prnt.sc Open in urlscan Pro
104.27.101.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://prntscr.com/li07if
Effective URL:
https://prnt.sc/li07if
Submission: On November 14 via manual (November 14th 2018, 3:19:33 am UTC) from IL

Summary HTTP 122 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 14 domains to perform 122 HTTP transactions. The main IP is 104.27.101.99, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 6th 2018. Valid for: 6 months.

This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.20.14.105 104.20.14.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 19	104.20.13.105 104.20.13.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.27.101.99 104.27.101.99	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 6	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6811:1c5c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
15	151.139.242.3 151.139.242.3	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
9	192.207.255.146 192.207.255.146	62821 (AS-MNX) (AS-MNX - MNX Solutions LLC)
1	2a00:1450:400... 2a00:1450:4001:821::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
17	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
4	74.214.194.133 74.214.194.133	59940 (PULSEPOIN...) (PULSEPOINT-EU)
4	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX - MNX Solutions LLC)
2 5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	199.16.156.21 199.16.156.21	13414 (TWITTER) (TWITTER - Twitter Inc.)
9	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4 8	151.101.0.166 151.101.0.166	54113 (FASTLY) (FASTLY - Fastly)
5 5	216.58.214.98 216.58.214.98	15169 (GOOGLE) (GOOGLE - Google LLC)
122	23

4 104.20.14.105 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.20.13.105 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nudity.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.27.101.99 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prnt.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:821::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1c5c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

widget.uservoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.139.242.3 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.207.255.146 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy1.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.207.255.147 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 2 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.21 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.166 (San Francisco, United States) 4 redirects

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.214.98 (Mountain View, United States) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	ad4game.com cdn.ad4game.com ads.ad4game.com	238 KB
23	doubleclick.net 6 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	348 KB
23	prntscr.com 2 redirects prntscr.com st.prntscr.com image.prntscr.com api.prntscr.com nudity.prntscr.com	196 KB
13	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	161 KB
12	contextweb.com 4 redirects bid.contextweb.com bh.contextweb.com	7 KB
10	google.com 1 redirects www.google.com apis.google.com accounts.google.com adservice.google.com	99 KB
7	facebook.com 2 redirects staticxx.facebook.com www.facebook.com	711 B
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
5	google.de www.google.de adservice.google.de	793 B
4	googletagservices.com www.googletagservices.com	28 KB
2	facebook.net connect.facebook.net	53 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	prnt.sc prnt.sc	20 KB
1	uservoice.com widget.uservoice.com	754 B
122	14

	Domain	Requested by
17	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net prnt.sc
17	st.prntscr.com	prnt.sc st.prntscr.com
15	cdn.ad4game.com	prnt.sc ads.ad4game.com cdn.ad4game.com
13	ads.ad4game.com	cdn.ad4game.com prnt.sc
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net
8	bh.contextweb.com	4 redirects
5	cm.g.doubleclick.net	5 redirects
5	www.facebook.com	2 redirects connect.facebook.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	bid.contextweb.com	cdn.ad4game.com
4	adservice.google.com	www.googletagservices.com
4	adservice.google.de	www.googletagservices.com
4	www.googletagservices.com	ads.ad4game.com
4	platform.twitter.com	prnt.sc platform.twitter.com
4	apis.google.com	prnt.sc apis.google.com
2	staticxx.facebook.com	connect.facebook.net
2	api.prntscr.com	st.prntscr.com prnt.sc
2	connect.facebook.net	prnt.sc
2	www.google-analytics.com	1 redirects prnt.sc
2	prnt.sc	prnt.sc
2	prntscr.com	2 redirects
1	nudity.prntscr.com
1	syndication.twitter.com
1	accounts.google.com	apis.google.com
1	www.google.de	prnt.sc
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	widget.uservoice.com	prnt.sc
1	image.prntscr.com	prnt.sc
122	29

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com

Subject Issuer	Validity	Valid
ssl387277.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-06` - `2019-03-15`	6 months	crt.sh
ssl366238.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-07-09` - `2019-01-15`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2018-10-23` - `2019-01-15`	3 months	crt.sh
uservoice.com CloudFlare Inc ECC CA-2	`2018-08-28` - `2019-08-28`	a year	crt.sh
*.ad4game.com Go Daddy Secure Certificate Authority - G2	`2017-11-23` - `2020-01-16`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2018-10-23` - `2019-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
ads.ad4game.com Go Daddy Secure Certificate Authority - G2	`2016-03-28` - `2019-04-26`	3 years	crt.sh
accounts.google.com Google Internet Authority G3	`2018-10-23` - `2019-01-15`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-10-30` - `2019-01-22`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2016-06-29` - `2019-09-16`	3 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2018-10-23` - `2019-01-15`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://prnt.sc/li07if
Frame ID: 4AFA3C69B3E2D0C12B86328485CA2A51
Requests: 49 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/all.js?hash=fd49f4c1af64e3c7bae67ebf9a7c7d3c&ua=modern_es6
Frame ID: 6B19C1988E4229B753C236EFB1C42FB2
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Fli07if&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.UaBCxDdxP6M.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA%2Fm%3D__features__
Frame ID: C252DE5308A1B18D658765B5EB3A32C4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2535b9a3597d3193477a33b63007079b.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 7AC51CCFB7AD3FC77CC856B085AE9D88
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.UaBCxDdxP6M.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA%2Fm%3D__features__
Frame ID: B1119BE943FC96ED59D65F3553F7745B
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/afATJJjxKE6.js?version=43
Frame ID: 19B59C2F1EFC231C0D76439F832AACAC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2535b9a3597d3193477a33b63007079b.en.html
Frame ID: 3D130B9ACB7CD5A6FDDA20E8B126BD59
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/afATJJjxKE6.js?version=43
Frame ID: FC536BA00CC27FE625B6B5C0FE6BE350
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Dfaaef16a3b02c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Fli07if&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: 8A5FCC40B6B42EE8670AFE5BEBC202B0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fli07if&locale=en_US&migrated=1&sdk=joey&xid=li07if
Frame ID: 2D5B84F5BC7C2C5350F241086952A43E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df1e6114102ec8e4%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: 90C5B40E16CECAB0A77D7E09E7B20672
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 48AEF19704EFC0611B8D5ED7EBB0D4BD
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 102AD32F9EBD3AB976ECFF0C127EB088
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 3BD34F0E0C0BA20E743C543D834CC5EF
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ad4game.com/adbyv1.gif
Frame ID: E6EB49D93373667AF0CC1607D0F8C106
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ad4game.com/adbyv1.gif
Frame ID: D5DA84B6ED61CECF19C75121BFBE9124
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://prntscr.com/li07if HTTP 301
https://prntscr.com/li07if HTTP 301
https://prnt.sc/li07if Page URL

Detected technologies

UserVoice (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

env /^UserVoice$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i
env /pbjs/i
env /PREBID_TIMEOUT/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

122
Requests

99 %
HTTPS

56 %
IPv6

14
Domains

29
Subdomains

23
IPs

3
Countries

1194 kB
Transfer

3492 kB
Size

5
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://app.prntscr.com/translate-lightshot.html
Title: Add your language

Search URL Search Domain Scan URL

URL: https://prntscr.com/gallery.html
Title: Sign in

Search URL Search Domain Scan URL

URL: https://twitter.com/Light_shot

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Lighshot

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/
Title: Captured with Lightshot

Search URL Search Domain Scan URL

URL: http://www.google.com/searchbyimage?image_url=https://image.prntscr.com/image/mme_uL8SSzCfgzpdLLaIuA.png
Title: find similar

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/download.html
Title: Download

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/tutorials.html
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/privacy.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/help.html
Title: Help

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/advertise.html
Title: Advertise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://prntscr.com/li07if HTTP 301
https://prntscr.com/li07if HTTP 301
https://prnt.sc/li07if Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1821467132&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fli07if&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=377320362&gjid=1806545269&cid=1168851873.1542165562&tid=UA-12353127-1&_gid=915702394.1542165562&_r=1&z=2059545249 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_gid=915702394.1542165562&gjid=1806545269&_v=j72&z=2059545249 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_v=j72&z=2059545249 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_v=j72&z=2059545249&slf_rd=1&random=746213172

Request Chain 45

https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df1018b06a331d2c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter/r/afATJJjxKE6.js?version=43

Request Chain 47

https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fli07if&locale=en_US&migrated=1&sdk=joey&xid=li07if HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fli07if&locale=en_US&migrated=1&sdk=joey&xid=li07if

Request Chain 123

https://bh.contextweb.com/visitormatch/prebid HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1

Request Chain 124

https://bh.contextweb.com/visitormatch/prebid HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1

Request Chain 125

https://bh.contextweb.com/visitormatch/prebid HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1

Request Chain 126

https://bh.contextweb.com/visitormatch/prebid HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEAqqC5buVE_gSC9W7cEQMqQ&google_cver=1

