urlscan.io logo urlscan.io
SecurityTrails logo

prnt.sc Open in urlscan Pro
104.27.100.99  Public Scan

Go To Rescan Add Verdict Report
URL: https://prnt.sc/lo7mxr
Submission: On December 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 14 domains to perform 130 HTTP transactions. The main IP is 104.27.100.99, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 6th 2018. Valid for: 6 months.
This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.27.100.99 13335 (CLOUDFLAR...)
20 104.20.14.105 13335 (CLOUDFLAR...)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 151.139.242.3 33438 (HIGHWINDS2)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
6 192.207.255.146 62821 (AS-MNX)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.16.156.52 13414 (TWITTER)
8 2a00:1450:400... 15169 (GOOGLE)
4 74.214.194.133 59940 (PULSEPOIN...)
6 192.207.255.147 62821 (AS-MNX)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 172.217.23.162 15169 (GOOGLE)
2 5 2a03:2880:f11... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 8 151.101.0.166 54113 (FASTLY)
4 4 172.217.22.34 15169 (GOOGLE)
130 22
2    104.27.100.99 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
prnt.sc
20    104.20.14.105 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
st.prntscr.com
image.prntscr.com
api.prntscr.com
6    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
apis.google.com
1    2606:4700::6811:1f5c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
widget.uservoice.com
14    151.139.242.3 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
cdn.ad4game.com
1    2a00:1450:400c:c06::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81f::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
4    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
6    192.207.255.146 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy1.ad4game.com
ads.ad4game.com
1    2a00:1450:4001:81f::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
accounts.google.com
1    199.16.156.52 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
8    2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
4    74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
bid.contextweb.com
6    192.207.255.147 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com
ads.ad4game.com
4    2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
4    2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
16    172.217.23.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
5    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
6    2a00:1450:4001:81f::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
5    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
8    151.101.0.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
4    172.217.22.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net
cm.g.doubleclick.net
Domain Requested by
17 st.prntscr.com prnt.sc
www.google-analytics.com
st.prntscr.com
16 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
prnt.sc
14 cdn.ad4game.com prnt.sc
cdn.ad4game.com
ads.ad4game.com
12 ads.ad4game.com cdn.ad4game.com
prnt.sc
8 bh.contextweb.com 4 redirects
8 www.googletagservices.com ads.ad4game.com
securepubads.g.doubleclick.net
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
5 www.facebook.com 2 redirects connect.facebook.net
4 cm.g.doubleclick.net 4 redirects
4 adservice.google.com www.googletagservices.com
4 adservice.google.de www.googletagservices.com
4 bid.contextweb.com cdn.ad4game.com
4 platform.twitter.com prnt.sc
platform.twitter.com
4 apis.google.com prnt.sc
apis.google.com
2 staticxx.facebook.com connect.facebook.net
2 api.prntscr.com st.prntscr.com
prnt.sc
2 connect.facebook.net prnt.sc
2 www.google-analytics.com 1 redirects prnt.sc
2 prnt.sc prnt.sc
1 syndication.twitter.com prnt.sc
1 accounts.google.com apis.google.com
1 www.google.de prnt.sc
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 widget.uservoice.com prnt.sc
1 image.prntscr.com prnt.sc
130 27

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com
Subject Issuer Validity Valid
ssl387277.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-06 -
2019-03-15		 6 months crt.sh
ssl366238.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-07-09 -
2019-01-15		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
uservoice.com
CloudFlare Inc ECC CA-2		 2018-08-28 -
2019-08-28		 a year crt.sh
*.ad4game.com
Go Daddy Secure Certificate Authority - G2		 2017-11-23 -
2020-01-16		 2 years crt.sh
www.google.de
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
ads.ad4game.com
Go Daddy Secure Certificate Authority - G2		 2016-03-28 -
2019-04-26		 3 years crt.sh
accounts.google.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2016-06-29 -
2019-09-16		 3 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://prnt.sc/lo7mxr
Frame ID: 0254F8C662F5056EF0F950DD98B71D16
Requests: 49 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/all.js?hash=608d4da4dcc18c681585f1740f83edc3&ua=modern_es6
Frame ID: 6D17485BF3864B68EFE850C9123BD050
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Flo7mxr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.yyoIjtazwsk.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ%2Fm%3D__features__
Frame ID: 5BF3D5030C4CE515B7714831ED57538F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0568ee90c37ccf52b40a4b1e312811ff.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: ADBEACBAB4729CF551861F814B883840
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
Frame ID: DB5AFDF525DA5B123D0D2D4679D21A55
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.yyoIjtazwsk.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ%2Fm%3D__features__
Frame ID: 5FD23BFF83F79D0C1749D012797E3FA1
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0568ee90c37ccf52b40a4b1e312811ff.en.html
Frame ID: DB3B743D03273F12713CB3994D26A9D2
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
Frame ID: AB5CCB0B8C274B7131FA63338A24C691
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df52e1ca68aef84%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: 2A51B36C7067290260812D74DF218D6E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&locale=en_US&migrated=1&sdk=joey&xid=lo7mxr
Frame ID: 49D1E37BD9213492CC80E54060BFE651
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df180e1583ea4134%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: AC43AF83AFA86846E203EE4722F2EFCD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 6EE00DCCB5F5879AAE734C6361CD5698
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 4DFDB90800E965E4D077B85A011BBDBC
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 075F7415FC38069F2A554BAEA1DB168D
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Frame ID: 6FBD728CC3CB6BA4B1F7FC849DFCFE50
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ad4game.com/adbyv1.gif
Frame ID: 378DC15B1B84BFD74B845180571A4EA7
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Frame ID: 9C367387ACC5C2FE017F4AB604F0C5CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^UserVoice$/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
  • env /pbjs/i
  • env /PREBID_TIMEOUT/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

130
Requests

92 %
HTTPS

58 %
IPv6

14
Domains

27
Subdomains

22
IPs

3
Countries

1342 kB
Transfer

3601 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1495739428&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Flo7mxr&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=705554896&gjid=1410325268&cid=1166424644.1544045401&tid=UA-12353127-1&_gid=868022423.1544045401&_r=1&z=202088104 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_gid=868022423.1544045401&gjid=1410325268&_v=j72&z=202088104 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_v=j72&z=202088104 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_v=j72&z=202088104&slf_rd=1&random=4217707604
Request Chain 47
  • https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2214fb6eb958b4%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
Request Chain 49
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&locale=en_US&migrated=1&sdk=joey&xid=lo7mxr HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&locale=en_US&migrated=1&sdk=joey&xid=lo7mxr
Request Chain 120
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
Request Chain 121
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
Request Chain 122
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
Request Chain 123
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1

130 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lo7mxr
prnt.sc/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prnt.sc/lo7mxr
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.27.100.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c0cb955968a14a5bc1bd8211e8093bb7c20ef28b521ca5bf843737ef0c8726
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
prnt.sc
:scheme
https
:path
/lo7mxr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 05 Dec 2018 21:30:00 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc603a723fe55cf151392237395dccaaa1544045400; expires=Thu, 05-Dec-19 21:30:00 GMT; path=/; domain=.prnt.sc; HttpOnly
x-frame-options
SAMEORIGIN
content-encoding
gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
48499c8b9c06c29c-FRA
main.css
st.prntscr.com/2018/10/13/2048/css/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2018/10/13/2048/css/main.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27869d25259a57e13dcdea60dba73c0bee4cb06dc0aeb5b311824b65f0588748

