prnt.sc Open in urlscan Pro
104.27.27.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://prntscr.com/igqghw
Effective URL:
https://prnt.sc/igqghw
Submission: On November 05 via manual (November 5th 2019, 6:55:45 pm UTC) from BG

Summary HTTP 77 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 77 HTTP transactions. The main IP is 104.27.27.84, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 3rd 2019. Valid for: 6 months.

This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	104.20.13.105 104.20.13.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.27.27.84 104.27.27.84	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.20.14.105 104.20.14.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
7	151.139.242.3 151.139.242.3	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
5	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX - MNX Solutions LLC)
1 5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER - Twitter Inc.)
5	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.21.186.39 52.21.186.39	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	74.214.194.133 74.214.194.133	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	151.101.12.166 151.101.12.166	54113 (FASTLY) (FASTLY - Fastly)
77	20

19 104.20.13.105 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.27.27.84 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prnt.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.14.105 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

image.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.242.3 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.207.255.147 (Monroe, United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.186.39 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-186-39.compute-1.amazonaws.com

brightcombid.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.166 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	prntscr.com 2 redirects prntscr.com st.prntscr.com image.prntscr.com api.prntscr.com	98 KB
12	ad4game.com cdn.ad4game.com ads.ad4game.com	229 KB
9	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	58 KB
7	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	94 KB
6	ampproject.org cdn.ampproject.org	155 KB
6	facebook.com 1 redirects staticxx.facebook.com www.facebook.com	434 B
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
3	googletagservices.com www.googletagservices.com	72 KB
3	google.com 2 redirects www.google.com adservice.google.com	406 B
2	contextweb.com bid.contextweb.com bh.contextweb.com	993 B
2	facebook.net connect.facebook.net	58 KB
2	google.de www.google.de adservice.google.de	280 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	prnt.sc prnt.sc	18 KB
1	marphezis.com brightcombid.marphezis.com	107 B
77	15

	Domain	Requested by
17	st.prntscr.com	prnt.sc st.prntscr.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net prnt.sc cdn.ampproject.org
7	cdn.ad4game.com	prnt.sc cdn.ad4game.com ads.ad4game.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net prnt.sc
5	www.facebook.com	1 redirects connect.facebook.net
5	ads.ad4game.com	cdn.ad4game.com prnt.sc
4	platform.twitter.com	prnt.sc platform.twitter.com
3	www.googletagservices.com	ads.ad4game.com securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com
2	connect.facebook.net	prnt.sc connect.facebook.net
2	www.google.com	2 redirects
2	www.google-analytics.com	1 redirects prnt.sc
2	prnt.sc	prnt.sc
2	prntscr.com	2 redirects
1	bh.contextweb.com
1	bid.contextweb.com	cdn.ad4game.com
1	googleads.g.doubleclick.net
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	brightcombid.marphezis.com	cdn.ad4game.com
1	syndication.twitter.com	prnt.sc
1	staticxx.facebook.com	connect.facebook.net
1	api.prntscr.com	st.prntscr.com
1	www.google.de	prnt.sc
1	stats.g.doubleclick.net	1 redirects
1	image.prntscr.com	prnt.sc
77	27

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com

Subject Issuer	Validity	Valid
ssl387277.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-03` - `2020-05-11`	6 months	crt.sh
ssl366238.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-04` - `2020-05-12`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.ad4game.com Go Daddy Secure Certificate Authority - G2	`2017-11-23` - `2020-01-16`	2 years	crt.sh
www.google.de GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
marphezis.com Amazon	`2019-02-26` - `2020-03-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh

This page contains 9 frames:

Primary Page: https://prnt.sc/igqghw
Frame ID: 977A5813711EEBB9CF21F7588403ECD4
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fprnt.sc
Frame ID: ED9ED2774B4842BF132576F9B127C672
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: CFDEAD11E7DC59C494E909817FDE54AA
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 77E217518B8DFB4F3B46186CEA90CFBA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dffd6ddb3c068b%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Figqghw&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: 46F3A2D65F1E9273A294580E133876FB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Figqghw&locale=en_US&migrated=1&sdk=joey&xid=igqghw
Frame ID: 758ACDACBA55087BABBDD12669486089
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df304f2ed0afa92c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: 192EFFD57D9BF8120694C203D787EB32
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js
Frame ID: 9EBB87680B6AAAC3AC5ED23EB9EF6F0F
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLDoV9hi6QQp3NAdkavFe79RiITMjDDaUDrHyh8DOo0rNSp8Wx74Gp5zNNtI1Q12IXPYGcDQ9N_ArNVemncmhVlJCn30gQ7RNRhypJFx5P9KvdveGWtStKb5VRMVcDicOGs4dNljYoFuN7RozsVcDd6kZpzwlVbKon6QXlmXaIIlI9dGh9CEDWhqOC1yO8g-gMqrGMmecVRYMEst1QHTD7ZLifrkpQLZjmiwOVTBQfmFZ9&sai=AMfl-YSvAjTCHu_Bg9LY4UP2k1J921fnK5iavQhOIQpjfsRyL73IFOWI9TrnZZUQST-JfBJ6DGG0r8lic_JXcPC6oRxzDntcW_3ti4iaCb5C&sig=Cg0ArKJSzDQ0WyPvHAmjEAE&urlfix=1&adurl=
Frame ID: A494B3CD5D93B137E4A56C4833FBDB9A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://prntscr.com/igqghw HTTP 301
https://prntscr.com/igqghw HTTP 301
https://prnt.sc/igqghw Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