122 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request li07if Show response
prnt.sc/
Redirect Chain

http://prntscr.com/li07if
https://prntscr.com/li07if
https://prnt.sc/li07if

15 KB
5 KB

531ms
486ms

Document
text/html

104.27.101.99
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://prnt.sc/li07if

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.101.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a89657b22116ccf4bc3a7dbc786262100701915564918e674be294c4f6879c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: prnt.sc
:scheme: https
:path: /li07if
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 14 Nov 2018 03:19:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=ded0e802019f09a580c68809bb5bc49b41542165561; expires=Thu, 14-Nov-19 03:19:21 GMT; path=/; domain=.prnt.sc; HttpOnly
x-frame-options: SAMEORIGIN
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 47965607db2dc27e-FRA

Redirect headers

status: 301
date: Wed, 14 Nov 2018 03:19:21 GMT
content-type: text/html
content-length: 178
location: https://prnt.sc/li07if
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 479656045cc19768-FRA

GET
S 200 main.css
st.prntscr.com/2018/10/13/2048/css/ 57 KB
9 KB 34ms
11ms Stylesheet
text/css 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/10/13/2048/css/main.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27869d25259a57e13dcdea60dba73c0bee4cb06dc0aeb5b311824b65f0588748

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:50:43 GMT
server: cloudflare
etag: "5bc25aa3-23e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b1e0d9768-FRA
content-length: 9188
expires: Wed, 14 Nov 2018 03:29:48 GMT

GET
S 200 jquery.1.8.2.min.js Show response
st.prntscr.com/2018/10/13/2048/js/ 91 KB
33 KB 37ms
14ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/10/13/2048/js/jquery.1.8.2.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:50:43 GMT
server: cloudflare
etag: "5bc25aa3-827c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b1e0f9768-FRA
content-length: 33404
expires: Wed, 14 Nov 2018 03:28:37 GMT

GET
S 200 script.mix.js Show response
st.prntscr.com/2018/10/13/2048/js/ 70 KB
24 KB 34ms
12ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/10/13/2048/js/script.mix.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5465b852bfdaeaaa55585db03a3c3eca36ab1b81cc753a933662b8d1b2e98d72

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:50:43 GMT
server: cloudflare
etag: "5bc25aa3-5f66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b1e109768-FRA
content-length: 24422
expires: Wed, 14 Nov 2018 03:28:37 GMT

GET
S 200 mme_uL8SSzCfgzpdLLaIuA.png
image.prntscr.com/image/ 103 KB
104 KB 56ms
16ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.prntscr.com/image/mme_uL8SSzCfgzpdLLaIuA.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Magic
Resource Hash: 87265ab23da312f4f93bc87fd618d6be52a6ae8bab32ee12123b71a3d1f4c5e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
x-powered-by: Magic
status: 200
x-temperature: Warm
content-disposition: inline; filename="mme_uL8SSzCfgzpdLLaIuA.webp"
content-length: 105732
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-polished: origFmt=png, origSize=207610
accept-ranges: bytes
cf-ray: 4796560b3b94c2ec-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 11 Nov 2028 03:19:22 GMT

GET
H2 200 li07if
prnt.sc/ 15 KB
15 KB 116ms
115ms Image
text/html 104.27.101.99
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prnt.sc/li07if

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.101.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /li07if
pragma: no-cache
cookie: __cfduid=ded0e802019f09a580c68809bb5bc49b41542165561
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: prnt.sc
referer: https://prnt.sc/li07if
:scheme: https
:method: GET
Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 4796560aff19c27e-FRA

GET
S 200 image-helper.js Show response
st.prntscr.com/2018/10/13/2048/js/ 3 KB
1 KB 12ms
11ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/10/13/2048/js/image-helper.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:49:40 GMT
server: cloudflare
etag: W/"5bc25a64-a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 4796560b6e239768-FRA
expires: Wed, 14 Nov 2018 03:35:02 GMT

GET
S 200 footer-logo.png
st.prntscr.com/2018/10/13/2048/img/ 630 B
838 B 11ms
10ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/footer-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1848
status: 200
content-disposition: inline; filename="footer-logo.webp"
content-length: 630
last-modified: Mon, 05 Sep 2016 15:49:19 GMT
server: cloudflare
etag: "57cd93ff-738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 14 Nov 2018 03:40:22 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b6e259768-FRA
cf-bgj: imgq:100

GET
S 200 jquery.smartbanner.css
st.prntscr.com/2018/10/13/2048/css/ 4 KB
1 KB 39ms
18ms Stylesheet
text/css 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/10/13/2048/css/jquery.smartbanner.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:50:36 GMT
server: cloudflare
etag: W/"5bc25a9c-ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 4796560b1e0e9768-FRA
expires: Wed, 14 Nov 2018 03:24:28 GMT

GET
S 200 jquery.smartbanner.js Show response
st.prntscr.com/2018/10/13/2048/js/ 8 KB
3 KB 11ms
10ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/10/13/2048/js/jquery.smartbanner.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:50:43 GMT
server: cloudflare
etag: "5bc25aa3-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b6e249768-FRA
content-length: 2796
expires: Wed, 14 Nov 2018 03:33:15 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 5082
date: Wed, 14 Nov 2018 01:54:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Wed, 14 Nov 2018 03:54:40 GMT

GET
S 200 vH5wQvnQPL3wtXH5KVXA.js Show response
widget.uservoice.com/ 43 B
754 B 65ms
11ms Script
text/javascript 2606:4700::6811:1c5c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.uservoice.com/vH5wQvnQPL3wtXH5KVXA.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:1c5c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c441b731d557c65a0f7037eb25ac6653358250f5ccb71862b10ebcbd5ffd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 7f88cabe96b5febf46e429c497a4b4d0
x-runtime: 0.021846
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"15c441b731d557c65a0f7037eb25ac66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 4796560bce71650b-FRA
x-rack-cache: pass
expires: Wed, 14 Nov 2018 05:19:22 GMT

GET
S 200 page-bg.png
st.prntscr.com/2018/10/13/2048/img/ 5 KB
6 KB 28ms
27ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/page-bg.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=7116
status: 200
content-disposition: inline; filename="page-bg.webp"
content-length: 5608
last-modified: Sat, 13 Oct 2018 20:50:43 GMT
server: cloudflare
etag: "5bc25aa3-1a7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 14 Nov 2018 03:40:22 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b7e2b9768-FRA
cf-bgj: imgq:100

GET
S 200 icon-facebook_gscale.png
st.prntscr.com/2018/10/13/2048/img/ 1 KB
1 KB 10ms
10ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/icon-facebook_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84b7505eba0e0c989311415d0416fc9850d3214741e62d85a51655db1e6a80c

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:49:06 GMT
server: cloudflare
etag: "5bc25a42-52d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b7e2c9768-FRA
content-length: 1325
expires: Wed, 14 Nov 2018 03:22:47 GMT

GET
S 200 icon-twitter_gscale.png
st.prntscr.com/2018/10/13/2048/img/ 1 KB
2 KB 431ms
430ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/icon-twitter_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9251076990f3881a584eafc43ffe8a85ebee0c82f48c00de4b1f1fa25413e3e7

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 13 Oct 2018 20:49:06 GMT
server: cloudflare
etag: "5bc25a42-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b7e2d9768-FRA
content-length: 1535
expires: Wed, 14 Nov 2018 03:49:22 GMT

GET
S 200 button-download.png
st.prntscr.com/2018/10/13/2048/img/ 1 KB
1 KB 18ms
18ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/button-download.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2222b64c7e37a7d528c8326ebaee33ae44bae57d7654db28e1122c0cae8a93db

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:49:06 GMT
server: cloudflare
etag: "5bc25a42-57c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b8e329768-FRA
content-length: 1404
expires: Wed, 14 Nov 2018 03:24:29 GMT

GET
S 200 button-icon-sep.png
st.prntscr.com/2018/10/13/2048/img/ 40 B
190 B 18ms
18ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/button-icon-sep.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=928
status: 200
content-disposition: inline; filename="button-icon-sep.webp"
content-length: 40
last-modified: Sat, 13 Oct 2018 20:49:06 GMT
server: cloudflare
etag: "5bc25a42-3a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 14 Nov 2018 03:47:21 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b8e339768-FRA
cf-bgj: imgq:100

GET
S 200 header-logo.png
st.prntscr.com/2018/10/13/2048/img/ 4 KB
4 KB 17ms
17ms Image
image/webp 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/header-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=7995
status: 200
content-disposition: inline; filename="header-logo.webp"
content-length: 4152
last-modified: Sat, 13 Oct 2018 20:50:43 GMT
server: cloudflare
etag: "5bc25aa3-1e52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 14 Nov 2018 03:40:22 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560b8e349768-FRA
cf-bgj: imgq:100

