim&o=20,314&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=118&tls=1118&g=100&h=100&tt=1118&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: paint.toys
URL: https://paint.toys/oil/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 01 Mar 2025 00:20:37 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cm
u.openx.net/w/1.0/ Frame A6F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.intergient.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://paint.toys/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VJBRK9986D&gtm=45je52q0v9101576445za200&_p=1740788434308&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101732282~101732284~102067808~102482433~102539968~102558064~102587591~102605417~102640600~102658453~102717421~102732003&cid=1069762894.1740788434&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1740788434&sct=1&seg=0&dl=https%3A%2F%2Fpaint.toys%2Foil%2F&dr=https%3A%2F%2Fsxcqe.specialday.cl%2F&dt=Paint%20with%20Oils&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5698
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJBRK9986D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://paint.toys/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"ascnsrsggc:86:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://paint.toys
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:86:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 01 Mar 2025 00:20:39 GMT
content-type
text/plain
server
Golfe2
country
api.btloader.com/ 		0
0
pv
api.btloader.com/ 		0
0
fb87a4ea41
cd836371f1d.cdn.intergient.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cd836371f1d.cdn.intergient.com/fb87a4ea41
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/V.20250228.1/main.19e7fd1c194c46a17c25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.176.195.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-176-195-25.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://paint.toys/

Response headers

access-control-allow-origin
*
date
Sat, 01 Mar 2025 00:20:40 GMT
content-type
application/octet-stream
server
nginx/1.24.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
faucetfoot.com
URL
https://faucetfoot.com/build/5ab3079/c6_79b3d6a9081972795d723a5cae38d9f0fb2e692.min.js
Domain
ag.dns-finder.com
URL
https://ag.dns-finder.com/px.gif
Domain
oa.openxcdn.net
URL
https://oa.openxcdn.net/esp.js
Domain
cdn-ima.33across.com
URL
https://cdn-ima.33across.com/ob.js
Domain
invstatic101.creativecdn.com
URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Domain
paint.toys
URL
blob:https://paint.toys/b5cbe9ce-d249-48c8-ab53-617633a36dcb
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCQi3a-cWG1Fna1SHPldVrxbxOaSk34ft2o4i9tWk3jNdHhmp1MgBXhKMhL_FckFK94BOz