77
Requests

99 %
HTTPS

52 %
IPv6

15
Domains

27
Subdomains

20
IPs

5
Countries

832 kB
Transfer

2194 kB
Size

0
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://app.prntscr.com/translate-lightshot.html
Title: Add your language

Search URL Search Domain Scan URL

URL: https://prntscr.com/gallery.html
Title: Sign in

Search URL Search Domain Scan URL

URL: https://twitter.com/Light_shot

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Lighshot

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/
Title: Captured with Lightshot

Search URL Search Domain Scan URL

URL: http://www.google.com/searchbyimage?image_url=https://image.prntscr.com/image/Ic1QejXkSbKqeBnnVMNCSQ.png
Title: find similar

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/download.html
Title: Download

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/tutorials.html
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/privacy.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/help.html
Title: Help

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/advertise.html
Title: Advertise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://prntscr.com/igqghw HTTP 301
https://prntscr.com/igqghw HTTP 301
https://prnt.sc/igqghw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=865594106&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Figqghw&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1774453701&gjid=392290714&cid=2031934299.1572980129&tid=UA-12353127-1&_gid=937612020.1572980129&_r=1&z=54224839 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_gid=937612020.1572980129&gjid=392290714&_v=j79&z=54224839 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_v=j79&z=54224839 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_v=j79&z=54224839&slf_rd=1&random=1899343821

Request Chain 41

https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Figqghw&locale=en_US&migrated=1&sdk=joey&xid=igqghw HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Figqghw&locale=en_US&migrated=1&sdk=joey&xid=igqghw

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

77 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request igqghw Show response
prnt.sc/
Redirect Chain

http://prntscr.com/igqghw
https://prntscr.com/igqghw
https://prnt.sc/igqghw

14 KB
4 KB

160ms
115ms

Document
text/html

104.27.27.84
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.27.84 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

436f837da1b14b0f9bb56ac3e29d92c2097ccaea911a9e6f98a5a263ec2a70c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: prnt.sc
:scheme: https
:path: /igqghw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Tue, 05 Nov 2019 18:55:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2431725be1219902cd65c8fa0cf50f381572980129; expires=Wed, 04-Nov-20 18:55:29 GMT; path=/; domain=.prnt.sc; HttpOnly
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53110ace9c487239-AMS
content-encoding: br

Redirect headers

status: 301
date: Tue, 05 Nov 2019 18:55:28 GMT
content-type: text/html
content-length: 178
location: https://prnt.sc/igqghw
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53110acdaf56d905-AMS

GET
H2 200 main.css
st.prntscr.com/2019/09/03/1652/css/ 57 KB
9 KB 43ms
28ms Stylesheet
text/css 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/css/main.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 911
etag: W/"5d6e9aba-23d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 53110acf7cc8d905-AMS
expires: Tue, 05 Nov 2019 18:46:24 GMT

GET
H2 200 jquery.1.8.2.min.js Show response
st.prntscr.com/2019/09/03/1652/js/ 91 KB
32 KB 65ms
50ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.1.8.2.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 911
etag: W/"5d6e9aba-827c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 53110acf7ccdd905-AMS
expires: Tue, 05 Nov 2019 18:48:31 GMT

GET
H2 200 script.mix.js Show response
st.prntscr.com/2019/09/03/1652/js/ 69 KB
23 KB 49ms
34ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/script.mix.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d97eceed104056daaf08c5e49d81aac0391aa894dfc1729ad3a28a7623cf07b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 917
etag: W/"5d6e9aba-5e6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 53110acf7cccd905-AMS
expires: Tue, 05 Nov 2019 18:48:47 GMT

GET
H2 200 Ic1QejXkSbKqeBnnVMNCSQ.png
image.prntscr.com/image/ 13 KB
13 KB 127ms
83ms Image
image/png 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.prntscr.com/image/Ic1QejXkSbKqeBnnVMNCSQ.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Magic
Resource Hash: a0abb6da16eb33b8453216d0d7fc16b0479caedb383977e23e433621dbd1e288

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: MISS
x-powered-by: Magic
status: 200
content-length: 13127
last-modified: Mon, 19 Feb 2018 08:53:08 GMT
server: cloudflare
etag: "bfb551a97eb8813b20bf0d69b604a72d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 53110acf9f90d925-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 02 Nov 2029 18:55:29 GMT

GET
H2 200 igqghw
prnt.sc/ 14 KB
14 KB 120ms
120ms Image
text/html 104.27.27.84
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prnt.sc/igqghw

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.27.84 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 53110acf5d0f7239-AMS

GET
H2 200 image-helper.js Show response
st.prntscr.com/2019/09/03/1652/js/ 3 KB
1 KB 30ms
28ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/image-helper.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:53:38 GMT
server: cloudflare
age: 917
etag: W/"5d6e9a92-a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 53110acffe7ad905-AMS
expires: Tue, 05 Nov 2019 18:51:38 GMT

GET
H2 200 footer-logo.png
st.prntscr.com/2019/09/03/1652/img/ 630 B
848 B 28ms
27ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/footer-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 918
cf-polished: origFmt=png, origSize=1848
status: 200
content-disposition: inline; filename="footer-logo.webp"
content-length: 630
last-modified: Mon, 05 Sep 2016 15:49:19 GMT
server: cloudflare
etag: "57cd93ff-738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 18:52:39 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110acffe83d905-AMS
cf-bgj: imgq:100