GET
S 200 async-ajs.min.js Show response
cdn.ad4game.com/ 3 KB
2 KB 31ms
6ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1343
referrer-policy: no-referrer
last-modified: Thu, 08 Nov 2018 17:17:54 GMT
server: nginx
x-serveraddr: 10.100.0.137
etag: W/"5be46fc2-b49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 icon-abuse.png
st.prntscr.com/2018/10/13/2048/img/ 327 B
466 B 10ms
10ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/icon-abuse.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe0d4140c7b904c7628f72b80591f70d4bd499b1401df123cc24b7d3617c8fa

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:49:06 GMT
server: cloudflare
etag: "5bc25a42-147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560bde489768-FRA
content-length: 327
expires: Wed, 14 Nov 2018 03:27:42 GMT

GET
S 200 icon-camera.png
st.prntscr.com/2018/10/13/2048/img/ 1 KB
1 KB 10ms
9ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/icon-camera.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd2de3ee9231c3511b8b0360375664c7b18d0ad997e37dde494331017f694976

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:49:06 GMT
server: cloudflare
etag: "5bc25a42-441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560bde499768-FRA
content-length: 1089
expires: Wed, 14 Nov 2018 03:35:45 GMT

GET
S 200 icon-edit.png
st.prntscr.com/2018/10/13/2048/img/ 461 B
586 B 10ms
10ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/10/13/2048/img/icon-edit.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Referer: https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
cf-cache-status: HIT
cf-polished: origSize=3153, status=webp_bigger
status: 200
content-length: 461
last-modified: Sat, 13 Oct 2018 20:49:06 GMT
server: cloudflare
etag: "5bc25a42-c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Wed, 14 Nov 2018 03:29:48 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 4796560bde4a9768-FRA
cf-bgj: imgq:100

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1821467132&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fli07if&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1585x...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_gid=915702394.1542165562&gjid=1806545269&_v=j72&z=2059545249
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_v=j72&z=2059545249
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_v=j72&z=2059545249&slf_rd=1&random=746213172

42 B
109 B

20ms
18ms

Image
image/gif

2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_v=j72&z=2059545249&slf_rd=1&random=746213172

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Nov 2018 03:19:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Nov 2018 03:19:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1168851873.1542165562&jid=377320362&_v=j72&z=2059545249&slf_rd=1&random=746213172
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

671bd5d89329b3fce3cc2734cab29ca4436cb62fab1e05c845743a4fe3355081

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-content-type-options: nosniff
content-md5: qrUnBsLebhjlmrwYlM3Lmg==
status: 200
content-length: 3480
x-xss-protection: 0
x-fb-debug: z9q7jc1WCsjedhaD43Bazc/MBf7bP86MiANEZ+ZT6EV6De23rVstzdqcno6/Uuy3b3v+xKPwp/sLMFlgdzpRgw==
x-fb-content-md5: aab52706c2de6e18e59abc1894cdcb9a
date: Wed, 14 Nov 2018 03:19:22 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8bf275d8f127fc30ea5b637e39fb11b0"
timing-allow-origin: *
expires: Wed, 14 Nov 2018 03:27:00 GMT

GET
S 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4b4567df9cf4e4a3f70bc306f46614ae6b0d5f5f5af903377dc8527f167bbb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-wB2naIf5kZaEACH58lfZk/TP+bo' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "2df29450ef7d56a28e6b96bbba62111f"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 14 Nov 2018 03:19:22 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 44ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E7) /
Resource Hash: 3b5525bb001a5b7aff6079a3d033054f94456eff9cbdd2583a40090e3555388c

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 14 Nov 2018 03:19:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Nov 2018 21:49:11 GMT
Server: ECS (fcn/40E7)
Etag: "e3fa90adc1553e60985a0fa124e3e684+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 27962

OPTIONS
S 204 / Show response
api.prntscr.com/v1/ 0
243 B 125ms
104ms XHR
text/plain 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2018/10/13/2048/js/jquery.1.8.2.min.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
server: cloudflare
access-control-allow-origin: https://prnt.sc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: POST, OPTIONS
status: 204
access-control-allow-credentials: true
cf-ray: 4796560c4ca4c2ec-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ 6 KB
2 KB 478ms
125ms Script
text/javascript 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5510586&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=60918,60917,60916&b=7&x=7
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 43533589e99a6e4c96a5134e1a85c0324caf1712c601bc2fe364a0b733d3a824

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.139
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
DATA 200
OK truncated
/ 253 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7c6da996c43f6eebc2f71b8d6f7fd13cde1191d61f68614a7fccd9eba57a7b4

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 all.js Show response
connect.facebook.net/en_US/ Frame 6B19 159 KB
50 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=fd49f4c1af64e3c7bae67ebf9a7c7d3c&ua=modern_es6

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

27b45adca9d2a42e34010c00aaf3ab1952be40c77d1d33bb5cc0400b9d36aadf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eNgs6ecwDjLqYpLdcA2i0g==
status: 200
vary: Accept-Encoding
content-length: 50825
x-xss-protection: 0
x-fb-debug: Ga2ZdVCADL7jdJXgfMBXfaCCyu+NWaQ/vfUd3BCDBsmv6n6b/iCrlUZv2kljbpWf5f5e2qv4DLalYTRu9D7cmA==
x-fb-content-md5: 29842a356722e5779235a82202a24716
date: Wed, 14 Nov 2018 03:19:22 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3434fdcceaebf592b6cb6d7fcef72e70"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Thu, 14 Nov 2019 01:22:09 GMT

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UaBCxDdxP6M.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA/ 131 KB
46 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UaBCxDdxP6M.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9d96ece48a08b66c44c247948d0765bd2b900cd7bdeb6f2438b56df09e3d45be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 13 Nov 2018 18:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Nov 2018 22:36:25 GMT
server: sffe
age: 33190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 46708
x-xss-protection: 1; mode=block
expires: Wed, 13 Nov 2019 18:06:12 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UaBCxDdxP6M.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA/ 100 KB
35 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UaBCxDdxP6M.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fd72527a34fdc025a793115016c4585a6989b02a3b30cecfb3414080f032162d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 13 Nov 2018 18:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Nov 2018 22:36:25 GMT
server: sffe
age: 33187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35654
x-xss-protection: 1; mode=block
expires: Wed, 13 Nov 2019 18:06:15 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame C252 0
0 32ms
31ms Document
text/html 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Fli07if&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.UaBCxDdxP6M.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Fli07if&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.UaBCxDdxP6M.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/li07if
accept-encoding: gzip, deflate
cookie: NID=146=wCUc6WO5L1Fw6FS87zeVJi71k0_UBXRVuozZtE1uy7vmSvAX-8exbBvrRU18Lem8J_950CpzuVJsgBypUo3KNqr-EqYn-4oq1cn7DP_WDlXPMZUKdNOWJ85SNiUxZKN_Zqmkha4j0teVnQvevqrfV00EkHAc9EANsj3o3liUmcQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 14 Nov 2018 03:19:22 GMT
date: Wed, 14 Nov 2018 03:19:22 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-ot/pAP7RtHOfqO8Ds4/vSti04V0' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

POST
S 200 / Show response
api.prntscr.com/v1/ 92 B
308 B 116ms
114ms XHR
application/json 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://prnt.sc
access-control-allow-credentials: true
cf-ray: 4796560d2e909768-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK widget_iframe.2535b9a3597d3193477a33b63007079b.html
platform.twitter.com/widgets/ Frame 7AC5 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2535b9a3597d3193477a33b63007079b.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://prnt.sc/li07if
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Nov 2018 03:19:22 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Mon, 12 Nov 2018 21:48:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK button.e96bb6acc0f8bda511c0c46a84ee18e4.js Show response
platform.twitter.com/js/ 7 KB
3 KB 14ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e96bb6acc0f8bda511c0c46a84ee18e4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash: 00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 14 Nov 2018 03:19:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Nov 2018 21:48:07 GMT
Server: ECS (fcn/40EB)
Etag: "afc5be16085c49e57e5c7974de717b28+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 2300

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame B111 0
0 55ms
29ms Document
text/html 2a00:1450:4001:821::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.UaBCxDdxP6M.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UaBCxDdxP6M.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA/cb=gapi.loaded_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c2MhemTIGb/Fa6dxQG1fOR7sYiU' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.UaBCxDdxP6M.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPJnjTI_d-32bfa9lhcc0LI3ArezA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/li07if
accept-encoding: gzip, deflate
cookie: NID=146=wCUc6WO5L1Fw6FS87zeVJi71k0_UBXRVuozZtE1uy7vmSvAX-8exbBvrRU18Lem8J_950CpzuVJsgBypUo3KNqr-EqYn-4oq1cn7DP_WDlXPMZUKdNOWJ85SNiUxZKN_Zqmkha4j0teVnQvevqrfV00EkHAc9EANsj3o3liUmcQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Nov 2018 03:19:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-c2MhemTIGb/Fa6dxQG1fOR7sYiU' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 afATJJjxKE6.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 19B5 0
0 41ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/afATJJjxKE6.js?version=43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=fd49f4c1af64e3c7bae67ebf9a7c7d3c&ua=modern_es6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/afATJJjxKE6.js?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/li07if
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

status: 200
expires: Wed, 13 Nov 2019 22:15:03 GMT
cache-control: public,max-age=31536000,immutable
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-fb-debug: Vu9QO9vdLVCD4NeAsfQe+1RPXk7afR85tXu8zpD9z90/Hm6GGf5BAMhROx+ZTc0Lp/T5/oS6BqVgE4V82zYYVQ==
content-length: 39425
date: Wed, 14 Nov 2018 03:19:22 GMT