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=Cem2O01LCZ_aNNOaEjuwPk8ykmAuCl8HSfaTMkp7ME6KftuOODhABIPub1Ulg7QKgAb6Q0uAqyAEC4AIAqAMByAMIqgT1Ak_QnIdXGm0hPBv4afyjO-ztIPuQCvfEdW7D-cicDlwqcmV80T7Qk5BU9YGltvBFC96JoHIgo5gFWcaAxQyOLkfR0aD1dO1w1i5vyyEHXfsBaXCllLPUSOCwrd3Vo2lxmJcBXRUCzcPQKhifbDfg-zAqriQC__bR1HdU8NmLjBMwUa8qlpAHpxmWymPPNv--gIwS9M9mSvA41GlmrihSfbRNi33C9K2cZ_vLwWi2UrRQcE7CvACDy1cUspPat9cUg86G-mxxdGZ-i-NiOrvrlqf71wLSp4W6XOPEUdNpWjDhSlX-eE6neORo9Gky5sjUDnBcucMuxQjdZ6V6PEbQ-kQIpJS84J74Y_YF-rguFhmUDr1l4rJTuUMDQl0ZzhY-VVtxaYS70FfwZP_hmgD0-k62nZRGGTosogMLTjZ6fcoEyJrzfJ9yNIaF24zTYIecDPQg1sGX0aFEyAGm7Vit47l0qCtWrFGMEd1q1QIqqIiDz9T2I1bABKHa2p2EBeAEAYgFjNuAulKSBQQIBBgBkgUECAUYBKAGAoAHvsiiwAWoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcEEL-XAtIIKQiA4YBgEAEYnQEyAssCOguAQIDAgICAoKiAAki9_cE6WK2546LO54sDmgnUA2h0dHBzOi8vcXVpei50aGVsaXZlbi5jb20vZW4_dXRtX3NvdXJjZT1nb29nbGUmYWNjb3VudD1jaGVzbWludCZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPTIyMTMzMzUzODY4JnV0bV9kZXZpY2U9YyZwbGFjZW1lbnQ9cGFpbnQudG95cyZ1dG1fY3JlYXRpdmU9NzI5MjgwODI3MzMzJmNhbXBhaWduX25hbWU9MDI4Ml9Hb29nbGUtRGlzcGxheV93b1RhcmdfdzJ3X1B1cmNoLUdUTV9Ub3AyOF9Ub3BDcmVvX2FkaGQtbXBmXzE2MDFfSEkmYWRzZXRfbmFtZT1NQ19BZmZpbml0eUFsbF9Ub3AyOF9hbGxHXzI1LTY1K19hbGxMX1RvcENyZW9fYWRoZC1tcGZfVG9wLTNfMTQwOCZtYXRjaHR5cGU9JmtleXdvcmQ9JnV0bV9hZHNldD0xNzI5MzQ3MzcxODUmdXRtX2FkPTcyOTI4MDgyNzMzMyZhZF9uYW1lPTEzMDM3LTY4NzAtQWR0LVN0YS0zMDB4NjAwLWFkaGQtR0ctRU4tVkFELUZJTC1WSUstU2VlJmdhZF9zb3VyY2U9NYAKA8gLAdoMEAoKEJDo_abT797-bBICAQPiDRMI793jos7niwMVZoKDBx0TJgmz6g0TCLye5KLO54sDFWaCgwcdEyYJs9gTDNAVAZgWAYAXAbIXIAocCAASFHB1Yi02NTMxNTAzMjYwNjcxNDcxGNuiIRgBuhcCOAGyGAkSArFpGAIiAQDQGAHoGAE&sigh=qBjLshzWJ_Y&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSOwCjtLzMQT5XAw2EF1gAJB-3yNSgTFX6sFpLBrR7H-rcI9me85dIg00WQq7Q-Z1Q-9QTeLt6-EfHGYkBGAE&ibtr=1
Domain
api.btloader.com
URL
https://api.btloader.com/country?o=5150306120761344
Domain
api.btloader.com
URL
https://api.btloader.com/pv?tid=QhDy48FmD4-FUgBdjiMU-954f138701&w=5096819819806720&o=5150306120761344&cv=2.177-1-g719a5a7&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=kUFY5F3Ya-MSYFnIgIg-954f138701&pm=true&upapi=true

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| reflect function| OilPainting object| app function| save object| rampjsCore number| cmpVersion object| _pwTycheAB boolean| tycheSampling number| tycheSamplingRate boolean| rampSampling number| rampSamplingRate number| _pageViewSR number| _adImpressionSR object| _pwLogger number| _pwFpSampling string| _pwUserCC string| _pwUserContentEncoding object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| PageOS object| tyche object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| rampjsConfig function| admiral object| googletag boolean| pwRAMPInitiated object| ggeac object| google_js_reporting_queue object| webpackChunkpageos object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime object| pageos object| core object| google_reactive_ads_global_state object| __bt object| __bt_intrnl object| __bt_tag_d object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| apstag object| kinesis object| pbjs object| __pwhbjs boolean| liModuleEnabled