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:50:43 GMT
server
cloudflare
etag
"5bc25aa3-23e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8c7964977a-FRA
content-length
9188
expires
Wed, 05 Dec 2018 21:46:19 GMT
jquery.1.8.2.min.js
st.prntscr.com/2018/10/13/2048/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2018/10/13/2048/js/jquery.1.8.2.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:50:43 GMT
server
cloudflare
etag
"5bc25aa3-827c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8c7967977a-FRA
content-length
33404
expires
Wed, 05 Dec 2018 21:53:44 GMT
script.mix.js
st.prntscr.com/2018/10/13/2048/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2018/10/13/2048/js/script.mix.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5465b852bfdaeaaa55585db03a3c3eca36ab1b81cc753a933662b8d1b2e98d72

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:50:43 GMT
server
cloudflare
etag
"5bc25aa3-5f66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8c7966977a-FRA
content-length
24422
expires
Wed, 05 Dec 2018 21:35:42 GMT
Sy0Asg0kTv2Q8njUU66_Rw.png
image.prntscr.com/image/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.prntscr.com/image/Sy0Asg0kTv2Q8njUU66_Rw.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Magic
Resource Hash
a6c005053af10df3979edc0861fe99f7caa62fcc44bf3acd3067f724c8bbd0b5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
MISS
x-powered-by
Magic
status
200
x-temperature
Warm
content-length
126687
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
48499c8c7fd8bf07-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 02 Dec 2028 21:30:01 GMT
lo7mxr
prnt.sc/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prnt.sc/lo7mxr
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.27.100.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/lo7mxr
pragma
no-cache
cookie
__cfduid=dc603a723fe55cf151392237395dccaaa1544045400
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
prnt.sc
referer
https://prnt.sc/lo7mxr
:scheme
https
:method
GET
Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
200
cf-ray
48499c8c3de6c29c-FRA
image-helper.js
st.prntscr.com/2018/10/13/2048/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2018/10/13/2048/js/image-helper.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:49:40 GMT
server
cloudflare
etag
W/"5bc25a64-a2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
48499c8cc9c0977a-FRA
expires
Wed, 05 Dec 2018 21:53:50 GMT
footer-logo.png
st.prntscr.com/2018/10/13/2048/img/ 		630 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/footer-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1848
status
200
content-disposition
inline; filename="footer-logo.webp"
content-length
630
last-modified
Mon, 05 Sep 2016 15:49:19 GMT
server
cloudflare
etag
"57cd93ff-738"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 05 Dec 2018 21:50:46 GMT
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c2977a-FRA
cf-bgj
imgq:100
jquery.smartbanner.css
st.prntscr.com/2018/10/13/2048/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2018/10/13/2048/css/jquery.smartbanner.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:50:36 GMT
server
cloudflare
etag
W/"5bc25a9c-ef0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
cf-ray
48499c8c7965977a-FRA
expires
Wed, 05 Dec 2018 21:56:02 GMT
jquery.smartbanner.js
st.prntscr.com/2018/10/13/2048/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2018/10/13/2048/js/jquery.smartbanner.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:50:43 GMT
server
cloudflare
etag
"5bc25aa3-aec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c1977a-FRA
content-length
2796
expires
Wed, 05 Dec 2018 21:55:49 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
775
date
Wed, 05 Dec 2018 21:17:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Wed, 05 Dec 2018 23:17:06 GMT
vH5wQvnQPL3wtXH5KVXA.js
widget.uservoice.com/ 		43 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.uservoice.com/vH5wQvnQPL3wtXH5KVXA.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:1f5c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c441b731d557c65a0f7037eb25ac6653358250f5ccb71862b10ebcbd5ffd65
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
7ae43b38b7ec0e7f9abb451a163d06dd
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"15c441b731d557c65a0f7037eb25ac66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
48499c8d0ea597e0-FRA
expires
Wed, 05 Dec 2018 23:30:01 GMT
page-bg.png
st.prntscr.com/2018/10/13/2048/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/page-bg.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7116
status
200
content-disposition
inline; filename="page-bg.webp"
content-length
5608
last-modified
Sat, 13 Oct 2018 20:50:43 GMT
server
cloudflare
etag
"5bc25aa3-1a7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 05 Dec 2018 21:50:46 GMT
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c4977a-FRA
cf-bgj
imgq:100
icon-facebook_gscale.png
st.prntscr.com/2018/10/13/2048/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/icon-facebook_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84b7505eba0e0c989311415d0416fc9850d3214741e62d85a51655db1e6a80c

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:49:06 GMT
server
cloudflare
etag
"5bc25a42-52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c5977a-FRA
content-length
1325
expires
Wed, 05 Dec 2018 21:53:44 GMT
icon-twitter_gscale.png
st.prntscr.com/2018/10/13/2048/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/icon-twitter_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251076990f3881a584eafc43ffe8a85ebee0c82f48c00de4b1f1fa25413e3e7

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:49:06 GMT
server
cloudflare
etag
"5bc25a42-5ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c6977a-FRA
content-length
1535
expires
Wed, 05 Dec 2018 21:49:05 GMT
button-download.png
st.prntscr.com/2018/10/13/2048/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/button-download.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2222b64c7e37a7d528c8326ebaee33ae44bae57d7654db28e1122c0cae8a93db

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:49:06 GMT
server
cloudflare
etag
"5bc25a42-57c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c7977a-FRA
content-length
1404
expires
Wed, 05 Dec 2018 21:49:59 GMT
button-icon-sep.png
st.prntscr.com/2018/10/13/2048/img/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/button-icon-sep.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e145f951ea4535f27315f0419252111cbfe42ab28091b3a2a2582ccc2a48853

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:49:06 GMT
server
cloudflare
etag
"5bc25a42-3a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c8977a-FRA
content-length
928
expires
Wed, 05 Dec 2018 21:36:09 GMT
header-logo.png
st.prntscr.com/2018/10/13/2048/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/header-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7995
status
200
content-disposition
inline; filename="header-logo.webp"
content-length
4152
last-modified
Sat, 13 Oct 2018 20:50:43 GMT
server
cloudflare
etag
"5bc25aa3-1e52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 05 Dec 2018 21:53:07 GMT
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8cc9c9977a-FRA
cf-bgj
imgq:100
async-ajs.min.js
cdn.ad4game.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1451
referrer-policy
no-referrer
last-modified
Wed, 21 Nov 2018 10:06:00 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf52e08-ca8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
icon-abuse.png
st.prntscr.com/2018/10/13/2048/img/ 		327 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/icon-abuse.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe0d4140c7b904c7628f72b80591f70d4bd499b1401df123cc24b7d3617c8fa