GET
H/1.1 200
OK tweet_button.2535b9a3597d3193477a33b63007079b.en.html
platform.twitter.com/widgets/ Frame 3D13 0
0 40ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2535b9a3597d3193477a33b63007079b.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D0) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://prnt.sc/li07if
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Nov 2018 03:19:22 GMT
Etag: "8b526b464b94e35af5831abfa36daef8+gzip"
Last-Modified: Mon, 12 Nov 2018 21:48:12 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40D0)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12220

GET
S 200 prebid.js Show response
cdn.ad4game.com/ 117 KB
43 KB 13ms
12ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5510586&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 43537
referrer-policy: no-referrer
last-modified: Wed, 24 Oct 2018 13:58:36 GMT
server: nginx
x-serveraddr: 10.100.0.140
etag: W/"5bd07a8c-1d457"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ 26 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5510586&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=60918,60917,60916&b=7&x=7

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

08cbc160b30d431163b2c4eff9cf366fe45d525caa0d8034df6bb5510c9d8c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "10 / 924 of 1000 / last-modified: 1542151984"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9345
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:22 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_275.js Show response
securepubads.g.doubleclick.net/gpt/ 182 KB
62 KB 14ms
14ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

7751b706f0e0b70939bac114d3828d092891997600268ea75959c3378c536b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 62956
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:22 GMT

POST
H/1.1 204
No Content ortb Show response
bid.contextweb.com/header/ 0
610 B 91ms
14ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:22 GMT
Server: nginx
CWDL: 22/135,22/139,22/139
Access-Control-Allow-Origin: https://prnt.sc
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
CW-FEServer: ams-prts08.pulse.prod
CW-Server: ams-bid13
Content-Length: 0

GET
H/1.1 200
OK bid Show response
ads.ad4game.com/v1/ 8 KB
2 KB 664ms
325ms XHR
application/json 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&size=970x90%3B728x90%3B300x250&id=6b13f614964ead%3B7651ef63147452%3B83a0f970a4274c&zoneId=60918%3B60917%3B60916&
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 448c54d309fd0ae6bfdb7d701839e8364d0b78e85fba1b1f66ef3913eae864e2

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:23 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://prnt.sc
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context: application:12063

GET
H2

200

afATJJjxKE6.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame FC53
Redirect Chain

https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%2...
https://staticxx.facebook.com/connect/xd_arbiter/r/afATJJjxKE6.js?version=43

0
0

6ms
6ms

Document
text/html

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/afATJJjxKE6.js?version=43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=fd49f4c1af64e3c7bae67ebf9a7c7d3c&ua=modern_es6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/afATJJjxKE6.js?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/li07if
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

status: 200
expires: Wed, 13 Nov 2019 22:15:03 GMT
cache-control: public,max-age=31536000,immutable
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-fb-debug: Vu9QO9vdLVCD4NeAsfQe+1RPXk7afR85tXu8zpD9z90/Hm6GGf5BAMhROx+ZTc0Lp/T5/oS6BqVgE4V82zYYVQ==
content-length: 39425
date: Wed, 14 Nov 2018 03:19:22 GMT

Redirect headers

status: 302
x-xss-protection: 0
pragma: no-cache
location: https://staticxx.facebook.com/connect/xd_arbiter/r/afATJJjxKE6.js?version=43#cb=f1018b06a331d2c&domain=prnt.sc&origin=https%3A%2F%2Fprnt.sc%2Ff37911d5c704af8&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 3PpT3aT69nPna6zqxUjDWb2Em0BnL194Key8Scvi36zCgZRDZLQ2yrXXuq+LnuNfFaDI10yc+dY+Kq3SgdzT4Q==
content-length: 0
date: Wed, 14 Nov 2018 03:19:22 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 8A5F 0
0 77ms
74ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Dfaaef16a3b02c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Fli07if&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=fd49f4c1af64e3c7bae67ebf9a7c7d3c&ua=modern_es6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Dfaaef16a3b02c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Fli07if&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/li07if
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

status: 200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cache-control: private, no-cache, no-store, must-revalidate
vary: Accept-Encoding
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma: no-cache
x-xss-protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
content-type: text/html; charset="utf-8"
x-fb-debug: 4xrbK//QsbpOHoYevLSPEqnegn0BCYxFA8TrS4DUyODk0SLu3AmQfkCcpqGy0ryN9liogMTuHB7rFWWig/dj6g==
date: Wed, 14 Nov 2018 03:19:22 GMT

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 2D5B
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26...
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26...

0
0

1384ms
1383ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fli07if&locale=en_US&migrated=1&sdk=joey&xid=li07if

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=fd49f4c1af64e3c7bae67ebf9a7c7d3c&ua=modern_es6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fli07if&locale=en_US&migrated=1&sdk=joey&xid=li07if
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/li07if
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

status: 200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cache-control: private, no-cache, no-store, must-revalidate
vary: Accept-Encoding
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma: no-cache
x-xss-protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
content-type: text/html; charset="utf-8"
x-fb-debug: mR9X6YvkmeLbSRMj0fKhRlk8nKw5e2i7aRszoTUsx2mnMmW9xTawko5At064q7uN5ZFMjzVjilRr5GHMrqX/bg==
date: Wed, 14 Nov 2018 03:19:24 GMT

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df35f91c9f529efc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fli07if&locale=en_US&migrated=1&sdk=joey&xid=li07if
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; preload
vary: Origin
access-control-expose-headers: X-FB-Debug, X-Loader-Length
access-control-allow-origin: https://www.facebook.com
content-type: text/html; charset="utf-8"
x-fb-debug: ynCwnFlXqTd7zKNkhKajI8lsJzAyDS1oQsOS4Og6ugLv2lt+tG5u5QTuOYBkuCQ2UO0QqfCnGgvxJM/+gbapsw==
content-length: 0
date: Wed, 14 Nov 2018 03:19:22 GMT

GET
H2 200 like_box.php
www.facebook.com/plugins/ Frame 90C5 0
0 237ms
236ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df1e6114102ec8e4%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=fd49f4c1af64e3c7bae67ebf9a7c7d3c&ua=modern_es6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FafATJJjxKE6.js%3Fversion%3D43%23cb%3Df1e6114102ec8e4%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff37911d5c704af8%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/li07if
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if

Response headers

status: 200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cache-control: private, no-cache, no-store, must-revalidate
vary: Accept-Encoding
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma: no-cache
x-xss-protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
content-type: text/html; charset="utf-8"
x-fb-debug: 1xhCzY7QaLyPwyrqyOB7SkxveMH6CzPGpsJoEmP2suHfs0ykn9lsXQ4F+/6pnnZgmT4l+ZKurvy1gdXPBFGnew==
date: Wed, 14 Nov 2018 03:19:23 GMT

GET
S 200 jot
syndication.twitter.com/i/ 43 B
167 B 131ms
131ms Image
image/gif 199.16.156.21
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2Fli07if%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1542165562952%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f4ab95b%3A1542050364521%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.21 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 14
pragma: no-cache
last-modified: Wed, 14 Nov 2018 03:19:23 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a5aa986e5a52df03f022d72b4e49914b
x-transaction: 00017b5f00bb9366
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
3 KB 164ms
164ms XHR
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=325035867797354&correlator=4251109802378390&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&vrg=275&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C60918%2C6091717%2C60916&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D970x90%26hb_pb_a4g%3D0.59%26hb_adid_a4g%3D6b13f614964ead%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.59%26hb_adid%3D6b13f614964ead%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.25%26hb_adid_a4g%3D7651ef63147452%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D7651ef63147452%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.35%26hb_adid_a4g%3D83a0f970a4274c%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.35%26hb_adid%3D83a0f970a4274c%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1542165563&dt=1542165563485&dlt=1542165562065&idt=756&frm=20&biw=1585&bih=1200&oid=3&adxs=308%2C429%2C308&adys=70%2C1204%2C1326&adks=1432691387%2C518174652%2C4042975291&ucis=1%7C2%7C3&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprnt.sc%2Fli07if&dssz=32&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C728x90%7C300x250&msz=970x-1%7C728x-1%7C300x-1&ga_vid=1168851873.1542165562&ga_sid=1542165563&ga_hid=1821467132&fws=0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