object| liQ_instances object| _aps boolean| apstagLOADED object| apscustom object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| lotame_sync_16576 function| ha object| cnvr_launcher_options function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_B object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a boolean| 3d0680fe-356b-448a-9f17-6c70dba14a33 object| __id5_finalization_registry object| ID5 object| conversant number| __google_lidar_ function| __google_lidar_radf_ object| PublisherCommonId object| publink_options object| coreid number| google_unique_id object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| __bt_already_invoked

55 Cookies

Domain/Path Name / Value
.criteo.com/openrtb_2_5/pbjs/auction Name: cto_bundle
Value: dIXaf195WmwzJTJGalpEU3BOUXJyWjElMkZsUnNhVlFWbFpCRzlRQnpIMTBzM1J3WFhZMTFuR1JEcDNLVUM0Z3ZrRnZvZTBEeWJIRThic3UxbHElMkJsJTJGcGxkUlJVZUN6ZVRQWVY0ZUVXVTZIVVNHblQzVkpMcGF5cG80WCUyQiUyRm1Xd3RWSnhnWmFaNVFmNGZjdVNTd25aak8xY3pOYTJWdkElM0QlM0Q
.3lift.com/sync Name: sync
Value: CgoIgAIQipbO-NQyCgoIoQEQipbO-NQyCgoI4gEQipbO-NQyCgoI5gEQipbO-NQyCgoIhwIQipbO-NQyCgkIOhCKls741DIKCQgbEIqWzvjUMgoKCIwCEIqWzvjUMgoKCL8CEIqWzvjUMgoJCF8QipbO-NQy
.liadm.com/j Name: lidid
Value: 99548e9d-5884-4202-acb4-c7efe6a8fe06
.paint.toys/ Name: _ga
Value: GA1.1.1069762894.1740788434
.paint.toys/ Name: _ga_VJBRK9986D
Value: GS1.1.1740788434.1.0.1740788434.0.0.0
.paint.toys/ Name: _ga_CEFZJ359V8
Value: GS1.1.1740788434.1.0.1740788434.0.0.0
paint.toys/ Name: usprivacy
Value: 1---
.criteo.com/ Name: uid
Value: 008fde92-8b62-48f3-a369-47e7040fa52d
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.paint.toys/ Name: _sharedid
Value: b01bf1be-ec87-477e-bae8-474bbdd76440
.paint.toys/ Name: _sharedid_cst
Value: kSylLAssaw%3D%3D
.paint.toys/ Name: _li_dcdm_c
Value: .paint.toys
.paint.toys/ Name: _lc2_fpi
Value: 8e413bd09c43--01jn7h729czkaqbr84xv78wca6
.paint.toys/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1740788435244%7D
.id5-sync.com/ Name: id5
Value: c32fa2d0-e07e-7e08-a349-79f3e1f4b8c3#1740788435274#1
.adnxs.com/ Name: XANDR_PANID
Value: daxJTpGaKbKRjqpYfq1N0PtVUzuhdPvPRYXaRAYrGAMqnff3VHOHrxQazZqfzxHDOHZ53vHl3DbI-o4pUx9Ihk2xRKEQ3Ca3zsw-hPsQ0y4.
.adnxs.com/ Name: icu
Value: ChgIqY80EAoYASABKAEw06WJvgY4AUABSAEQ06WJvgYYAA..
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5952541402449735230
.paint.toys/ Name: FCNEC
Value: %5B%5B%22AKsRol_kVUIq5VkSyz5uURn4xymvMEQ5wmfW1-lfg8MDG3wEsuj66_w02qYfdCni6OY0DAsSqclZ8Cj1bN0lTFQ8fpSWgF3QvMynIyy3ZMTQulBdVAP1n6cE62tDJWb06TKcsFwNFSQDZjTjSGQqjafgZLRDhl25-Q%3D%3D%22%5D%5D
.liadm.com/ Name: lidid
Value: 99548e9d-5884-4202-acb4-c7efe6a8fe06
.rubiconproject.com/ Name: khaos
Value: M7PGHLAM-11-8TGQ
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EjHUd5wBMrsh0RQ87mcpIuh/yvmoBPKWs3lcBh9F0obZtUtwqHhHUJQSBx2P3in8zPh6cqIxiLHfyKPLRELhl3xIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.3lift.com/ Name: tluidp
Value: 2225891793346768251362