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:49:06 GMT
server
cloudflare
etag
"5bc25a42-147"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8d0a0d977a-FRA
content-length
327
expires
Wed, 05 Dec 2018 21:54:34 GMT
icon-camera.png
st.prntscr.com/2018/10/13/2048/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/icon-camera.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd2de3ee9231c3511b8b0360375664c7b18d0ad997e37dde494331017f694976

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:49:06 GMT
server
cloudflare
etag
"5bc25a42-441"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8d1a1e977a-FRA
content-length
1089
expires
Wed, 05 Dec 2018 21:49:53 GMT
icon-edit.png
st.prntscr.com/2018/10/13/2048/img/ 		461 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2018/10/13/2048/img/icon-edit.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Referer
https://st.prntscr.com/2018/10/13/2048/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
cf-cache-status
HIT
cf-polished
origSize=3153, status=webp_bigger
status
200
content-length
461
last-modified
Sat, 13 Oct 2018 20:49:06 GMT
server
cloudflare
etag
"5bc25a42-c51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 05 Dec 2018 21:54:34 GMT
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
48499c8d1a1f977a-FRA
cf-bgj
imgq:100
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1495739428&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Flo7mxr&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_gid=868022423.1544045401&gjid=1410325268&_v=j72&z=202088104
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_v=j72&z=202088104
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_v=j72&z=202088104&slf_rd=1&random=4217707604
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_v=j72&z=202088104&slf_rd=1&random=4217707604
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Dec 2018 21:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Dec 2018 21:30:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1166424644.1544045401&jid=705554896&_v=j72&z=202088104&slf_rd=1&random=4217707604
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
173f9f395a8aa8fabac452f6b9b88b5bbedf37cca564d319c6cfd561aed2b6ff
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
pqw8ixyKE43UT63oD+z9mw==
status
200
content-length
1854
x-xss-protection
0
x-fb-debug
iDrm42q0CFVmmrD5kKCKzwcUHMxlxLWx6dmBTozQK0xMXFMLb89vGzQf67KquDvWwgX5ST7DAIPYrbJq2Afz7g==
x-fb-content-md5
aa09e225250216b5f0fbe165ee7295a4
x-frame-options
DENY
date
Wed, 05 Dec 2018 21:30:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"751d1de98e819faf035abcf67193c5e8"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin
*
expires
Wed, 05 Dec 2018 21:42:25 GMT
plusone.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
99bbcb8a25a45edcf0c8c233613c34338e6e15ab93262846c145c49133c8ad16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-ZozKfTOIPdyoB/3QNhuDVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"7a5d7810f96a125a32d6e12b2db590de"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Wed, 05 Dec 2018 21:30:01 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DD) /
Resource Hash
53f0b723a9eaae574d32e11ccfe7238d4a13faefd215fd907a4a6f5b7b7337fd

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 21:30:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Nov 2018 23:07:09 GMT
Server
ECS (fcn/40DD)
Etag
"4e5cc317f91405882b591962259aaeb5+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
27967
/
api.prntscr.com/v1/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prntscr.com/v1/
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2018/10/13/2048/js/jquery.1.8.2.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
server
cloudflare
access-control-allow-origin
https://prnt.sc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
status
204
access-control-allow-credentials
true
cf-ray
48499c8da90cbf07-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid.js
cdn.ad4game.com/ 		117 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
43537
referrer-policy
no-referrer
last-modified
Fri, 23 Nov 2018 13:40:54 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf80366-1d457"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
async-ajs.php
ads.ad4game.com/www/delivery/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1023050&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=60918,60917,60916&b=7&x=7
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
e7c1a49e90b2a9abba1d13188840b86b6f95af38ef123dc6cad6c5e35895a195

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:01 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.139
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
all.js
connect.facebook.net/en_US/ Frame 6D17 		170 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=608d4da4dcc18c681585f1740f83edc3&ua=modern_es6
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d6289bae3cb0589114f5a63390257fcc42b4d25a23f52c5a1f468c3bc7872d68
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
auQaG2BBZ0Mq668a+Kqa8g==
status
200
content-length
53288
x-xss-protection
0
x-fb-debug
haV7Qmhi6WfXr1+KY9SB4FScam8IE1ieciA0LxwPcFiAk0v+rMSvYzzicQMBrEVtJ4Ee+Tw7XVAi7Dx6PKr4EQ==
x-fb-content-md5
65133f926652d89d3307c50591b153f1
x-frame-options
DENY
date
Wed, 05 Dec 2018 21:30:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3137f6e41cfb5a125da08f105b9f3dbf"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Thu, 05 Dec 2019 20:27:38 GMT
truncated
/ 		129 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12a91c44fc52f2f2bd8ad058927af8147653712a32cd779556eb6c215ca996d0