28d647b53625286dd2ecf9cd82f2bf3de95d31e8b22b0dc6e8c00c23ce250b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

date: Wed, 14 Nov 2018 03:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3201
x-xss-protection: 1; mode=block
google-lineitem-id: 4728527423,4728217158,4728217173
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138237963443,138237963437,138237963299
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://prnt.sc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_275.js Show response
securepubads.g.doubleclick.net/gpt/ 61 KB
23 KB 14ms
14ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

850a4c6decf68c2ff186703ea85e4703dd5c285a2e42fe47d974b3ad7455a4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23441
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:23 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Thu, 07 Nov 2019 14:33:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
content-type: text/html

GET
S 200 async-ajs.min.js Show response
cdn.ad4game.com/ Frame 48AE 3 KB
2 KB 6ms
5ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1343
referrer-policy: no-referrer
last-modified: Thu, 08 Nov 2018 17:17:54 GMT
server: nginx
x-serveraddr: 10.100.0.137
etag: W/"5be46fc2-b49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/ Frame 48AE 73 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

106c5562d37543e0d9505b8b75c787eaeaa2ee08a99f9f385568f565b0444afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 07 Nov 2018 14:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27325
x-xss-protection: 1; mode=block
server: cafe
etag: 2726007002868826454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Nov 2018 14:03:38 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 74 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e9cf77edb95978fa6b193724ee40fde091368427e030fed8735cdef6b1a35535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27460
x-xss-protection: 1; mode=block
server: cafe
etag: 5000825381819961729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Nov 2018 04:09:30 GMT

GET
S 200 async-ajs.min.js Show response
cdn.ad4game.com/ Frame 102A 3 KB
2 KB 6ms
6ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1343
referrer-policy: no-referrer
last-modified: Thu, 08 Nov 2018 17:17:54 GMT
server: nginx
x-serveraddr: 10.100.0.137
etag: W/"5be46fc2-b49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/ Frame 102A 73 KB
27 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

106c5562d37543e0d9505b8b75c787eaeaa2ee08a99f9f385568f565b0444afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 07 Nov 2018 14:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27325
x-xss-protection: 1; mode=block
server: cafe
etag: 2726007002868826454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Nov 2018 14:03:38 GMT

GET
S 200 async-ajs.min.js Show response
cdn.ad4game.com/ Frame 3BD3 3 KB
2 KB 8ms
3ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1343
referrer-policy: no-referrer
last-modified: Thu, 08 Nov 2018 17:17:54 GMT
server: nginx
x-serveraddr: 10.100.0.137
etag: W/"5be46fc2-b49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/ Frame 3BD3 73 KB
27 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

106c5562d37543e0d9505b8b75c787eaeaa2ee08a99f9f385568f565b0444afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 07 Nov 2018 14:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27325
x-xss-protection: 1; mode=block
server: cafe
etag: 2726007002868826454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Nov 2018 14:03:38 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 48AE 0
265 B 45ms
41ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss570mOjlABjW6O0nteCzk_0Tl_1mQwbgST_4dka1D6JrXkD1g6hm23O6Rvst7EkRKUY1MKLcpi1LyF-Bya1qpwx5y_Ws8mEcxaO5eAano_oCBEwp-Ox-0iyZ6gCZkyaEdBO3Ml-Feb-kisUZVU9AtKBle4NpFoEAaOkjzQEVCvGfyUgI65u2uUC9E63LumIL-RLytuAt4U2ZTlMXivtmEBp4QgBAnJ2wN6q5VHWiHneQ&sai=AMfl-YRjSDodOxJsHBjpDAgAykdm_Z01lB3wuOGjddA0LtSEgLw-lB_dR-y91evMxk4zaROyNTIWo162R31x0DzOIzd_CezIkdVR2CdOgJlOrA&sig=Cg0ArKJSzPYp7HclBfPBEAE&urlfix=1&adurl=

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:23 GMT

GET
S 200 adbyv1.gif
cdn.ad4game.com/ Frame 48AE 112 B
370 B 10ms
5ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
access-control-allow-origin: *
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.137
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ Frame 48AE 35 B
858 B 467ms
122ms Image
image/gif 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=542533&campaignid=31238&zoneid=60918&referer=&tag=hb&ver=4.0&tagi=2018-10-29T04-11&cb=4FQgKTixSe6XzBRi&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxOCwiZXhwIjoxNTQyMTY1NjIzfQ.e6mhC7ZMcvKePbdbqwfNp-gswuCXiF5EW6zdhnB1XxQ&bn=ad4game&bid=0.594&if=0
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12064
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 102A 0
255 B 44ms
40ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAc5YfdUbCrm2OTp32yL0ByGvy26V6v3M09aIVHejklzz5Na-xmXq_8Nqi0Oc2YaH-1JyyPYQqQlF56TtILcYK-ztnxUvJ6J3HUdkRKgIuEUUM8yAuK8Tb-dqDB8q6GKYiU7onOnhETshg4IZoIJIaTG0bBElmec6Rbstyr6zjxjESLFcx0g1Eij7Q_U93TxfOn_VYUY917Cilw5UUQlfgNS0C9uF1_ueJCpp89AVaNVCs&sai=AMfl-YSMBLw9S1Ha2qU37gjDbYdf8bErXkk2VPuQ8My9JYbHzznTDve0ZX1RVOw86gwXL-yQm77gOr-IYJZJejkPiKNkbOhJtCiEMZ9Ysb3ntw&sig=Cg0ArKJSzAqcdwj8P42KEAE&urlfix=1&adurl=

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:23 GMT

GET
S 200 adbyv1.gif
cdn.ad4game.com/ Frame 102A 112 B
370 B 10ms
6ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
access-control-allow-origin: *
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.137
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ Frame 102A 35 B
858 B 464ms
118ms Image
image/gif 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=542532&campaignid=31237&zoneid=60917&referer=&tag=hb&ver=4.0&tagi=2018-10-29T04-11&cb=BYmU2M5t3dTnuwR8&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNywiZXhwIjoxNTQyMTY1NjIzfQ.0sCddlVtRju_PlsPZsmQuZjJq1Kqje6iSo3A_XGwu3c&bn=ad4game&bid=0.252&if=0
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12064
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3BD3 0
264 B 44ms
40ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcfvJDJpcr4xQoXOAFkU47SA3EdwTmGLUFmfWgQj6d8jBkNfZEVtRtUEX6Zod-xbHnoz_Lp0IRYX1dwtelUAogwbT9VZBsytEVn3aguKnWLqgAq5JoMmd6suFGEPNxdUSRM_Pmc-HV8YMZ75W78LkUsMWw0onxpWyH1W4fUFTP47kL6CzbqhrH-_pJYPifPUZnD37mkaKDP2impJKmrRjIoyZoQD6na59Hw-F0YC261A&sai=AMfl-YQrFpfwK2KG-MzBapAarAR_Vqczv52_GzoN6Z4yzDvn9WVzFomLS9XFqBpo5RI-8dtoO616gaxFetTkVV13ELYqlrsIsRo02uaOXyqUIg&sig=Cg0ArKJSzLBf1YwzNiOpEAE&urlfix=1&adurl=

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:23 GMT

GET
S 200 adbyv1.gif
cdn.ad4game.com/ Frame 3BD3 112 B
370 B 9ms
6ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
access-control-allow-origin: *
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.137
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ Frame 3BD3 35 B
858 B 465ms
119ms Image
image/gif 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=541977&campaignid=31069&zoneid=60916&referer=&tag=hb&ver=4.0&tagi=2018-10-29T04-11&cb=hwDJUegnBnc6Qpsy&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNiwiZXhwIjoxNTQyMTY1NjIzfQ.EQz-Hr1KR8Q9C42RHduyYi35geRcuUVAPyHjxbSQ880&bn=ad4game&bid=0.358&if=0
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12062
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 102A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39a3d90c2bb2add1ae563c08f5e9d39c32ff8da51b57000903d38dac255d29c4

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ Frame 102A 4 KB
2 KB 348ms
115ms Script
text/javascript 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g4822378&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66610&b=1&x=1
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: a0bf6a4b186c0668e3f8969ed8e43cbd7f2722538ef7d94272af95f9811cc5ba

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.137
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ Frame 48AE 4 KB
2 KB 355ms
116ms Script
text/javascript 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g9666189&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66613&b=1&x=1
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: fe7dce051faa31c8b524cf37c1c25410a0c17565730b021c7b66d66f506dfce3

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.140
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
DATA 200
OK truncated
/ Frame 48AE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21b89557630edb9c703c6b8f48dcb8ef43c445ca84f37fed409809eda54c9b93

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ Frame 3BD3 4 KB
2 KB 445ms
117ms Script
text/javascript 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8517583&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66549&b=1&x=1
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 60a747171a80a3295958a53cea350fe14a2285686416bc4782b0e07834ed959b

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.151
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
DATA 200
OK truncated
/ Frame 3BD3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ee7f8b9bdef3664b7e8a269de87f05cc52ddb3463cb65648879e1af550ccac5