.3lift.com/ Name: tluid
Value: 2225891793346768251362
.doubleclick.net/ Name: IDE
Value: AHWqTUmQ6riMRMiDmROUs20oz3iutRStWr5tyZ-4r-QIvwahzb5pa1nORrW_vRbQGkI
.bing.com/ Name: MUID
Value: 0CA10BEBF89863FB276F1E49F94A62EE
.c.bing.com/ Name: MR
Value: 0
.intergient.com/ Name: __cf_bm
Value: k34tqV1aGva53nsq2U_Gq730v04cAg_tIijc8Y4wga4-1740788435-1.0.1.1-4LDBmni1tpRrvNvMM2vPCw45F5uQwjobatpLW46T76OxQj8ANQji4tYMXU5jbBNQU21qolKhTo7nShS_hjgovTYZLUK_AZgLboLucSNd2uI
.linkedin.com/ Name: bcookie
Value: "v=2&5cd81210-d506-47fe-8fcc-20377d36cbac"
.linkedin.com/ Name: li_gc
Value: MTswOzE3NDA3ODg0MzU7MjswMjHOPWbWsxQvKQ+ZTd+zs88DIJz6uvG8K79Z7sU6i6DL9w==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3456:u=1:x=1:i=1740788435:t=1740874835:v=2:sig=AQHigW_J4PAojW8WhZwmPJB9uG4NH_DU"
.paint.toys/ Name: __gads
Value: ID=540156fb6a29249f:T=1740788435:RT=1740788435:S=ALNI_MalLJ8Eb1Vjl7I_XW30NXj5nFSX2g
.paint.toys/ Name: __gpi
Value: UID=00001049d5cdb85e:T=1740788435:RT=1740788435:S=ALNI_MaMoaYrRO04dfUosdx7wgKGPeXm4A
.paint.toys/ Name: __eoi
Value: ID=e03ba26aed94038f:T=1740788435:RT=1740788435:S=AA-Afjagsh4For0NyvQ5qPD6jYOq
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8737cdf7-89cc-5664-77cb-89220f0840ef.ecCDl0C3udRqipNE1ODy7dtLDKMrwUVWUIpmiYOMFn8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8737cdf7-89cc-5664-77cb-89220f0840ef.ecCDl0C3udRqipNE1ODy7dtLDKMrwUVWUIpmiYOMFn8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhzfN94nMVmR3y4kiDwhA76xvzII.g0EvGCvdcObNfX74nUQZGOXLVj3%2F6vM9uB5%2Blm%2FU8Vo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhzfN94nMVmR3y4kiDwhA76xvzII.g0EvGCvdcObNfX74nUQZGOXLVj3%2F6vM9uB5%2Blm%2FU8Vo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAmiIY1X620WTtuTigW0p0AtCIuZ4WBPCp5SR4-DlYcDEGcYBCDUpYm-BjABOgSbPmuqQgQD9LWn.eZ9Ov2qs1pEZub35vcuXH%2FVL1FpbDo5QellhLnUc9aU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAmiIY1X620WTtuTigW0p0AtCIuZ4WBPCp5SR4-DlYcDEGcYBCDUpYm-BjABOgSbPmuqQgQD9LWn.eZ9Ov2qs1pEZub35vcuXH%2FVL1FpbDo5QellhLnUc9aU
paint.toys/ Name: cto_bundle
Value: iDvwfF8waXNKMjh4QlUyZFM0ekIwQllveUgycGhMZzNjVjR4d2dCQWw0dWJzRWpEcWFVTmVlTHM3YVMxN1JMbXFVY0hkRjRXMnRrY1R6QVJXcmM3TXdaSEZ2WGZBOFpYZXV5R1VmSEZkeGhxbWl1VVFzdE5pWkRGSSUyQmdOVDBINWE3aHFUN25aUExvTG0lMkJlJTJGODNzYTY3dTVJT0ElM0QlM0Q
.criteo.com/ Name: cto_bundle
Value: SWSLfF95WmwzJTJGalpEU3BOUXJyWjElMkZsUnNhUyUyRnVEVjRCSUwxTmVXcTlRMWE2dHNqZ0pXNFR0cGExQldXeW9zU1gwM1NzcnpWTkpLeGM3TTJwZmpYVnpPZXdaJTJGZXBoUUxSTTlxOVB3Tm45RlJWJTJGTVU3VW8xbm1TbkJwcmJ2bnl6c0VvbSUyQm5kU243M3Q0VGpNSXV4UlpXNHFaQnclM0QlM0Q
.paint.toys/ Name: cto_bundle
Value: voqj7l8waXNKMjh4QlUyZFM0ekIwQllveUg0YTZIRiUyRmhCV1lGcTJQdmpWRnFBc1YwNUVKRXNWUEJCbyUyRnhiMTBWYkRrUnY3b0V1MzdzdElTVGJlMWZyTm1iVTk1ZldZa0VLOUlaVXlZRyUyQlRlJTJGJTJGOWtXa3ZaY240ejZKZUJkRFVsNHl0a3NBQUltbXBvc1lQVDJqQm5lVWZiQVVnJTNEJTNE
.paint.toys/ Name: cto_bidid
Value: qEkIdF9jSGQlMkZyR2oxUjZNJTJCNSUyQlZZcm93WGMxTko5SUVwVE5zOWk0em9rcmxCcm9iSzRVYVNpRENlV2RyUXF2UnEyb1NJV09tZkJFcWJ4R2djNGN1RW5GOFRDOVd2VzQzSzBGeFJ2NHdic1BLdXJYdyUzRA