GET
H2 200 jquery.smartbanner.css
st.prntscr.com/2019/09/03/1652/css/ 4 KB
1 KB 31ms
30ms Stylesheet
text/css 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/css/jquery.smartbanner.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:11 GMT
server: cloudflare
age: 917
etag: W/"5d6e9ab3-ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 53110acffe7dd905-AMS
expires: Tue, 05 Nov 2019 18:46:51 GMT

GET
H2 200 jquery.smartbanner.js Show response
st.prntscr.com/2019/09/03/1652/js/ 8 KB
3 KB 31ms
31ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.smartbanner.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 917
etag: W/"5d6e9aba-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 53110acffe7fd905-AMS
expires: Tue, 05 Nov 2019 19:05:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1311
date: Tue, 05 Nov 2019 18:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 05 Nov 2019 20:33:38 GMT

GET
H2 200 async-ajs.min.js Show response
cdn.ad4game.com/ 3 KB
2 KB 73ms
20ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1451
referrer-policy: no-referrer
last-modified: Fri, 16 Aug 2019 06:00:12 GMT
server: nginx
x-serveraddr: 10.100.0.151
etag: W/"5d56466c-ca8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 page-bg.png
st.prntscr.com/2019/09/03/1652/img/ 5 KB
6 KB 28ms
28ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/page-bg.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 918
cf-polished: origFmt=png, origSize=7116
status: 200
content-disposition: inline; filename="page-bg.webp"
content-length: 5608
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
etag: "5d6e9aba-1a7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 18:58:44 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110acffe89d905-AMS
cf-bgj: imgq:100

GET
H2 200 header-logo.png
st.prntscr.com/2019/09/03/1652/img/ 4 KB
4 KB 30ms
29ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/header-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 912
cf-polished: origFmt=png, origSize=7995
status: 200
content-disposition: inline; filename="header-logo.webp"
content-length: 4152
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
etag: "5d6e9aba-1e52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 18:58:44 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110acffe8cd905-AMS
cf-bgj: imgq:100

GET
H2 200 button-download.png
st.prntscr.com/2019/09/03/1652/img/ 314 B
546 B 34ms
34ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/button-download.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 918
cf-polished: origFmt=png, origSize=1404
status: 200
content-disposition: inline; filename="button-download.webp"
content-length: 314
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-57c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 18:52:28 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110ad00ed4d905-AMS
cf-bgj: imgq:100

GET
H2 200 button-icon-sep.png
st.prntscr.com/2019/09/03/1652/img/ 40 B
230 B 35ms
35ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/button-icon-sep.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 919
cf-polished: origFmt=png, origSize=928
status: 200
content-disposition: inline; filename="button-icon-sep.webp"
content-length: 40
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-3a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 18:52:37 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110ad00ed8d905-AMS
cf-bgj: imgq:100

GET
H2 200 icon-twitter_gscale.png
st.prntscr.com/2019/09/03/1652/img/ 374 B
540 B 36ms
35ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-twitter_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 918
cf-polished: origFmt=png, origSize=1535
status: 200
content-disposition: inline; filename="icon-twitter_gscale.webp"
content-length: 374
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 19:04:14 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110ad00ec0d905-AMS
cf-bgj: imgq:100

GET
H2 200 icon-facebook_gscale.png
st.prntscr.com/2019/09/03/1652/img/ 296 B
479 B 32ms
32ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-facebook_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 919
cf-polished: origFmt=png, origSize=1325
status: 200
content-disposition: inline; filename="icon-facebook_gscale.webp"
content-length: 296
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-52d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 18:57:56 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110ad00ed5d905-AMS
cf-bgj: imgq:100

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=865594106&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Figqghw&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_gid=937612020.1572980129&gjid=392290714&_v=j79&z=54224839
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_v=j79&z=54224839
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_v=j79&z=54224839&slf_rd=1&random=1899343821

42 B
109 B

30ms
29ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_v=j79&z=54224839&slf_rd=1&random=1899343821

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 18:55:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Nov 2019 18:55:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=2031934299.1572980129&jid=1774453701&_v=j79&z=54224839&slf_rd=1&random=1899343821
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon-edit.png
st.prntscr.com/2019/09/03/1652/img/ 461 B
607 B 36ms
35ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-edit.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 922
cf-polished: origSize=3153, status=webp_bigger
status: 200
content-length: 461
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Tue, 05 Nov 2019 18:50:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110ad02f2cd905-AMS
cf-bgj: imgq:100

GET
H2 200 icon-camera.png
st.prntscr.com/2019/09/03/1652/img/ 158 B
317 B 32ms
31ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-camera.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 922
cf-polished: origFmt=png, origSize=1089
status: 200
content-disposition: inline; filename="icon-camera.webp"
content-length: 158
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 18:51:40 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110ad02f2dd905-AMS
cf-bgj: imgq:100

GET
H2 200 icon-abuse.png
st.prntscr.com/2019/09/03/1652/img/ 126 B
299 B 30ms
30ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-abuse.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
cf-cache-status: HIT
age: 922
cf-polished: origFmt=png, origSize=327
status: 200
content-disposition: inline; filename="icon-abuse.webp"
content-length: 126
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 05 Nov 2019 19:02:03 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 53110ad02f30d905-AMS
cf-bgj: imgq:100