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 prebid.js Show response
cdn.ad4game.com/ Frame 102A 117 KB
43 KB 6ms
6ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g4822378&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66610&b=1&x=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 43537
referrer-policy: no-referrer
last-modified: Wed, 24 Oct 2018 13:58:36 GMT
server: nginx
x-serveraddr: 10.100.0.140
etag: W/"5bd07a8c-1d457"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 102A 26 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g4822378&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66610&b=1&x=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f7277d302e677d990c8fb5d20c563cac1bcf33fc4bc47ee782877a2b81ee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "10 / 10 of 1000 / last-modified: 1542151984"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9340
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame 102A 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame 102A 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_275.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 102A 182 KB
62 KB 14ms
13ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

7751b706f0e0b70939bac114d3828d092891997600268ea75959c3378c536b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 62956
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

POST
H/1.1 204
No Content ortb Show response
bid.contextweb.com/header/ Frame 102A 0
514 B 14ms
13ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:24 GMT
Server: nginx
CWDL: 22/139
Access-Control-Allow-Origin: https://prnt.sc
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
CW-FEServer: ams-prts08.pulse.prod
CW-Server: ams-bid03
Content-Length: 0

GET
H/1.1 200
OK bid Show response
ads.ad4game.com/v1/ Frame 102A 2 KB
2 KB 358ms
121ms XHR
application/json 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2F&size=728x90&id=4a6e758f449979&zoneId=66610&
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 6a48c1c108d3a937dddabfc5c329f6570401e9c8a5887ab66172b4b47186f80c

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://prnt.sc
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context: application:12064

GET
S 200 prebid.js Show response
cdn.ad4game.com/ Frame 48AE 117 KB
0 6ms
6ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g9666189&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66613&b=1&x=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 43537
referrer-policy: no-referrer
last-modified: Wed, 24 Oct 2018 13:58:36 GMT
server: nginx
x-serveraddr: 10.100.0.140
etag: W/"5bd07a8c-1d457"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 48AE 26 KB
0 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g9666189&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66613&b=1&x=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f7277d302e677d990c8fb5d20c563cac1bcf33fc4bc47ee782877a2b81ee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "10 / 10 of 1000 / last-modified: 1542151984"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9340
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame 48AE 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame 48AE 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_275.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 48AE 182 KB
62 KB 14ms
14ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

7751b706f0e0b70939bac114d3828d092891997600268ea75959c3378c536b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 62956
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

POST
H/1.1 204
No Content ortb Show response
bid.contextweb.com/header/ Frame 48AE 0
514 B 14ms
14ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:24 GMT
Server: nginx
CWDL: 22/135
Access-Control-Allow-Origin: https://prnt.sc
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
CW-FEServer: ams-prts08.pulse.prod
CW-Server: ams-bid07
Content-Length: 0

GET
H/1.1 200
OK bid Show response
ads.ad4game.com/v1/ Frame 48AE 2 KB
2 KB 346ms
125ms XHR
application/json 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2F&size=970x90&id=45d491cd7cba1e&zoneId=66613&
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 81d428cb31983ed49ce0757cbee66d77ebefd385daa421dbf121c4c0c890014e

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://prnt.sc
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context: application:12064

GET
S 200 prebid.js Show response
cdn.ad4game.com/ Frame 3BD3 117 KB
43 KB 6ms
6ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8517583&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66549&b=1&x=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 43537
referrer-policy: no-referrer
last-modified: Wed, 24 Oct 2018 13:58:36 GMT
server: nginx
x-serveraddr: 10.100.0.140
etag: W/"5bd07a8c-1d457"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3BD3 26 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8517583&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fli07if&c=UTF-8&z=66549&b=1&x=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

08cbc160b30d431163b2c4eff9cf366fe45d525caa0d8034df6bb5510c9d8c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "10 / 646 of 1000 / last-modified: 1542151984"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9345
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3BD3 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3BD3 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_275.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3BD3 182 KB
62 KB 15ms
14ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

7751b706f0e0b70939bac114d3828d092891997600268ea75959c3378c536b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 62956
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

GET
H/1.1 200
OK bid Show response
ads.ad4game.com/v1/ Frame 3BD3 2 KB
2 KB 671ms
324ms XHR
application/json 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2F&size=300x250&id=20fa4255eed9&zoneId=66549&
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 78e82e9f8f971e4da147ca28fb66b50dcb0c6b928b5264841fa77f142d91d291

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://prnt.sc
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context: application:12063

POST
H/1.1 204
No Content ortb Show response
bid.contextweb.com/header/ Frame 3BD3 0
514 B 14ms
14ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://prnt.sc/li07if
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Nov 2018 03:19:24 GMT
Server: nginx
CWDL: 22/139
Access-Control-Allow-Origin: https://prnt.sc
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
CW-FEServer: ams-prts08.pulse.prod
CW-Server: ams-bid00
Content-Length: 0

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 102A 3 KB
2 KB 155ms
154ms XHR
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2612172202309504&correlator=2065091278634771&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062068%2C21062150%2C21062577&vrg=275&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C66610&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.03%26hb_adid_a4g%3D4a6e758f449979%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D4a6e758f449979%26hb_bidder%3Da4g&eri=1&cookie=ID%3D9a8a941a390c9233%3AT%3D1542165563%3AS%3DALNI_Ma__nW4m5df7H_sImibeHDQOQEqYg&cdm=prnt.sc&bc=15&lmt=1542165564&dt=1542165564453&dlt=1542165563504&idt=609&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=1204&adks=3874379858&ucis=8kwvuzufnofh&gut=v2&ifi=1&ifk=2231230500&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fprnt.sc%2Fli07if&top=https%3A%2F%2Fprnt.sc%2Fli07if&dssz=18&icsg=2722&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&ga_vid=1168851873.1542165562&ga_sid=1542165564&ga_hid=563663545&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

eed74ec6debb4085318d1f0a964031564402102e9fa7ed0b31dc56b524b276cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1858
x-xss-protection: 1; mode=block
google-lineitem-id: 4728527036
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138237963296
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://prnt.sc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_275.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 102A 61 KB
23 KB 15ms
14ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

850a4c6decf68c2ff186703ea85e4703dd5c285a2e42fe47d974b3ad7455a4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23441
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 102A 0
0 6ms
5ms Other
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Wed, 06 Nov 2019 17:33:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
content-type: text/html

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 48AE 329 B
325 B 168ms
167ms XHR
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1783444897045352&correlator=1458805358463805&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060637%2C21061865%2C21062150&vrg=275&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C66613&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&eri=1&cookie=ID%3D9a8a941a390c9233%3AT%3D1542165563%3AS%3DALNI_Ma__nW4m5df7H_sImibeHDQOQEqYg&cdm=prnt.sc&bc=15&lmt=1542165564&dt=1542165564475&dlt=1542165563504&idt=615&ea=0&frm=23&biw=1585&bih=1200&isw=970&ish=90&oid=3&adxs=308&adys=70&adks=2186833435&ucis=k50hr9qonza1&gut=v2&ifi=1&ifk=1031316397&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fprnt.sc%2Fli07if&top=https%3A%2F%2Fprnt.sc%2Fli07if&dssz=18&icsg=2722&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1168851873.1542165562&ga_sid=1542165564&ga_hid=1591914385&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

8258be8badd7301c32880838c553aea1e856eed92425ac84ceccf14c8b5be850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 232
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://prnt.sc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_275.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 48AE 61 KB
23 KB 15ms
15ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

850a4c6decf68c2ff186703ea85e4703dd5c285a2e42fe47d974b3ad7455a4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23441
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 48AE 0
0 6ms
5ms Other
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Wed, 06 Nov 2019 17:33:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
content-type: text/html

GET
S 200 adbyv1.gif
cdn.ad4game.com/ Frame E6EB 112 B
0 9ms
6ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
x-serveraddr: 10.100.0.137
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/ Frame E6EB 73 KB
0 9ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

106c5562d37543e0d9505b8b75c787eaeaa2ee08a99f9f385568f565b0444afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 07 Nov 2018 14:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27325
x-xss-protection: 1; mode=block
server: cafe
etag: 2726007002868826454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Nov 2018 14:03:38 GMT

GET
DATA 200
OK truncated
/ Frame E6EB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa0081051f52fd157393af55ffe8741413a9c9216205cd68a7b0bba66e6a5c3d