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.yyoIjtazwsk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.yyoIjtazwsk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
30685866599aa305929baaf39da3bc50824dfefafe4ef7d460b0480735bdd7ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 18:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Dec 2018 19:35:53 GMT
server
sffe
age
10953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
46787
x-xss-protection
1; mode=block
expires
Thu, 05 Dec 2019 18:27:28 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.yyoIjtazwsk.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.yyoIjtazwsk.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
120cc7ee2cb6b3365b7716cbd5be6b8cbf5d93ca44f17c095702ebde4343679c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 18:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Dec 2018 19:35:53 GMT
server
sffe
age
11058
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35737
x-xss-protection
1; mode=block
expires
Thu, 05 Dec 2019 18:25:43 GMT
fastbutton
apis.google.com/se/0/_/+1/ Frame 5BF3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Flo7mxr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.yyoIjtazwsk.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Flo7mxr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.yyoIjtazwsk.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
cookie
NID=148=qUMhMLeN4Z9w7mxpmtby_FD3mtQvhNuVVs5whEcoSyUjFNsv8Xzcuh--2Rr9IIjE2w-dZOq3DjOXoGf7a0Pp-j0U-rq6ST_ffVBKh6xNyZAVCy9dXHgWnwNQDHgZjJuC4WcApJFHUdWJREwaOIBRXwNYKWB_qwtwTMLBk_R6pBQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
content-type
text/html; charset=utf-8
x-ua-compatible
IE=edge, chrome=1
vary
Accept-Encoding
timing-allow-origin
*
expires
Wed, 05 Dec 2018 21:30:01 GMT
date
Wed, 05 Dec 2018 21:30:01 GMT
cache-control
private, max-age=3600
content-security-policy-report-only
script-src 'report-sample' 'nonce-OavWv7s7X8L6SqcAF1iKYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
1; mode=block
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
widget_iframe.0568ee90c37ccf52b40a4b1e312811ff.html
platform.twitter.com/widgets/ Frame ADBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.0568ee90c37ccf52b40a4b1e312811ff.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4196) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://prnt.sc/lo7mxr
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Dec 2018 21:30:01 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Wed, 28 Nov 2018 23:06:05 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4196)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
button.e96bb6acc0f8bda511c0c46a84ee18e4.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e96bb6acc0f8bda511c0c46a84ee18e4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D8) /
Resource Hash
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 21:30:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Nov 2018 23:05:57 GMT
Server
ECS (fcn/40D8)
Etag
"afc5be16085c49e57e5c7974de717b28+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
2300
/
api.prntscr.com/v1/ 		92 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prntscr.com/v1/
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://prnt.sc
access-control-allow-credentials
true
cf-ray
48499c8e7b6c977a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
7LloFuHvA7I.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame DB5A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=608d4da4dcc18c681585f1740f83edc3&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 30 Nov 2019 18:27:27 GMT
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
kq1I3VHFmPggpDkxYHbo0ICEytBnmQIVZqHxxRYrMx5NZgEceHpjfhRV+ABUgpMxHgqXXurF0riBb+8IW5uupw==
content-length
12728
date
Wed, 05 Dec 2018 21:30:01 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 5FD2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.yyoIjtazwsk.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.yyoIjtazwsk.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9WI/Cjs2D5Y' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.yyoIjtazwsk.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCO6o2RWeT-pSK13WxTn6syyAud8tQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
cookie
NID=148=qUMhMLeN4Z9w7mxpmtby_FD3mtQvhNuVVs5whEcoSyUjFNsv8Xzcuh--2Rr9IIjE2w-dZOq3DjOXoGf7a0Pp-j0U-rq6ST_ffVBKh6xNyZAVCy9dXHgWnwNQDHgZjJuC4WcApJFHUdWJREwaOIBRXwNYKWB_qwtwTMLBk_R6pBQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 05 Dec 2018 21:30:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-9WI/Cjs2D5Y' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
tweet_button.0568ee90c37ccf52b40a4b1e312811ff.en.html
platform.twitter.com/widgets/ Frame DB3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.0568ee90c37ccf52b40a4b1e312811ff.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://prnt.sc/lo7mxr
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Dec 2018 21:30:01 GMT
Etag
"6152ebaf3a0fce018997f1e8bd49aaaa+gzip"
Last-Modified
Wed, 28 Nov 2018 23:06:02 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40EB)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12221
jot
syndication.twitter.com/i/ 		43 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2Flo7mxr%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1544045401568%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%227c27020%3A1543446056977%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.16.156.52 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
19
pragma
no-cache
last-modified
Wed, 05 Dec 2018 21:30:01 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
096f25e4dae8210e96ab5069b1807fc6
x-transaction
00254889006f9805
expires
Tue, 31 Mar 1981 05:00:00 GMT
prebid.js
cdn.ad4game.com/ 		117 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1023050&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
43537
referrer-policy
no-referrer
last-modified
Fri, 23 Nov 2018 13:40:54 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf80366-1d457"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
gpt.js
www.googletagservices.com/tag/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1023050&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
22f77169ee271ab63a11c48ee1e05e15fa959c657322484c4da2b5189bde5875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"12 / 692 of 1000 / last-modified: 1543946494"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9608
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:01 GMT
ortb
bid.contextweb.com/header/ 		0
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:01 GMT
Server
nginx
CWDL
22/139,22/135,22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts08.pulse.prod
CW-Server
ams-bid03
Content-Length
0
bid
ads.ad4game.com/v1/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&size=970x90%3B728x90%3B300x250&id=6d5283e0a8d5dc%3B75bc442a166893%3B81284230be8399&zoneId=60918%3B60917%3B60916&
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
b1d026bbb69655e485a01236e2ae4f098d58816ec4aac59f7c67e7d92f521e47

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:02 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://prnt.sc
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12064
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_276.js
securepubads.g.doubleclick.net/gpt/ 		183 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
c293be00e574e59d67752b3a36f7b86e76d96eb826eaa4182814cb646902f365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Nov 2018 16:29:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
63710
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:01 GMT
7LloFuHvA7I.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame AB5C
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%2...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=608d4da4dcc18c681585f1740f83edc3&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 30 Nov 2019 18:27:27 GMT
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
kq1I3VHFmPggpDkxYHbo0ICEytBnmQIVZqHxxRYrMx5NZgEceHpjfhRV+ABUgpMxHgqXXurF0riBb+8IW5uupw==
content-length
12728
date
Wed, 05 Dec 2018 21:30:01 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter/r/7LloFuHvA7I.js?version=43#cb=f2214fb6eb958b4&domain=prnt.sc&origin=https%3A%2F%2Fprnt.sc%2Ff3a8dcb7f8f18f4&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
Yj/6rvjf1A/MsUgL+lu2WXO1rsRdQ6aeA+BJuTXX8/snC/05/+Bt8/aj3lM7oeW/iOGbA0ke+WbV98r2DYVJ3g==
content-length
0
date
Wed, 05 Dec 2018 21:30:01 GMT
like.php
www.facebook.com/plugins/ Frame 2A51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df52e1ca68aef84%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=608d4da4dcc18c681585f1740f83edc3&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df52e1ca68aef84%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
o2Iy3t6fX0TAy8jrxWK7A5j1ThaznOJo+OlIsv7SZpg/U1TKgeWw7TWPSAKjmbv3T0icfPIHc7numbWq04qPRw==
date
Wed, 05 Dec 2018 21:30:01 GMT
feedback.php
www.facebook.com/plugins/ Frame 49D1
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26...
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&locale=en_US&migrated=1&sdk=joey&xid=lo7mxr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=608d4da4dcc18c681585f1740f83edc3&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&locale=en_US&migrated=1&sdk=joey&xid=lo7mxr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
kocQV41+T1pzczKwiW+p1uUe3M2DOw4CvLdwhW+pF+r0tzRwNiQhA+c7x/BSP3yI1qsT6mgFMihHm7MzFRWxsw==
date
Wed, 05 Dec 2018 21:30:03 GMT