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: Z8JS1LmqP04AN0GkAASYIQAA
.casalemedia.com/ Name: CMPS
Value: 4486
.casalemedia.com/ Name: CMPRO
Value: 4486
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6724392223661426952
prebid.intergient.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaOEpTMUxtcVAwNEFOMEdrQUFTWUlRQUFcdTAwMjY0NDg2IiwiZXhwaXJlcyI6IjIwMjUtMDMtMTVUMDA6MjA6MzYuNjMyNTUxNTEyWiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjIyMjU4OTE3OTMzNDY3NjgyNTEzNjIiLCJleHBpcmVzIjoiMjAyNS0wMy0xNVQwMDoyMDozNS44MDQ4Mzc3MThaIn19fQ==
.amazon-adsystem.com/ Name: ad-id
Value: A00eOE0UIkkYlfzcZC52_zo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

15 Console Messages

Source Level URL
Text
rendering warning URL: https://paint.toys/oil/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0703B014C260000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://rtb.openx.net/openrtbb/prebidjs' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fpaint.toys%2Foil%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoYAAV&gdpr=0&src=pbjs&ver=9.11.0&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to XMLHttpRequest at 'https://api.btloader.com/pv?tid=QhDy48FmD4-FUgBdjiMU-954f138701&w=5096819819806720&o=5150306120761344&cv=2.177-1-g719a5a7&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=kUFY5F3Ya-MSYFnIgIg-954f138701&pm=true&upapi=true' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.btloader.com/pv?tid=QhDy48FmD4-FUgBdjiMU-954f138701&w=5096819819806720&o=5150306120761344&cv=2.177-1-g719a5a7&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpaint.toys%2Foil%2F&sid=kUFY5F3Ya-MSYFnIgIg-954f138701&pm=true&upapi=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paint.toys/oil/
Message:
Access to fetch at 'https://api.btloader.com/country?o=5150306120761344' from origin 'https://paint.toys' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.btloader.com/country?o=5150306120761344
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ag.dns-finder.com
api.btloader.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cd836371f1d.cdn.intergient.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.intergient.com
config.aps.amazon-adsystem.com
direct.adsrvr.org
eb2.3lift.com
eus.rubiconproject.com
exchange.cootlogix.com
f292c4248dcb5054f199813a5982d701.safeframe.googlesyndication.com
fastlane.rubiconproject.com
faucetfoot.com
fid.agkn.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
grid-bidder.criteo.com
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.sharethrough.com
oa.openxcdn.net
pa.openx.net
pagead2.googlesyndication.com
paint.toys
pbs-cs.yellowblue.io
prebid.intergient.com
proc.ad.cpe.dotomi.com
raw.githubusercontent.com
rp.liadm.com
rtb.gumgum.com
rtb.openx.net
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
sxcqe.specialday.cl
sync.cootlogix.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