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3f749b10128d43c3b8a8706b3c0b15fc1204836a563f44d3566030f83f713323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: d1+uh7Zc+G3VZArNskGkkw==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 1780
etag: "b505551106b67cbd26e2aa519bfe6f8e"
x-fb-debug: kX4bzP4DzJERZaWaUwvImEvI89jsL1yRKqdBI2M4xvWr/4mQ/hMriAXkpVUsj2e4efiOUp2rHT13Gde2jkD6mw==
x-fb-trip-id: 975780461
x-fb-content-md5: b69198b15fb0134bc2dbf684482a10f3
x-frame-options: DENY
date: Tue, 05 Nov 2019 18:55:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Nov 2019 19:01:31 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40F9) /
Resource Hash: f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 18:55:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 23:03:20 GMT
Server: ECS (fcn/40F9)
Etag: "dbb5834a50c19a7a8e3ad3ae8f1c1329+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28705

POST
H2 200 / Show response
api.prntscr.com/v1/ 92 B
282 B 346ms
346ms XHR
application/json 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.1.8.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://prnt.sc
access-control-allow-credentials: true
cf-ray: 53110ad13a74d905-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html
platform.twitter.com/widgets/ Frame ED9E 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fprnt.sc
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://prnt.sc/igqghw
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/igqghw

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Nov 2019 18:55:21 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Tue, 22 Oct 2019 22:27:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4185)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 185 KB
56 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=2e107ec69dc25692f7a656ccb3199637&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

280f70203b9fdb3dfbd9f368a08c198e256d5301d597bf7b3a675e60cbaff697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zlWIu32YttV5XNcye4frUQ==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 56436
etag: "a374c53382abb53ad80e5f3aefc272e0"
x-fb-debug: a6/Tl1VVemnh2rIs4GSi3tuf46GD0ts0CczG3tFDwKMDiZM7knSEphFu3kTnOD6DY8KkuTgbe/TJs1dMQUG7dA==
x-fb-trip-id: 975780461
x-fb-content-md5: 2b1d45e9b9cc52207766d5fbbb7508d3
x-frame-options: DENY
date: Tue, 05 Nov 2019 18:55:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 04 Nov 2020 17:14:50 GMT

GET
H2 200 prebid.js Show response
cdn.ad4game.com/ 244 KB
91 KB 24ms
24ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 93173
referrer-policy: no-referrer
last-modified: Wed, 16 Oct 2019 14:28:03 GMT
server: nginx
x-serveraddr: 10.100.0.139
etag: W/"5da728f3-3cf4c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ 6 KB
2 KB 478ms
127ms Script
text/javascript 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g7953271&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Figqghw&c=UTF-8&z=60918,60917,60916&b=7&x=7
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: a49094683eae4562d3e2bbe8650a87d9e616557da06ba9c16e2fdac727dd2b1e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Tue, 05 Nov 2019 18:55:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.138
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK button.d941c9a422e2e3faf474b82a1f39e936.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d941c9a422e2e3faf474b82a1f39e936.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4197) /
Resource Hash: a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 18:55:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 22:27:16 GMT
Server: ECS (fcn/4197)
Etag: "89c7a09d87bdc0f1b87105d8f841b83e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame CFDE 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AD) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://prnt.sc/igqghw
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/igqghw

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Nov 2019 18:55:29 GMT
Etag: "9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified: Tue, 22 Oct 2019 22:27:22 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AD)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12256

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 77E2 0
0 9ms
7ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e107ec69dc25692f7a656ccb3199637&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/igqghw
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/igqghw

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 03 Nov 2020 20:49:50 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: JOvBMWOGbkqThkZiQ7IW9RbO2Y6vEB73PVVC1gIn/BzLyajTTVvXEwqtOVZbjw21gSvFu3XLfbWusj6yV8qNUw==
content-length: 12385
x-fb-trip-id: 975780461
date: Tue, 05 Nov 2019 18:55:29 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 98ms
98ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=154822244543652&input_token&origin=1&redirect_uri=https%3A%2F%2Fprnt.sc%2Figqghw&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e107ec69dc25692f7a656ccb3199637&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: ohpAe9iLSPPefouCqUYt8kV82CsNhtIP86Hn6Q0g9x7wZjVluQsNojiAl8nDqdkC4Jq3O2e8bj/DED+UY/2FeA==
fb-s: unknown
status: 200
date: Tue, 05 Nov 2019 18:55:29 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://prnt.sc
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 357f621f505a363b75e13ae553778e633c8020fec168ac5e330795323be517d9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 143ms
143ms Image
image/gif 104.244.42.8
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2Figqghw%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1572980129514%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%223541749%3A1571780739496%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Tue, 05 Nov 2019 18:55:29 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d35b301a2ca13b506f8ee6df0a537f00
x-transaction: 00980c520094aa43
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 49 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g7953271&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Figqghw&c=UTF-8&z=60918,60917,60916&b=7&x=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4bbc03a9fcd94ea2941b59d5b4d7772cdc893ec3105c3390632fd12b56d303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "327 / 336 of 1000 / last-modified: 1572905287"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15503
x-xss-protection: 0
expires: Tue, 05 Nov 2019 18:55:29 GMT