Redirect headers

status
302
strict-transport-security
max-age=15552000; preload
location
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df2aaa6b06b638d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Flo7mxr&locale=en_US&migrated=1&sdk=joey&xid=lo7mxr
access-control-expose-headers
X-FB-Debug, X-Loader-Length
access-control-allow-credentials
true
vary
Origin
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
x-fb-debug
qwdGHqcbFp/vEOpUaXxpfe0HzbUSe0tiVoXopbiuUUuz/KG64Fk7BEqTPYua73BmvtuSTCX9BaAzulqaPbdFtA==
content-length
0
date
Wed, 05 Dec 2018 21:30:01 GMT
like_box.php
www.facebook.com/plugins/ Frame AC43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df180e1583ea4134%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=608d4da4dcc18c681585f1740f83edc3&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F7LloFuHvA7I.js%3Fversion%3D43%23cb%3Df180e1583ea4134%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff3a8dcb7f8f18f4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
iJ0blBNTW6N3xKoWaBUsHMy2nTkTVSSsFferEbouitoJkRWFIuqjLbUGWMaLkOactYeAoTkd/VSsqTc095jCWg==
date
Wed, 05 Dec 2018 21:30:02 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=524245483602007&correlator=3924232297961253&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061645%2C21062833&vrg=276&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C60918%2C6091717%2C60916&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D970x90%26hb_pb_a4g%3D0.99%26hb_adid_a4g%3D6d5283e0a8d5dc%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.99%26hb_adid%3D6d5283e0a8d5dc%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.26%26hb_adid_a4g%3D75bc442a166893%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.26%26hb_adid%3D75bc442a166893%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.28%26hb_adid_a4g%3D81284230be8399%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.28%26hb_adid%3D81284230be8399%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1544045402&dt=1544045402364&dlt=1544045400989&idt=847&frm=20&biw=1585&bih=1200&oid=3&adxs=308%2C429%2C308&adys=70%2C1532%2C1654&adks=1432691387%2C518174652%2C4042975291&ucis=1%7C2%7C3&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprnt.sc%2Flo7mxr&dssz=33&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C728x90%7C300x250&msz=970x-1%7C728x-1%7C300x-1&ga_vid=1166424644.1544045401&ga_sid=1544045402&ga_hid=1495739428&fws=0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
6322138207f18a8cc80773e0d5cfa5ae3f02d9ac8521ed44a9c23f13436288e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
3233
x-xss-protection
1; mode=block
google-lineitem-id
4728217632,4728527186,4728522959
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138237963302,138237963296,138237963299
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://prnt.sc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_276.js
securepubads.g.doubleclick.net/gpt/ 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3037d1c04fc78db31cdd1db8ad74bdfcaccee38380540216aa157945c0d7b932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Nov 2018 16:29:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
24072
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
async-ajs.min.js
cdn.ad4game.com/ Frame 6EE0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1451
referrer-policy
no-referrer
last-modified
Wed, 21 Nov 2018 10:06:00 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf52e08-ca8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 6EE0 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aae7c3bdad10af4414f4b5997f476b4bd7bf9f44d3f1aed7078741726a93578f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Dec 2018 12:14:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27289
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26729
x-xss-protection
1; mode=block
server
cafe
etag
17768588699998725842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Dec 2018 22:18:50 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame 4DFD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1451
referrer-policy
no-referrer
last-modified
Wed, 21 Nov 2018 10:06:00 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf52e08-ca8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4DFD 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aae7c3bdad10af4414f4b5997f476b4bd7bf9f44d3f1aed7078741726a93578f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Dec 2018 12:14:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27289
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame 075F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1451
referrer-policy
no-referrer
last-modified
Wed, 21 Nov 2018 10:06:00 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf52e08-ca8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 075F 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aae7c3bdad10af4414f4b5997f476b4bd7bf9f44d3f1aed7078741726a93578f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Dec 2018 12:14:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27289
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6EE0 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvB3L9g0meqlFypVAbWVYToK8IQLkt5kjTrWDC5bXf13aAENwCcoKSB-qx4a3bx98h7fW3zgnxAcw3e7kHUV-XyXqFPx2LQsHr23e8dylDL28N7MM1cwJ2BG2avn0CMW2J7gEflXKKLeQunZdbUDOWIg1IbTpnw784ook-2dPIZvY4GlE77IrH5ea2kdysUg8md1oOIwHjh9DOlTmUkVxI3nkbtAXzQKdAXVfd8VV01dw&sai=AMfl-YSpcSB3yh8Gu1j3I01A1HqKyJaCDO9-UozDp0JS-rpLaOJmaa2aDT6riIKmg5xRwXvrE86c6oOLfYaIAK61pyn1IoKM11qytWrfirRo&sig=Cg0ArKJSzNr_Qmumz70FEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
adbyv1.gif
cdn.ad4game.com/ Frame 6EE0 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
access-control-allow-origin
*
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
x-serveraddr
10.100.0.137
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame 6EE0 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=542533&campaignid=31238&zoneid=60918&referer=&tag=hb&ver=4.0&tagi=2017-05-04T15-30&cb=y1VtVA3pXEGWRsNW&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxOCwiZXhwIjoxNTQ0MDQ1NDYyfQ.dEg03ST-vqMOvjKy6LOq80JIdt4Z1SkOqpQ-87uyX28&bn=ad4game&bid=0.998&if=0
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12061
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4DFD 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssLvSB2HoN8Z7-O5r_PThoemMbMkY6xH1q5uqLi3hnY2HIm1yRiLZuZIuGFNApX4rfYdKAZOmBKgRcJZCE5nkeqxSNypq7VSlKxp3KSQHsKgTRLWF0lJV7w4g0PHknncmE2KjL9Jm4YCMquWHqqI6TAlw3XPahTGvd-mOOvLtRd7tJSsxyeB-8sKunP9b7sKwFd6lAmWyf6PA0-zBoMm4ElUwEokPvbXjp01j1QF5bK6Sl&sai=AMfl-YTTD9QDRjIXULuseaZfFnLhmkDea42QVbnjSbbukVhvRZPhI1_K2ktjGD_iWMFzJVLzOkUmQ4N_6UOC0JW-jSMaE328Ohu5K7Tukyxj&sig=Cg0ArKJSzDDRJjrArwTtEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
adbyv1.gif
cdn.ad4game.com/ Frame 4DFD 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
access-control-allow-origin
*
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
x-serveraddr
10.100.0.137
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame 4DFD 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=542532&campaignid=31237&zoneid=60917&referer=&tag=hb&ver=4.0&tagi=2017-05-04T15-30&cb=4aR7IL8aSwPGygZw&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNywiZXhwIjoxNTQ0MDQ1NDYyfQ.P5L0k0rQik628hvQelKNByV7XawMLG4v8-7rkNvkTLM&bn=ad4game&bid=0.269&if=0
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12064
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 075F 		0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKUooZFTGMpYz98fwTT0W_W3lCeLQrITm-vWS2vpr2DzVQRNQWohNWrimj3dU3EFnZJf2ZMVSydXoT91rFX17sGi55rmyVWME1ptN_8fIn58I7u-WxcnvVIyUlqdpVnCJxBdY7p1tr6Q9zkuHM59bvJWe1MScL3r76b5gPeyEIuZKbg218ka_9FxP3DzNpNqyrLmNbXeej5TRUqLE5h7TohkojFSjnLH94L8Trfy_86g&sai=AMfl-YSX0RPW3S4pJaePFrtNwfSk7298KV-C5Kb90LNAao8jlOVswidgJgbVF_jGt_V23eDtftnVgQwIzPjTVtCufBqVhBH_Qcmu_7WUqsw7&sig=Cg0ArKJSzG6DydNPeqUzEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
adbyv1.gif
cdn.ad4game.com/ Frame 075F 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
access-control-allow-origin
*
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
x-serveraddr
10.100.0.137
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame 075F 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=541977&campaignid=31069&zoneid=60916&referer=&tag=hb&ver=4.0&tagi=2017-05-04T15-30&cb=ibqUWC6byhU6wM0G&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNiwiZXhwIjoxNTQ0MDQ1NDYyfQ.QuTLwvrqG0bSZHPpMkXWTrkhKSsUmA7bjT8o024Qk5o&bn=ad4game&bid=0.287&if=0
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12064
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
cdn.ad4game.com/ Frame 6EE0 		117 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
43537
referrer-policy
no-referrer
last-modified
Fri, 23 Nov 2018 13:40:54 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf80366-1d457"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
prebid.js
cdn.ad4game.com/ Frame 4DFD 		117 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
43537
referrer-policy
no-referrer
last-modified
Fri, 23 Nov 2018 13:40:54 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf80366-1d457"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
prebid.js
cdn.ad4game.com/ Frame 075F 		117 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
43537
referrer-policy
no-referrer
last-modified
Fri, 23 Nov 2018 13:40:54 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"5bf80366-1d457"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
async-ajs.php
ads.ad4game.com/www/delivery/ Frame 6EE0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8655561&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=66613&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
e1e866c1cc121b01561c1f1de5f2079fbfd1241054545338cc273173b18c3592