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 102A 74 KB
27 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e9cf77edb95978fa6b193724ee40fde091368427e030fed8735cdef6b1a35535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27460
x-xss-protection: 1; mode=block
server: cafe
etag: 5000825381819961729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Nov 2018 04:09:30 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame E6EB 0
65 B 43ms
41ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWCUt7jlRzI-wiYAwYr9C05qEjf5HQm_su9ydoqlUJAb6TVZ-JsOJoFO77A4ncfIKj_WCT61KR35FMbvBfuiAeol7L5-kfPywEXZB9Gwt8nMXqaMysS1yl4XaeFQo9LhalPvYOD4599ha-8s4uBeuD_sP3L0nqVxFYaMEVQKdLj_E5tZcN2ypXFbWVKTulghrpjnvypXdo2kjeOQKcFLBvWKddWvhqqSA8acCAohPv&sai=AMfl-YT_9uf8dt-ahOBemqbywcgu9RzrhYR3JXf8H-KAnpdlBqefaT6Ra5-TAj5yGvnoiGZ1b8N5WNL243tmrLjKOdMxU7sU3AlT7XriiLgVf8IpKsRLzw8Gx4zJHNP0&sig=Cg0ArKJSzCWPSmvwmqU6EAE&urlfix=1&adurl=

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
S 200 674ce80f85f2ec5485218f6c4142e0b8.gif
cdn.ad4game.com/ Frame E6EB 47 KB
48 KB 10ms
8ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/674ce80f85f2ec5485218f6c4142e0b8.gif
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: e12d19216fc36b566f02283daf16d6dfca6a358cf28433c3bbbbda7f44cef4a0

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:24 GMT
referrer-policy: no-referrer
last-modified: Wed, 25 Nov 2015 10:04:45 GMT
server: nginx
access-control-allow-origin: *
etag: "565587bd-bd84"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.137
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 48516

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ Frame E6EB 35 B
858 B 344ms
118ms Image
image/gif 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=541848&campaignid=31005&zoneid=66610&referer=&tag=hb&ver=4.0&tagi=2018-10-29T04-11&cb=KHbjfwMh9uazPGTg&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjYxMCwiZXhwIjoxNTQyMTY1NjI0fQ.B8Lld_JTGbcRDitaQZDwnSMXW5zQ3zZ0AN3q60inL8Y&bn=ad4game&bid=0.036&if=0
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12064
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3BD3 3 KB
2 KB 131ms
130ms XHR
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2179887235716708&correlator=3369534092550179&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062577&vrg=275&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C66549&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.16%26hb_adid_a4g%3D20fa4255eed9%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.16%26hb_adid%3D20fa4255eed9%26hb_bidder%3Da4g&eri=1&cookie=ID%3D9a8a941a390c9233%3AT%3D1542165563%3AS%3DALNI_Ma__nW4m5df7H_sImibeHDQOQEqYg&cdm=prnt.sc&bc=15&lmt=1542165564&dt=1542165564886&dlt=1542165563505&idt=733&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=308&adys=1326&adks=2032208368&ucis=5y07bc4gii8c&gut=v2&ifi=1&ifk=1399045475&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fprnt.sc%2Fli07if&top=https%3A%2F%2Fprnt.sc%2Fli07if&dssz=18&icsg=2722&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1193658565.1542165565&ga_sid=1542165565&ga_hid=1639419787&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

09ad6c64fdfed25cdcc393d1a91c17f0203ad165f949e59339f4b39b7f08df72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

date: Wed, 14 Nov 2018 03:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1824
x-xss-protection: 1; mode=block
google-lineitem-id: 4728526997
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138237963443
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://prnt.sc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_275.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3BD3 61 KB
23 KB 14ms
14ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

850a4c6decf68c2ff186703ea85e4703dd5c285a2e42fe47d974b3ad7455a4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Nov 2018 18:14:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23441
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:24 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 3BD3 0
0 6ms
5ms Other
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Wed, 06 Nov 2019 17:33:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
content-type: text/html

GET
S 200 adbyv1.gif
cdn.ad4game.com/ Frame D5DA 112 B
0 9ms
6ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:23 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
x-serveraddr: 10.100.0.137
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/ Frame D5DA 73 KB
0 9ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181107/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

106c5562d37543e0d9505b8b75c787eaeaa2ee08a99f9f385568f565b0444afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 07 Nov 2018 14:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27325
x-xss-protection: 1; mode=block
server: cafe
etag: 2726007002868826454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Nov 2018 14:03:38 GMT

GET
DATA 200
OK truncated
/ Frame D5DA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed89f9563762c02988f0a4449a6e246a0ff33b8800550fa91a99777df771773f

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3BD3 74 KB
27 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_275.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e9cf77edb95978fa6b193724ee40fde091368427e030fed8735cdef6b1a35535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 14 Nov 2018 03:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27460
x-xss-protection: 1; mode=block
server: cafe
etag: 5000825381819961729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Nov 2018 04:09:30 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5DA 0
286 B 41ms
40ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssNM5CJkg3ffuYZjkdts6oZMln1MsQe47Eyf-rKTWWsogRoAPHALSd5l-VYtfG4sfkUDi3jEHC0zDza22dEjl-7AQloGD30JJDwENQQ4J4F8wMWO1vXU4CKQbFeghYhV39KLFefMqXRvK8GEKqraQFkC3_57gPP6ayKwWkQg0NuwkViLD08ZxlPEg4VzgGoTpo2ajcsWpNFOO_WD4o-d9Ff7U45U2ZL12_RYx8R6-CEg&sai=AMfl-YTPwf-0EsSsgj-zKAEvK-zqTsTjAFLZy2aoJz_KgyK0bOc-z0fTojppibrTOnasvtLaEUN3LdyqV_8bX3xPxv3DAK9jGFbyVY581I-C3Q&sig=Cg0ArKJSzBaGAuyaA8LgEAE&urlfix=1&adurl=

Requested by

Host: prnt.sc
URL: https://prnt.sc/li07if

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Nov 2018 03:19:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 14 Nov 2018 03:19:25 GMT

GET
S 200 f315fac9bab0f2282acb42f4045a2515.gif
cdn.ad4game.com/ Frame D5DA 35 KB
35 KB 7ms
6ms Image
image/gif 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/f315fac9bab0f2282acb42f4045a2515.gif
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 1fa92593e57123bffe51a374d1687221a79902397f75a923e539901ac8dc70a9

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 14 Nov 2018 03:19:25 GMT
referrer-policy: no-referrer
last-modified: Tue, 26 Jan 2016 14:46:38 GMT
server: nginx
access-control-allow-origin: *
etag: "56a786ce-8bc2"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.140
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 35778

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ Frame D5DA 35 B
858 B 354ms
122ms Image
image/gif 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=541852&campaignid=31005&zoneid=66549&referer=&tag=hb&ver=4.0&tagi=2018-10-29T04-11&cb=SMui90jeBcmo6scb&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjU0OSwiZXhwIjoxNTQyMTY1NjI0fQ.AinNi3bpX84bJDsQSCY900fYn4KTC5faPOYDVrK3L28&bn=ad4game&bid=0.164&if=0
Requested by: Host: prnt.sc
URL: https://prnt.sc/li07if
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

Pragma: no-cache
Date: Wed, 14 Nov 2018 03:19:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12062
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 48AE 42 B
116 B 39ms
39ms Image
image/gif 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVmp8AfQ7UFT-1Tg-adZJM8IVinqB4XZbpcWmfsFUn4CFEZW8YNAoKmUdPLcRSaVeU3ERVwA5cnQP4PsyZ4vrE4bOgGEVY8J8hZ3g&sig=Cg0ArKJSzOlvun2UdZKoEAE&adk=1432691387&tt=1479&bs=1585%2C1200&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&p=70,308,160,1278&mcvt=1044&rs=3&ht=0&tfs=445&tls=1489&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1542165563673&rpt=482&isd=0&msd=0&ps=1585%2C1688&ss=1600%2C1200&pt=11&deb=1-3-3-8-18-11-54-14&tvt=1481&r=v&id=osdim&uc=17&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=970x90&v=r20181107

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Nov 2018 03:19:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 worker.nude.js Show response
st.prntscr.com/2018/10/13/2048/js/ 3 KB
1 KB 14ms
13ms XHR
application/javascript 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/10/13/2048/js/worker.nude.js
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2018/10/13/2048/js/script.mix.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://prnt.sc/li07if
Origin: https://prnt.sc

Response headers

date: Wed, 14 Nov 2018 03:19:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 13 Oct 2018 20:50:34 GMT
server: cloudflare
status: 200
etag: W/"5bc25a9a-ad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://prnt.sc
cache-control: max-age=1800
cf-ray: 4796561e981bc2ec-FRA
expires: Wed, 14 Nov 2018 03:47:24 GMT

GET
BLOB 200
OK ab2cb5fd-9690-4dad-ac7d-ebed439b7cf3
https://prnt.sc/ 3 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://prnt.sc/ab2cb5fd-9690-4dad-ac7d-ebed439b7cf3
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2018/10/13/2048/js/script.mix.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 2777
Content-Type: text/javascript

GET
S 204 li07if
nudity.prntscr.com/report/nude/ 0
150 B 565ms
543ms Image
text/plain 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nudity.prntscr.com/report/nude/li07if
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Wed, 14 Nov 2018 03:19:25 GMT
server: cloudflare
cf-ray: 4796561f3a539768-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/
Redirect Chain

https://bh.contextweb.com/visitormatch/prebid
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1