ag.dns-finder.com
api.btloader.com
cdn-ima.33across.com
faucetfoot.com
fid.agkn.com
googleads.g.doubleclick.net
invstatic101.creativecdn.com
lexicon.33across.com
oa.openxcdn.net
paint.toys
rtb.openx.net
securepubads.g.doubleclick.net
www.google.com
x.bidswitch.net
104.18.20.56
104.18.21.56
104.18.24.18
104.18.26.193
104.18.27.193
104.22.52.173
104.22.52.86
104.22.74.216
104.26.2.70
104.87.211.61
108.138.3.93
142.250.181.225
142.250.185.110
142.250.185.226
142.250.185.238
142.250.186.104
142.250.186.138
142.250.186.33
142.250.186.34
142.250.186.97
142.250.74.194
143.204.215.48
146.190.187.150
15.197.167.90
151.101.65.108
162.19.138.117
162.19.138.120
167.99.225.56
172.217.18.6
178.250.1.11
178.250.1.38
178.250.1.39
178.250.1.56
18.157.230.4
18.184.206.66
18.244.21.169
185.199.110.133
185.64.189.112
185.89.210.46
23.219.149.145
23.35.236.201
23.67.137.210
34.245.246.135
34.249.15.87
34.36.214.49
35.159.236.149
35.244.159.8
35.71.170.66
52.222.236.91
52.223.40.198
52.30.155.174
52.31.98.157
52.54.60.70
54.158.53.253
63.176.195.25
64.158.223.146
65.9.66.97
67.198.205.86
69.173.156.139
76.223.111.18
99.86.4.71
016f2975220c19a7ad713f8b01e4e2ccfdd8bcd6be40d43afbee12672b253b23
0428f10fe28c155a288e4e8e2d6ed6c23f551d3a8f6530edea9e609ecf2fad46
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06977d3a0665452c9c2594a7441cc07b029ec8128fa4b9154abfa9cb61a31216
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
1038bb8f948edae0a2a31fbf8a89801e11c658f322c13144b4f4fc9a78a9586b
1526f7f540b829baf0e6d1b491aa7b26b5e49fa160abca67c11695ccfa2cee82
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
17445d0e2e277bc568c5ba6ac329327914b3ece6a258202b09ffce5caf8d7069
183e92f475b06860f8f9434cfdcf5a8236e5affa4cf86177a36a4014614dea2a
192c03f1c3373dad10ffc6028b2f0d3801352f86e72ebdfa3409879a700517f6
1b19b9964afc052f742d6d59e566548a450020a7714ce57eaf65092df4f915db
1dfa09e7f0ab5391fe82a245bfffbb1f0dc25f8969075e99fc09b47b5f75aac9
1f0769b6ec00799d55c116b89a5b71d923e5ea0d9f0d7e1fac3fe1914599e658
24035bd97b7610a17e0c4c3bc77035f8ced6aebcee9fc8fb62530d458ea1adcc
246dffbaeac82d944f25c3ac8a818c5392e3f6b0b02a0cab496a94eb04e3d6a8
2c0f5885b10cbf98b2662d8f92a84ca1ed212ef22212dc2fe2254c52cce7cbf9
2f9f2004b40bde65167c69741a1daaff72563fdd5447993d664a6639bbfac00d
2ff696f311f1afa7aafddb260becd45331aab7ce1741821b0f3e2d9e683382b0
32aa05a5648678542ab9044647f0bf5549c0b53a070585edb773f0e92b72b97d
3af91ca81486a90eb2a10e43735fa3e14eef4fefcb46d6f3db6b95854e11fabe
41b25eb3df7d00c1a4ddf4b86c3cb63d544463651240a90301b39bdbb202a5b7
436814c2374a6d92a42a02d39969ef7c56b5f225667abecb218e692c5569943c
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455c38d0f481826382c5fea7b95c202f23e3c291c762866dca250fc76259ed7f
46fb4fa054a17e9868023411547d8eae814ec10839bd50329b2281fb272c6840
504d234032342a3e61d5c597944d2d38152c444f41186b771a8aef315583056f
53663dc276aadfa5047b7b576dd88296423f13116fc7e2948f78435aac40088e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