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:02 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Language
en-US
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
application/x-javascript;charset=utf-8
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12064
Expires
0
truncated
/ Frame 6EE0 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
284e381f187b7287e90f5e23446bd428e104009d3b95bf828f99a572f63d4edc

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
async-ajs.php
ads.ad4game.com/www/delivery/ Frame 4DFD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g683995&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=66610&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
24794c039e248d80d4175cae553b89527cd6b52f6d147516624a6ecac88af824

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:02 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.151
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
truncated
/ Frame 4DFD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8a6c25927c9c358721f20b08697f62b0339407009a118e1ac39d244ce4ae8ee

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
async-ajs.php
ads.ad4game.com/www/delivery/ Frame 075F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5931782&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=66549&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
ae6993844792c14ede5f276e9dacc868d50f2b7b7e75f1f3d33893a73ad9b4b3

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:03 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Language
en-US
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
application/x-javascript;charset=utf-8
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12064
Expires
0
truncated
/ Frame 075F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69f6741d49a832f7284a4007f8a94545e10aae35f8c90e11e8192956e12b0b56

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
gpt.js
www.googletagservices.com/tag/js/ Frame 4DFD 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g683995&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=66610&b=1&x=1
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
22f77169ee271ab63a11c48ee1e05e15fa959c657322484c4da2b5189bde5875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"12 / 515 of 1000 / last-modified: 1543946494"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9608
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 6EE0 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8655561&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=66613&b=1&x=1
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
22f77169ee271ab63a11c48ee1e05e15fa959c657322484c4da2b5189bde5875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"12 / 359 of 1000 / last-modified: 1543946494"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9608
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
bid
ads.ad4game.com/v1/ Frame 6EE0 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2F&size=728x90&id=212bdaee28ee0b&zoneId=66613&
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
d3603a7f2b57fd6d5740c225cc9b01bc8a2ad6c45681c29f208f4542f4f9f7d2

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:03 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://prnt.sc
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12061
ortb
bid.contextweb.com/header/ Frame 6EE0 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:03 GMT
Server
nginx
CWDL
22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts08.pulse.prod
CW-Server
ams-bid11
Content-Length
0
bid
ads.ad4game.com/v1/ Frame 4DFD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2F&size=728x90&id=2776e97fb11192&zoneId=66610&
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
63914cf2944de3393e314a9714c791ac1b6b10cc096eb9d0bde5d46db44e65d3

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:03 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://prnt.sc
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12061
ortb
bid.contextweb.com/header/ Frame 4DFD 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:03 GMT
Server
nginx
CWDL
22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts08.pulse.prod
CW-Server
ams-bid09
Content-Length
0
integrator.js
adservice.google.de/adsid/ Frame 4DFD 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame 4DFD 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_277.js
securepubads.g.doubleclick.net/gpt/ Frame 4DFD 		184 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js?21062843
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
9bf3fa92a53ecd66eacbc93b745d721ca9d03bce4c371e43d7022721e038f0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Dec 2018 15:29:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
63903
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
integrator.js
adservice.google.de/adsid/ Frame 6EE0 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame 6EE0 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_276.js
securepubads.g.doubleclick.net/gpt/ Frame 6EE0 		183 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
c293be00e574e59d67752b3a36f7b86e76d96eb826eaa4182814cb646902f365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Nov 2018 16:29:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
63710
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 6EE0 		71 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1566819341615416&correlator=3011249683596385&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062819%2C21062832&vrg=276&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C66613&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.01%26hb_adid_a4g%3D212bdaee28ee0b%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D212bdaee28ee0b%26hb_bidder%3Da4g&eri=1&cookie=ID%3D2a0cf584f78ae036%3AT%3D1544045402%3AS%3DALNI_MbSIEiiYBa6BB7u6tgx75ecmYbFlg&cdm=prnt.sc&bc=15&lmt=1544045403&dt=1544045403407&dlt=1544045402382&idt=756&ea=0&frm=23&biw=1585&bih=1200&isw=970&ish=90&oid=3&adxs=-9&adys=-9&adks=2693624738&ucis=uc4h22w7tue&gut=v2&ifi=1&ifk=936865034&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fprnt.sc%2Flo7mxr&top=https%3A%2F%2Fprnt.sc%2Flo7mxr&dssz=15&icsg=2722&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1166424644.1544045401&ga_sid=1544045403&ga_hid=2299394&fws=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
2d5ac3803dda3e925525a94343e50fddce4370ea9777a0a7fb3b17bac1314c64
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14857271284141016279/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14857271284141016279/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKaVqa7Rid8CFdOKdwodni0EvA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14857271284141016279/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14857271284141016279/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14857271284141016279/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKaVqa7Rid8CFdOKdwodni0EvA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14857271284141016279/index.html
content-encoding
gzip
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
23729
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 05 Dec 2018 21:30:03 GMT
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://prnt.sc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_276.js
securepubads.g.doubleclick.net/gpt/ Frame 6EE0 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3037d1c04fc78db31cdd1db8ad74bdfcaccee38380540216aa157945c0d7b932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Nov 2018 16:29:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
24072
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 6EE0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame 4DFD 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=443730069897237&correlator=710099170138309&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062843&vrg=277&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C66610&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.03%26hb_adid_a4g%3D2776e97fb11192%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D2776e97fb11192%26hb_bidder%3Da4g&eri=1&cookie=ID%3D2a0cf584f78ae036%3AT%3D1544045402%3AS%3DALNI_MbSIEiiYBa6BB7u6tgx75ecmYbFlg&cdm=prnt.sc&bc=15&lmt=1544045403&dt=1544045403496&dlt=1544045402383&idt=764&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=1532&adks=3874379858&ucis=ecfo4zhlubwy&gut=v2&ifi=1&ifk=2211832472&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fprnt.sc%2Flo7mxr&top=https%3A%2F%2Fprnt.sc%2Flo7mxr&dssz=19&icsg=2722&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1166424644.1544045401&ga_sid=1544045404&ga_hid=1143583177&fws=256
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js?21062843
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
5ca84097e6f1a7fd6d5c5275add697f61700289ef906556e77506ce167d40c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1860
x-xss-protection
1; mode=block
google-lineitem-id
4728527036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138237963437
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://prnt.sc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_277.js
securepubads.g.doubleclick.net/gpt/ Frame 4DFD 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_277.js?21062843
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js?21062843
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
17a199c2500a333bd801a2b41f017f1e026c67f0e498ded7a2cb8a14bcbe8940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Dec 2018 15:29:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
24102
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 4DFD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js?21062843
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
gpt.js
www.googletagservices.com/tag/js/ Frame 075F 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5931782&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Flo7mxr&c=UTF-8&z=66549&b=1&x=1
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a14e3f40b49cf487b9ae2be55728980571ad10674586a528754cf54c40a47830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"12 / 15 of 1000 / last-modified: 1543946494"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9602
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
bid
ads.ad4game.com/v1/ Frame 075F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2F&size=300x250&id=2aa6865a7674a3&zoneId=66549&
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
e844aff92e97338758e29854d0c82afd63b729ad0c99bebfe886e3e73a5dc288