GET
H/1.1 200
OK bid Show response
ads.ad4game.com/v1/ 8 KB
2 KB 564ms
331ms XHR
application/json 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2Figqghw&size=970x90%3B728x90%3B300x250&id=2599e18bc9f2e1%3B3c1e19469b9142%3B468e3d9e138327&zoneId=60918%3B60917%3B60916&
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 0a672a0d40d34a4fe5e1200d8575762efe9543c95793e647cce9d698eb5d3e86

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 05 Nov 2019 18:55:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://prnt.sc
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context: application:12061

POST
H2 204 hb Show response
brightcombid.marphezis.com/ 0
107 B 413ms
132ms XHR
text/plain 52.21.186.39
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://brightcombid.marphezis.com/hb
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.186.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-186-39.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 05 Nov 2019 18:55:30 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-origin: https://prnt.sc

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019103101.js Show response
securepubads.g.doubleclick.net/gpt/ 159 KB
58 KB 58ms
58ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

e4ab34b8a905b1076f36fddd2dc1e2dacd9c1bbca6614ab260e9b40aa0dced41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 13:10:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59272
x-xss-protection: 0
expires: Tue, 05 Nov 2019 18:55:29 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 46F3 0
0 226ms
226ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dffd6ddb3c068b%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Figqghw&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e107ec69dc25692f7a656ccb3199637&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dffd6ddb3c068b%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Figqghw&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/igqghw
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/igqghw

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: qXmTQQgC8mBsT/GMHGYx97+YdW0w+5kvyqnKWOciEZJgHUdCmvKig4oKKpCbWUNyDhlb/UKQySOoSrEiTuVN/w==
date: Tue, 05 Nov 2019 18:55:30 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 758A
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%...
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%...

0
0

191ms
191ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Figqghw&locale=en_US&migrated=1&sdk=joey&xid=igqghw

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e107ec69dc25692f7a656ccb3199637&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Figqghw&locale=en_US&migrated=1&sdk=joey&xid=igqghw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/igqghw
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/igqghw

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: QKuAwu/rnW8ao8wVujJhgSXD6ANYEBOErOQCUaX7+mbmJ6TyCXPgSMOUVM//os5Y5MnyNJjGIiPQKo59ckSSTQ==
date: Tue, 05 Nov 2019 18:55:30 GMT
alt-svc: h3-23=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df37e43b23edfab8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Figqghw&locale=en_US&migrated=1&sdk=joey&xid=igqghw
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ozmu3tYIS7Yehh6mNPgdu8YhZrtLKKWpfQ8xergddJ3eJM7q1PuDRmAFUFZTNd0+8uHqLkR3xsKnxRmjFjHNew==
content-length: 0
date: Tue, 05 Nov 2019 18:55:30 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 like_box.php
www.facebook.com/plugins/ Frame 192E 0
0 141ms
141ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df304f2ed0afa92c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e107ec69dc25692f7a656ccb3199637&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df304f2ed0afa92c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff27680b71686d%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/igqghw
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/igqghw

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: GMa5rMKQqbd3NG+n/saVFh8X9DU3mmNDb/CCtsFYCqCxvwMwMjA7Vf6lYzXTESZyEzqhGKNIVKFauM9+eVCrcQ==
date: Tue, 05 Nov 2019 18:55:30 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 341ms
341ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=780584793576059&correlator=280761979931771&output=ldjh&impl=fifs&adsid=NT&eid=21062889%2C21065017&vrg=2019103101&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191105&iu_parts=60257202%2C60918%2C6091717%2C60916&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D970x90%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D2599e18bc9f2e1%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.05%26hb_adid%3D2599e18bc9f2e1%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D3c1e19469b9142%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D3c1e19469b9142%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D468e3d9e138327%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D468e3d9e138327%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1572980130&dt=1572980130411&dlt=1572980129163&idt=774&frm=20&biw=1585&bih=1200&oid=3&adxs=308%2C429%2C308&adys=70%2C720%2C842&adks=1432691387%2C518174652%2C4042975291&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprnt.sc%2Figqghw&dssz=29&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C728x90%7C300x250&msz=970x-1%7C728x-1%7C300x-1&ga_vid=592077583.1572980130&ga_sid=1572980130&ga_hid=865594106&fws=0%2C0%2C0&ohw=0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

32b7e8eecdab688ff769db656eec6df7a815ea45c98ccb089f35a5492a9a55df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11017
x-xss-protection: 0
google-lineitem-id: -2,-1,4728527039
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,138237963302
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://prnt.sc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019103101.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
25 KB 57ms
57ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

5075b0d31c00903c1a8f437e6e356da4ebf9fe7066ac6809427d184b55fc382c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 13:10:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25134
x-xss-protection: 0
expires: Tue, 05 Nov 2019 18:55:30 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 0
0 7ms
5ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ 20 KB
8 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 3360
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7923
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 17:59:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "78dc79e454080e42"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 17:59:30 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ Frame 9EBB 243 KB
77 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 3353
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 78754
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 17:59:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e013cb1224f59e75"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 17:59:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 9EBB 15 KB
6 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d94dd9f1c15cb40a01fe3f987c6499414a7ef7e06e505aa1e25b067cfddd3acf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 3304
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6069
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 18:00:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "537ce8f1ba726417"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 18:00:26 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 9EBB 151 KB
47 KB 38ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 3409
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47460
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 17:58:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8efde0f72d912957"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 17:58:41 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 9EBB 3 KB
2 KB 51ms
19ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87ed2f2b7e6cca24345f5b11714e96b5695527dcbb27b401e938a059ae049b12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 3443
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1593
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 17:58:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "69b72fb8329d9e71"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 17:58:07 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 9EBB 44 KB
15 KB 49ms
18ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