49 B
577 B

18ms
18ms

Image
image/gif

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 14 Nov 2018 03:19:26 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 49
X-Served-By: cache-fra19142-FRA
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
Cw-Server: bh-deployment-5f474bdbcd-jl6nm
Expires: -1

Redirect headers

pragma: no-cache
date: Wed, 14 Nov 2018 03:19:26 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 306
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/ Frame 102A
Redirect Chain

https://bh.contextweb.com/visitormatch/prebid
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1

49 B
577 B

21ms
17ms

Image
image/gif

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 14 Nov 2018 03:19:27 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 49
X-Served-By: cache-fra19142-FRA
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
Cw-Server: bh-deployment-5f474bdbcd-jl6nm
Expires: -1

Redirect headers

pragma: no-cache
date: Wed, 14 Nov 2018 03:19:27 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 306
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/ Frame 48AE
Redirect Chain

https://bh.contextweb.com/visitormatch/prebid
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1

49 B
577 B

20ms
18ms

Image
image/gif

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 14 Nov 2018 03:19:27 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 49
X-Served-By: cache-fra19142-FRA
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
Cw-Server: bh-deployment-5f474bdbcd-jl6nm
Expires: -1

Redirect headers

pragma: no-cache
date: Wed, 14 Nov 2018 03:19:27 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEG2VU9aDC297iCqJGCYQmlc&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 306
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/ Frame 3BD3
Redirect Chain

https://bh.contextweb.com/visitormatch/prebid
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEAqqC5buVE_gSC9W7cEQMqQ&google_cver=1

49 B
577 B

19ms
18ms

Image
image/gif

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEAqqC5buVE_gSC9W7cEQMqQ&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://prnt.sc/li07if
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 14 Nov 2018 03:19:27 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 49
X-Served-By: cache-fra19142-FRA
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
Cw-Server: bh-deployment-5f474bdbcd-pl75m
Expires: -1

Redirect headers

pragma: no-cache
date: Wed, 14 Nov 2018 03:19:27 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEAqqC5buVE_gSC9W7cEQMqQ&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 306
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 00:46:16	Name: NID Value: 146=wCUc6WO5L1Fw6FS87zeVJi71k0_UBXRVuozZtE1uy7vmSvAX-8exbBvrRU18Lem8J_950CpzuVJsgBypUo3KNqr-EqYn-4oq1cn7DP_WDlXPMZUKdNOWJ85SNiUxZKN_Zqmkha4j0teVnQvevqrfV00EkHAc9EANsj3o3liUmcQ
.prnt.sc/	1970-01-18 20:22:45	Name: _gat Value: 1
.prnt.sc/	1970-01-18 20:24:11	Name: _gid Value: GA1.2.915702394.1542165562
.prnt.sc/	1970-01-19 13:53:57	Name: _ga Value: GA1.2.1168851873.1542165562
.prnt.sc/	1970-01-19 05:08:21	Name: __cfduid Value: ded0e802019f09a580c68809bb5bc49b41542165561

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://widget.uservoice.com/vH5wQvnQPL3wtXH5KVXA.js(Line 1) Message: UserVoice widget not found.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.ad4game.com
adservice.google.com
adservice.google.de
api.prntscr.com
apis.google.com
bh.contextweb.com
bid.contextweb.com
cdn.ad4game.com
cm.g.doubleclick.net
connect.facebook.net
image.prntscr.com
nudity.prntscr.com
pagead2.googlesyndication.com
platform.twitter.com
prnt.sc
prntscr.com
securepubads.g.doubleclick.net
st.prntscr.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
widget.uservoice.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.20.13.105
104.20.14.105
104.27.101.99
151.101.0.166
151.139.242.3
192.207.255.146
192.207.255.147
199.16.156.21
216.58.206.2
216.58.214.98
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:1c5c
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2004
2a00:1450:4001:821::200d
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c0a::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
74.214.194.133
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08cbc160b30d431163b2c4eff9cf366fe45d525caa0d8034df6bb5510c9d8c43
09ad6c64fdfed25cdcc393d1a91c17f0203ad165f949e59339f4b39b7f08df72
106c5562d37543e0d9505b8b75c787eaeaa2ee08a99f9f385568f565b0444afb
15c441b731d557c65a0f7037eb25ac6653358250f5ccb71862b10ebcbd5ffd65
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
1fa92593e57123bffe51a374d1687221a79902397f75a923e539901ac8dc70a9
21b89557630edb9c703c6b8f48dcb8ef43c445ca84f37fed409809eda54c9b93
2222b64c7e37a7d528c8326ebaee33ae44bae57d7654db28e1122c0cae8a93db
27869d25259a57e13dcdea60dba73c0bee4cb06dc0aeb5b311824b65f0588748
27b45adca9d2a42e34010c00aaf3ab1952be40c77d1d33bb5cc0400b9d36aadf
28d647b53625286dd2ecf9cd82f2bf3de95d31e8b22b0dc6e8c00c23ce250b4b
35a89657b22116ccf4bc3a7dbc786262100701915564918e674be294c4f6879c
39a3d90c2bb2add1ae563c08f5e9d39c32ff8da51b57000903d38dac255d29c4
3b5525bb001a5b7aff6079a3d033054f94456eff9cbdd2583a40090e3555388c
43533589e99a6e4c96a5134e1a85c0324caf1712c601bc2fe364a0b733d3a824
448c54d309fd0ae6bfdb7d701839e8364d0b78e85fba1b1f66ef3913eae864e2
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3
4b4567df9cf4e4a3f70bc306f46614ae6b0d5f5f5af903377dc8527f167bbb95
5465b852bfdaeaaa55585db03a3c3eca36ab1b81cc753a933662b8d1b2e98d72
60a747171a80a3295958a53cea350fe14a2285686416bc4782b0e07834ed959b
671bd5d89329b3fce3cc2734cab29ca4436cb62fab1e05c845743a4fe3355081
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a
6a48c1c108d3a937dddabfc5c329f6570401e9c8a5887ab66172b4b47186f80c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ee7f8b9bdef3664b7e8a269de87f05cc52ddb3463cb65648879e1af550ccac5
7751b706f0e0b70939bac114d3828d092891997600268ea75959c3378c536b1a
78e82e9f8f971e4da147ca28fb66b50dcb0c6b928b5264841fa77f142d91d291
81d428cb31983ed49ce0757cbee66d77ebefd385daa421dbf121c4c0c890014e
8258be8badd7301c32880838c553aea1e856eed92425ac84ceccf14c8b5be850
82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
850a4c6decf68c2ff186703ea85e4703dd5c285a2e42fe47d974b3ad7455a4fb
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
87265ab23da312f4f93bc87fd618d6be52a6ae8bab32ee12123b71a3d1f4c5e2
9251076990f3881a584eafc43ffe8a85ebee0c82f48c00de4b1f1fa25413e3e7
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
9d96ece48a08b66c44c247948d0765bd2b900cd7bdeb6f2438b56df09e3d45be
a0bf6a4b186c0668e3f8969ed8e43cbd7f2722538ef7d94272af95f9811cc5ba
a7c6da996c43f6eebc2f71b8d6f7fd13cde1191d61f68614a7fccd9eba57a7b4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc
b84b7505eba0e0c989311415d0416fc9850d3214741e62d85a51655db1e6a80c
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758
bfe0d4140c7b904c7628f72b80591f70d4bd499b1401df123cc24b7d3617c8fa
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
dd2de3ee9231c3511b8b0360375664c7b18d0ad997e37dde494331017f694976
e12d19216fc36b566f02283daf16d6dfca6a358cf28433c3bbbbda7f44cef4a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f7277d302e677d990c8fb5d20c563cac1bcf33fc4bc47ee782877a2b81ee25
e9cf77edb95978fa6b193724ee40fde091368427e030fed8735cdef6b1a35535
ed89f9563762c02988f0a4449a6e246a0ff33b8800550fa91a99777df771773f
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
eed74ec6debb4085318d1f0a964031564402102e9fa7ed0b31dc56b524b276cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
fa0081051f52fd157393af55ffe8741413a9c9216205cd68a7b0bba66e6a5c3d
fd72527a34fdc025a793115016c4585a6989b02a3b30cecfb3414080f032162d
fe7dce051faa31c8b524cf37c1c25410a0c17565730b021c7b66d66f506dfce3

prnt.sc Open in urlscan Pro 104.27.101.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

99 %HTTPS

56 %IPv6

14 Domains

29 Subdomains

23 IPs

3 Countries

1194 kBTransfer

3492 kBSize

5 Cookies

12 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

prnt.sc Open in urlscan Pro
104.27.101.99 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

99 %
HTTPS

56 %
IPv6

14
Domains

29
Subdomains

23
IPs

3
Countries

1194 kB
Transfer

3492 kB
Size

5
Cookies

122 HTTP transactions
6 data transactions