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:04 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://prnt.sc
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12061
ortb
bid.contextweb.com/header/ Frame 075F 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Dec 2018 21:30:03 GMT
Server
nginx
CWDL
22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts08.pulse.prod
CW-Server
ams-bid05
Content-Length
0
integrator.js
adservice.google.de/adsid/ Frame 075F 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame 075F 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_276.js
securepubads.g.doubleclick.net/gpt/ Frame 075F 		183 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
c293be00e574e59d67752b3a36f7b86e76d96eb826eaa4182814cb646902f365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Nov 2018 16:29:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
63710
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:03 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 6FBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-31/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
1737
date
Wed, 14 Nov 2018 15:03:06 GMT
expires
Thu, 14 Nov 2019 15:03:06 GMT
last-modified
Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=31536000
age
1837617
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
osd.js
pagead2.googlesyndication.com/pagead/ Frame 6EE0 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26729
x-xss-protection
1; mode=block
server
cafe
etag
17768588699998725842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Dec 2018 22:18:50 GMT
adbyv1.gif
cdn.ad4game.com/ Frame 378D 		112 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:02 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 378D 		73 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_277.js?21062843
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aae7c3bdad10af4414f4b5997f476b4bd7bf9f44d3f1aed7078741726a93578f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Wed, 05 Dec 2018 21:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Dec 2018 12:14:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27289
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:02 GMT
truncated
/ Frame 378D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aab2d90682b0f6290477687ec47452f9f83e2d752883e0c0fd2b6afc949af6fb

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
osd.js
pagead2.googlesyndication.com/pagead/ Frame 4DFD 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js?21062843
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26729
x-xss-protection
1; mode=block
server
cafe
etag
17768588699998725842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Dec 2018 22:18:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 378D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1tLCAOawb3O5bgXctueYJ597AScJpkpfaM0TEPNI4vSkRYyfsvM3WXaaielW_cNwfvSvp202MczRsUBHlAs8rX7Ss1r8BV2uI47qlKQQ2q3q5Oje4eI4rB7Zfof30xZ50XKU4wqwoVb_Cv9S5hwZEmwOKVFzlyhYYCBeA9LMGwLVo5EyaxnXCqFh4qQxiBOjweolOfrgAKSQW64ef5VlKdJZ_-4r82G60lU1OBj2E&sai=AMfl-YT6c5ozrAmTrw7Sw4rzMSoUcIAv1Xp5yf3N7T0U63hIEGtVkjO5QQzr22iCURAEN8GQ0bh5UxgQS2LycE6GgPdyoj-mUokSHR76yUp8-RJtOTdmzJMPmH_9Agc&sig=Cg0ArKJSzJVCuxdm-6mCEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Dec 2018 21:30:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
674ce80f85f2ec5485218f6c4142e0b8.gif
cdn.ad4game.com/ Frame 378D 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/674ce80f85f2ec5485218f6c4142e0b8.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e12d19216fc36b566f02283daf16d6dfca6a358cf28433c3bbbbda7f44cef4a0

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Wed, 05 Dec 2018 21:30:03 GMT
referrer-policy
no-referrer
last-modified
Wed, 25 Nov 2015 10:04:45 GMT
server
nginx
access-control-allow-origin
*
etag
"565587bd-bd84"
status
200
x-cache
HIT
content-type
image/gif
x-serveraddr
10.100.0.137
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
48516
lg.php
ads.ad4game.com/www/delivery/ Frame 378D 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=541848&campaignid=31005&zoneid=66610&referer=&tag=hb&ver=4.0&tagi=2018-12-05T01-46&cb=wFT7nRVFGQ9sxQ7P&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjYxMCwiZXhwIjoxNTQ0MDQ1NDYzfQ.ZFfEa4n7dgb20pu3tCq1_BnfoEJx9Jej6OMHi1CGiXo&bn=ad4game&bid=0.031&if=0
Requested by
Host: prnt.sc
URL: https://prnt.sc/lo7mxr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Wed, 05 Dec 2018 21:30:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12061
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 075F 		38 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=243912062717815&correlator=1726988721204152&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061742%2C21062151%2C21062577%2C21062725&vrg=276&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C66549&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.09%26hb_adid_a4g%3D2aa6865a7674a3%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.09%26hb_adid%3D2aa6865a7674a3%26hb_bidder%3Da4g&eri=1&cookie=ID%3D2a0cf584f78ae036%3AT%3D1544045402%3AS%3DALNI_MbSIEiiYBa6BB7u6tgx75ecmYbFlg&cdm=prnt.sc&bc=15&lmt=1544045404&dt=1544045404167&dlt=1544045402384&idt=1234&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=-9&adys=-9&adks=2032208368&ucis=ptfyrtk7cwz2&gut=v2&ifi=1&ifk=3452083417&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fprnt.sc%2Flo7mxr&top=https%3A%2F%2Fprnt.sc%2Flo7mxr&dssz=15&icsg=2722&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1166424644.1544045401&ga_sid=1544045404&ga_hid=117712045&fws=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
692e9a00b8006770cd7eec7cd3a1bf47d806d7f1d0637ab2d538513f4d9f7d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

date
Wed, 05 Dec 2018 21:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12686
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://prnt.sc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_276.js
securepubads.g.doubleclick.net/gpt/ Frame 075F 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3037d1c04fc78db31cdd1db8ad74bdfcaccee38380540216aa157945c0d7b932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Nov 2018 16:29:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
24072
x-xss-protection
1; mode=block
expires
Wed, 05 Dec 2018 21:30:04 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 075F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EE0 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-y3A6A4f6R1-kSt5XcCtzcY-T2d_ju1OkPPsqzDhfdCmzkW4ULgqr9s9HIZyJYhs3sy9WhObUCYD5dZwbE3vfJr2f0NCfv1beni8&sig=Cg0ArKJSzOcoBAy5M68nEAE&adk=1432691387&tt=1499&bs=1585%2C1200&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&p=70,308,160,1278&mcvt=1074&rs=3&ht=0&tfs=440&tls=1514&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1544045402634&rpt=470&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C2016&ss=1600%2C1200&pt=16&deb=1-3-3-9-17-17-52-13&tvt=1500&r=v&me=1&id=osdim&uc=16&upc=1&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=970x90&v=20181203
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Dec 2018 21:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
worker.nude.js
st.prntscr.com/2018/10/13/2048/js/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2018/10/13/2048/js/worker.nude.js
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2018/10/13/2048/js/script.mix.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr
Origin
https://prnt.sc