24af76725a32febb7ba698e7c6c3f1db7eae95380fc500d1d534272364b5100a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 3413
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15697
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 17:58:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5217ce22b5d5bd36"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 17:58:37 GMT

GET
DATA 200
OK truncated
/ Frame 9EBB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 861a9006076729edb8007ac5d2b1343935114f28c6e4e754075a69366b51be7d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame A494 0
255 B 38ms
38ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLDoV9hi6QQp3NAdkavFe79RiITMjDDaUDrHyh8DOo0rNSp8Wx74Gp5zNNtI1Q12IXPYGcDQ9N_ArNVemncmhVlJCn30gQ7RNRhypJFx5P9KvdveGWtStKb5VRMVcDicOGs4dNljYoFuN7RozsVcDd6kZpzwlVbKon6QXlmXaIIlI9dGh9CEDWhqOC1yO8g-gMqrGMmecVRYMEst1QHTD7ZLifrkpQLZjmiwOVTBQfmFZ9&sai=AMfl-YSvAjTCHu_Bg9LY4UP2k1J921fnK5iavQhOIQpjfsRyL73IFOWI9TrnZZUQST-JfBJ6DGG0r8lic_JXcPC6oRxzDntcW_3ti4iaCb5C&sig=Cg0ArKJSzDQ0WyPvHAmjEAE&urlfix=1&adurl=

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 18:55:30 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Nov 2019 18:55:30 GMT

GET
H2 200 async-ajs.min.js Show response
cdn.ad4game.com/ Frame A494 3 KB
2 KB 20ms
20ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 05 Nov 2019 18:55:30 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1451
referrer-policy: no-referrer
last-modified: Fri, 16 Aug 2019 06:00:12 GMT
server: nginx
x-serveraddr: 10.100.0.151
etag: W/"5d56466c-ca8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A494 76 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

15e0a9542e3b37b78841846f6d6bf8ed15e35683cb596d8ed4913e912f8362bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1572633785634088"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
expires: Tue, 05 Nov 2019 18:55:30 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a71cc134826b38085a6d63bca1e00de7ab8518ae02f7b5e2ae46cf11781e44e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1572633785634088"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29301
x-xss-protection: 0
expires: Tue, 05 Nov 2019 18:55:30 GMT

GET
H2 200 9415383437010186701
tpc.googlesyndication.com/simgad/ Frame 9EBB 25 KB
26 KB 12ms
7ms Image
image/png 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9415383437010186701?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmA4df-yozvFSU0aMmNwzDEoxSuzg

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0dc52704e12c73d09e4521ae19d6ec5c5dc848575ab587a02cf95d3b3beca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 02:44:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Oct 2019 02:38:36 GMT
server: sffe
age: 403833
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26052
x-xss-protection: 0
expires: Sat, 31 Oct 2020 02:44:57 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9EBB 3 KB
3 KB 11ms
6ms Image
image/png 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 10:21:39 GMT
x-content-type-options: nosniff
server: cafe
age: 30831
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Wed, 06 Nov 2019 10:21:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9EBB 344 B
458 B 10ms
6ms Image
image/png 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: prnt.sc
URL: https://prnt.sc/igqghw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 15:54:40 GMT
x-content-type-options: nosniff
server: cafe
age: 10850
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 06 Nov 2019 15:54:40 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9EBB 0
0 42ms
39ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5XOCosXBXaCCHcbi3wPTs7DABNTAy9xZvpW3rZEKFBABIKKZoRygAfGD_ZUDyAEC4AIAqAMByAMIqgTHAU_QqJBiVp_FJocZq8U5PoLevZcAh-XF2aG_ej5apSNNkMrrLmaC37Cfw0hTNWhjAU5XiZq-XUxroROTkNiDdYvDbGu35Qw1JFmivmxEmXzN2gcMZBoEtpUTB5PTj19Hz-JvkjCGuQnuvWuiklaVBN-uQxv4pB3od5OOcUByIilhfn4C-IiZs_x-1NjwJYDbdx7lnDjMj2-JMI5Zx04P0tR0P4X58Yeczpu8utNWuStT9MXs-rcX-wvF8cbJ2nQe0yYFlX6cQdXABP7a2qP7AeAEAZIFBAgEGAGSBQQIBRgEoAYCgAfewLt9qAeOzhuoB9XJG6gHk9gbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBD8hQvSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi02NjUwMDE2MjEyNDgwOTkxgAoD2BMM&sigh=UNM5dR_uOPk&tpd=AGWhJmsFmvG-DPEePucCRaGDIoOFk6zLWIkDSA6XV5ERrFlpdA
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H2 200 adbyv1.gif
cdn.ad4game.com/ Frame A494 112 B
370 B 22ms
20ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 05 Nov 2019 18:55:30 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
access-control-allow-origin: *
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.138
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ Frame A494 35 B
858 B 486ms
134ms Image
image/gif 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=541977&campaignid=31069&zoneid=60916&referer=&tag=hb&ver=4.0&tagi=2019-05-21T10-45&cb=BFp3l6QM8DYHi6TP&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNiwiZXhwIjoxNTcyOTgwMTkwfQ.DTkz96ChWgPLjptM_qVqSDrGnHVvoiIfGjxEeN2hYyI&bn=ad4game&bid=0.05&if=0
Requested by: Host: prnt.sc
URL: https://prnt.sc/igqghw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 18:55:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12061
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 prebid.js Show response
cdn.ad4game.com/ Frame A494 244 KB
91 KB 21ms
21ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 05 Nov 2019 18:55:30 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 93173
referrer-policy: no-referrer
last-modified: Wed, 16 Oct 2019 14:28:03 GMT
server: nginx
x-serveraddr: 10.100.0.139
etag: W/"5da728f3-3cf4c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ Frame A494 12 KB
4 KB 578ms
345ms Script
text/javascript 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5950331&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Figqghw&c=UTF-8&z=66549&b=1&x=1
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 7881903a3eb1eb7a1fe00f09c012c0ff42d4b749ac2aaf93872912915b0debf1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Tue, 05 Nov 2019 18:55:31 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.139
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
DATA 200
OK truncated
/ Frame A494 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc609a44986d2e1149915c0433325586aa8fd2c892c8a52de017717ec554f6b1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9415383437010186701
tpc.googlesyndication.com/simgad/ Frame 9EBB 25 KB
26 KB 6ms
5ms Image
image/png 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9415383437010186701?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmA4df-yozvFSU0aMmNwzDEoxSuzg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0dc52704e12c73d09e4521ae19d6ec5c5dc848575ab587a02cf95d3b3beca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 02:44:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Oct 2019 02:38:36 GMT
server: sffe
age: 403833
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26052
x-xss-protection: 0
expires: Sat, 31 Oct 2020 02:44:57 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9EBB 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 10:21:39 GMT
x-content-type-options: nosniff
server: cafe
age: 30831
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Wed, 06 Nov 2019 10:21:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9EBB 344 B
411 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 15:54:40 GMT
x-content-type-options: nosniff
server: cafe
age: 10850
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 06 Nov 2019 15:54:40 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9EBB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