57234c0361bef55cff0569a18aa6d5be13af21f714f8eea3d56e4a35badf0ff0
57971afbc630517a859ad5c3a4c82fd6428dcc1afe80c43cf3673bbda6d82f53
5d64e38115d43b7176523245d3cf745f69146ef4254fcbd0de8ecd804cdcfb9b
641768f2d1d19839fc3cecfa5158382fa0d332d5e49e31bcaafbedc4af91995a
6616543a9c8be78c62ee898d07da99fe8cc44d6f287e23dd0106bb7106c2c6e2
68c94403979dcb79d4ba1e46d8e486eb0f6c3e836cc7e31a4888be90f74bb92d
6bb2ae08e0ac99e68f86a0c328eff4fadf602ff0708f5ed15f0beab736fb9936
6ceb226c487cb85243545e768944e0e1ae0944be8fde6c1c43c7314a9287e6d9
6d49c0dda45a7e64720a0b2506adcb2ba36a34bd7ac5df547a4a4982bf86853d
70883a9270d54ca9914810ee600c39f62c1147243374c8b93b7095f9c78b4b66
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7af7d6e87956d5fa4efa79a20dadf99c8646b041ae992cc64f53cf7e4ca5dc4e
7e4d2c9111e1ca31b5e2e4bfd5a66925f07c0c232672f31481c6b66a89b26f16
7ef94dc96b1d4d130a012aed35ba98e01028752c658167154088ea9255b57703
831572df9b118e2cece5f8b3bf46618433d6eb4a84aa1e98c2b01152d2a5d962
85045ada978bb385679e1d0076929b9ea53e0874764abf348c3c148b33fd3ef8
856aca2aa33b640c12ef6a7d19d6e5cad74b85dbb01c42b7beb59de3613b83f9
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9a4ad1815e1afc5016fa94927a5498e214d0a525de85a2004d8b96e0cbf217
930f76466a9eb4f30d5eb615b47214dbde199ea4e41372f0a0f4234999effd26
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
a029e173b33056af7f3d8dc6557af2068f19bd3f5434dd3aebf0d2a15c79641a
a3922f75ea60468615f3c74a35590430179ab22033d9026a5a08a93ab55c6801
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227
a79e72b537756e14ba14118072eecc572693653d5cd5fc8a44a721890b0ed417
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ae6a48e7dafe5432093acda9fc6cb51708a33068ee6ed42ca3a825e6ef651f37
af7251fc9564518a64abf1b92a0e7a9a0296792521a862c943762e3847732a5f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b9ab3ca5311cddda666128da1a9ad7b090d4766e02b742a3df3edef43a49983a
c3b5f6e0901cff75304548d2b3ad58f4b6fd7ec21c2b09290e815e94700554a3
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c73bd1b833a354f7a42ad24f5b7d467f024ea786cc6231ec701a7663d0c6e325
c91c09319c4b0a24c72c0036cef74c17b85d3c4e2a4abf8153f5710421fe5b4c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d261d2d57a7427405a765113057358f49b2d1a65f79d67a49366a477d06aa89f
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da6fb44a02d82693afe1d3567e6f50d1ee48293e5604cc5d2d07784c78ce6179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91c87de4de6d6ac01cf83cc344603d7f3e7a4c07a21628997bbfbdc4506dad4
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f23ff77a1f319848c1e2354f465046d1c664913be6a28ca3b4d42eb5537e549e
f4d368e4230539c778afbb020e0ea611b3e1d984179f5b3769b44081d6703f3b
f5624a5cc57e615affbffcf7cba17057f2eb21d26243c412104e4eaa8e3094a4
f9fdbdc7d871ddedd144ca9ca9cf55de0ced30e71062c4abe224977f92e76908
fb758cc2b5126150d0085d9125b1a4ebb9fd0d7447a374b7b2b622bd85b60513
fdc87e4e5e8777adf9ba4a2db46429489403b145bb2c9d61653e12851179b2d2