44ms
40ms

Image
text/html

2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Redirect headers

date: Tue, 05 Nov 2019 18:55:30 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame A494 0
363 B 164ms
119ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Nov 2019 18:55:31 GMT
server: envoy
status: 204
cwdl: 22/139
access-control-allow-origin: https://prnt.sc
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 100
cw-server: bid-deployment-stage-0
content-length: 0

GET
H2 200 adbyv1.gif
cdn.ad4game.com/ Frame A494 112 B
370 B 19ms
19ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5950331&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Figqghw&c=UTF-8&z=66549&b=1&x=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 05 Nov 2019 18:55:31 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
access-control-allow-origin: *
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.138
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
H2 200 a81962e70a5a9fe32f22f680c1ddb50b.jpg
cdn.ad4game.com/ Frame A494 32 KB
32 KB 21ms
21ms Image
image/jpeg 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/a81962e70a5a9fe32f22f680c1ddb50b.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 775a47143b15f90b632a50ffe1a876360185cd5da7afddfb567fe192ff25915d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 05 Nov 2019 18:55:31 GMT
referrer-policy: no-referrer
last-modified: Fri, 24 May 2019 13:47:12 GMT
server: nginx
access-control-allow-origin: *
etag: "5ce7f5e0-7e1e"
status: 200
x-cache: HIT
content-type: image/jpeg
x-serveraddr: 10.100.0.151
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 32286

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ Frame A494 35 B
858 B 356ms
124ms Image
image/gif 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=548996&campaignid=32261&zoneid=66549&bn=ad4game&bid=0.011754799929444&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjU0OSwiYmFubmVyIjo1NDg5OTYsImJpZCI6MC4wMTE3NTQ3OTk5Mjk0NDQ0NzgsImV4cCI6MTU3Mjk4MDE5MX0.ydJNIY-l6GK2OjbjfO-6n9xQUNqkCIq6FqOQuPec1ks&tag=asyncjs&ib=0&cb=Nzc1YWJmNzg1N2U2&ev=3.3&tagi=2019-04-08T11-27&if=1&sf=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 18:55:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12062
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9EBB 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEItpguzqtgtYkqQaDEr4Dko2DqaRttxm8vuTM9IC-yL2vvoxGn1HQ1IqAHa8Y19xCXVcJDG8x1OH0rFNIdMGZPGCf39yrlXnLx55BexJPheVLOhN-_TcC5BU&sai=AMfl-YRaOEbu15yGWSS-ATsbY8h0YQy5MYs3FDK5lOxmi5RRVTBWawxJNOZM4fV8yCpHFrr5e6d-gCXM1Ar_TUebxKWXiJdOZkeGenlVKWYC&sig=Cg0ArKJSzM_Nru6gZCrxEAE&id=ampim&o=429,720&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=106&tls=1106&g=100&h=100&tt=1106&r=v&adk=518174652&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 18:55:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A494 42 B
110 B 16ms
16ms Image
image/gif 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQD7cXSWxwLV_DtPeSHRGWpV8gv-UGuTF3-rZ0un68ZxRkv45FDQbggRBWalJSpvMyEWcDJ7zh3DvOgTz_JUwOlR1OV3kutEn5g6hDpZg&sig=Cg0ArKJSzJquwnU-_ob_EAE&adk=4042975291&tt=1430&bs=1585%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=842,308,1092,608&mcvt=1009&rs=3&ht=0&tfs=447&tls=1456&mc=1&lte=1&bas=0&bac=0&met=no&avms=nio&niot_obs=21&niot_cbk=65&md=2&lm=2&rst=1572980130780&rpt=508&isd=0&msd=0&oseid=3&xdi=0&ps=1585%2C1204&ss=1600%2C1200&pt=26&bin=1&deb=1-1-1-7-15-26-17-14-0-0-0&tvt=1435&r=v&id=osdim&vs=4&uc=15&upc=11&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 18:55:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 worker.nude.js Show response
st.prntscr.com/2019/09/03/1652/js/ 3 KB
1 KB 32ms
31ms XHR
application/javascript 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/worker.nude.js
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/script.mix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 18:55:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:09 GMT
server: cloudflare
age: 922
status: 200
etag: W/"5d6e9ab1-ad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://prnt.sc
cache-control: max-age=1800
cf-ray: 53110ae319e3d925-AMS
expires: Tue, 05 Nov 2019 18:41:12 GMT

GET
BLOB 200
OK f788229c-4dfa-44be-93be-8372c3480d60
https://prnt.sc/ 3 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://prnt.sc/f788229c-4dfa-44be-93be-8372c3480d60
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/script.mix.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Length: 2777
Content-Type: text/javascript

GET
H/1.1 200
OK prebid
bh.contextweb.com/visitormatch/ Frame A494 49 B
630 B 92ms
38ms Image
image/gif 151.101.12.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/visitormatch/prebid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/igqghw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 18:55:34 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 49
X-Served-By: cache-fra19146-FRA
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
Cw-Server: bh-deployment-549b6d8d5c-ct8q8
Expires: -1

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js(Line 508) Message: Powered by AMP ⚡ HTML – Version 1910251950120 https://prnt.sc/igqghw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ad4game.com
adservice.google.com
adservice.google.de
api.prntscr.com
bh.contextweb.com
bid.contextweb.com
brightcombid.marphezis.com
cdn.ad4game.com
cdn.ampproject.org
connect.facebook.net
googleads.g.doubleclick.net
image.prntscr.com
pagead2.googlesyndication.com
platform.twitter.com
prnt.sc
prntscr.com
securepubads.g.doubleclick.net
st.prntscr.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.20.13.105
104.20.14.105
104.244.42.8
104.27.27.84
151.101.12.166
151.139.242.3
172.217.16.130
192.207.255.147
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:814::2001
2a00:1450:4001:814::2002
2a00:1450:4001:817::2004
2a00:1450:4001:824::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c0b::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.21.186.39
74.214.194.133
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a672a0d40d34a4fe5e1200d8575762efe9543c95793e647cce9d698eb5d3e86
15e0a9542e3b37b78841846f6d6bf8ed15e35683cb596d8ed4913e912f8362bb
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
1d97eceed104056daaf08c5e49d81aac0391aa894dfc1729ad3a28a7623cf07b
24af76725a32febb7ba698e7c6c3f1db7eae95380fc500d1d534272364b5100a
25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232
280f70203b9fdb3dfbd9f368a08c198e256d5301d597bf7b3a675e60cbaff697
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359
32b7e8eecdab688ff769db656eec6df7a815ea45c98ccb089f35a5492a9a55df
357f621f505a363b75e13ae553778e633c8020fec168ac5e330795323be517d9
3f749b10128d43c3b8a8706b3c0b15fc1204836a563f44d3566030f83f713323
436f837da1b14b0f9bb56ac3e29d92c2097ccaea911a9e6f98a5a263ec2a70c1
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3
5075b0d31c00903c1a8f437e6e356da4ebf9fe7066ac6809427d184b55fc382c
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82
775a47143b15f90b632a50ffe1a876360185cd5da7afddfb567fe192ff25915d
7881903a3eb1eb7a1fe00f09c012c0ff42d4b749ac2aaf93872912915b0debf1
7c0dc52704e12c73d09e4521ae19d6ec5c5dc848575ab587a02cf95d3b3beca9
7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
861a9006076729edb8007ac5d2b1343935114f28c6e4e754075a69366b51be7d
866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
87ed2f2b7e6cca24345f5b11714e96b5695527dcbb27b401e938a059ae049b12
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102
a0abb6da16eb33b8453216d0d7fc16b0479caedb383977e23e433621dbd1e288
a49094683eae4562d3e2bbe8650a87d9e616557da06ba9c16e2fdac727dd2b1e
a71cc134826b38085a6d63bca1e00de7ab8518ae02f7b5e2ae46cf11781e44e5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758
c4bbc03a9fcd94ea2941b59d5b4d7772cdc893ec3105c3390632fd12b56d303d
cc609a44986d2e1149915c0433325586aa8fd2c892c8a52de017717ec554f6b1
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
d94dd9f1c15cb40a01fe3f987c6499414a7ef7e06e505aa1e25b067cfddd3acf
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238
e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ab34b8a905b1076f36fddd2dc1e2dacd9c1bbca6614ab260e9b40aa0dced41
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

prnt.sc Open in urlscan Pro 104.27.27.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

52 %IPv6

15 Domains

27 Subdomains

20 IPs

5 Countries

832 kBTransfer

2194 kBSize

0 Cookies

12 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

prnt.sc Open in urlscan Pro
104.27.27.84 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

52 %
IPv6

15
Domains

27
Subdomains

20
IPs

5
Countries

832 kB
Transfer

2194 kB
Size

0
Cookies

77 HTTP transactions
3 data transactions