Response headers

date
Wed, 05 Dec 2018 21:30:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 13 Oct 2018 20:50:34 GMT
server
cloudflare
status
200
etag
W/"5bc25a9a-ad9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://prnt.sc
cache-control
max-age=1800
cf-ray
48499ca04c2cbf07-FRA
expires
Wed, 05 Dec 2018 21:57:02 GMT
02792b78-2b72-4187-bc64-d745ccfcdb93
https://prnt.sc/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prnt.sc/02792b78-2b72-4187-bc64-d745ccfcdb93
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2018/10/13/2048/js/script.mix.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
2777
Content-Type
text/javascript
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 9C36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-31/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/lo7mxr
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/lo7mxr

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
1737
date
Wed, 14 Nov 2018 15:03:06 GMT
expires
Thu, 14 Nov 2019 15:03:06 GMT
last-modified
Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=31536000
age
1837618
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
osd.js
pagead2.googlesyndication.com/pagead/ Frame 075F 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 21:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26729
x-xss-protection
1; mode=block
server
cafe
etag
17768588699998725842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Dec 2018 22:18:50 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
49 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 21:30:05 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits
0
Connection
keep-alive
Content-Length
49
X-Served-By
cache-fra19138-FRA
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-569767ffc8-8pxhc
Expires
-1

Redirect headers

pragma
no-cache
date
Wed, 05 Dec 2018 21:30:05 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 6EE0
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
49 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 21:30:06 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits
0
Connection
keep-alive
Content-Length
49
X-Served-By
cache-fra19138-FRA
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-569767ffc8-8pxhc
Expires
-1

Redirect headers

pragma
no-cache
date
Wed, 05 Dec 2018 21:30:06 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 4DFD
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
49 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 21:30:06 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits
0
Connection
keep-alive
Content-Length
49
X-Served-By
cache-fra19138-FRA
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-569767ffc8-8pxhc
Expires
-1

Redirect headers

pragma
no-cache
date
Wed, 05 Dec 2018 21:30:06 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 075F
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
49 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/lo7mxr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 21:30:07 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits
0
Connection
keep-alive
Content-Length
49
X-Served-By
cache-fra19138-FRA
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-569767ffc8-8pxhc
Expires
-1

Redirect headers

pragma
no-cache
date
Wed, 05 Dec 2018 21:30:07 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJyOpk1Q3RpXLw7Axp3CZS0&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| $jscomp object| galleryConfig function| loadTemplate function| fillTemplate object| htmlHelper function| getQueryParam function| mysqlDateTimeToJSDate object| prntscrAPI object| loginConfig object| multiLoginSystem function| prettyDate number| maxId_p number| maxId string| searchQuery object| twittsShown object| PrettyDate function| renamePrntsc function| replaceURLWithHTMLLinks function| replaceMentionsWithHTMLLinks function| replaceHashWithHTMLLinks function| expandShortUrls function| htmlspecialchars_decode function| addTwittsFound function| twitterFill undefined| twitterProcessJSON function| twitter function| Spinner string| GoogleAnalyticsObject function| ga object| UserVoice object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| loadImageById function| loadImageByElement function| scanImage function| resultHandler object| nude object| jQuery18208601442854917356 object| FB function| pbjsChunk object| pbjs object| __core-js_shared__ boolean| prebidLoaded object| gapi object| ___jsl object| __twttrll object| twttr object| __twttr number| __DEV__ function| emptyFunction object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| prebidJs object| node object| googletag function| isScriptLoaded number| a4gDReady boolean| a4gPrebidLoaded number| PREBID_TIMEOUT number| PREBID_FAILSAFE_TIMEOUT object| slots object| adUnits function| sendAdserverRequest object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming object| google_reactive_ads_global_state undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 148=qUMhMLeN4Z9w7mxpmtby_FD3mtQvhNuVVs5whEcoSyUjFNsv8Xzcuh--2Rr9IIjE2w-dZOq3DjOXoGf7a0Pp-j0U-rq6ST_ffVBKh6xNyZAVCy9dXHgWnwNQDHgZjJuC4WcApJFHUdWJREwaOIBRXwNYKWB_qwtwTMLBk_R6pBQ
.prnt.sc/ Name: _gat
Value: 1
.prnt.sc/ Name: _gid
Value: GA1.2.868022423.1544045401
.prnt.sc/ Name: _ga
Value: GA1.2.1166424644.1544045401
.prnt.sc/ Name: __cfduid
Value: dc603a723fe55cf151392237395dccaaa1544045400

1 Console Messages

Source Level URL
Text
console-api log URL: https://widget.uservoice.com/vH5wQvnQPL3wtXH5KVXA.js(Line 1)
Message:
UserVoice widget not found.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.ad4game.com
adservice.google.com
adservice.google.de
api.prntscr.com
apis.google.com
bh.contextweb.com
bid.contextweb.com
cdn.ad4game.com
cm.g.doubleclick.net
connect.facebook.net
image.prntscr.com
pagead2.googlesyndication.com
platform.twitter.com
prnt.sc
securepubads.g.doubleclick.net
st.prntscr.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
widget.uservoice.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.20.14.105
104.27.100.99
151.101.0.166
151.139.242.3
172.217.22.34
172.217.23.162
192.207.255.146
192.207.255.147
199.16.156.52
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:1f5c
2a00:1450:4001:815::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::200d
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c06::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
74.214.194.133
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
120cc7ee2cb6b3365b7716cbd5be6b8cbf5d93ca44f17c095702ebde4343679c
12a91c44fc52f2f2bd8ad058927af8147653712a32cd779556eb6c215ca996d0
15c441b731d557c65a0f7037eb25ac6653358250f5ccb71862b10ebcbd5ffd65
173f9f395a8aa8fabac452f6b9b88b5bbedf37cca564d319c6cfd561aed2b6ff
17a199c2500a333bd801a2b41f017f1e026c67f0e498ded7a2cb8a14bcbe8940
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
2222b64c7e37a7d528c8326ebaee33ae44bae57d7654db28e1122c0cae8a93db
22f77169ee271ab63a11c48ee1e05e15fa959c657322484c4da2b5189bde5875
24794c039e248d80d4175cae553b89527cd6b52f6d147516624a6ecac88af824
27869d25259a57e13dcdea60dba73c0bee4cb06dc0aeb5b311824b65f0588748
284e381f187b7287e90f5e23446bd428e104009d3b95bf828f99a572f63d4edc
2d5ac3803dda3e925525a94343e50fddce4370ea9777a0a7fb3b17bac1314c64
2e145f951ea4535f27315f0419252111cbfe42ab28091b3a2a2582ccc2a48853
3037d1c04fc78db31cdd1db8ad74bdfcaccee38380540216aa157945c0d7b932
30685866599aa305929baaf39da3bc50824dfefafe4ef7d460b0480735bdd7ed
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3
53f0b723a9eaae574d32e11ccfe7238d4a13faefd215fd907a4a6f5b7b7337fd
5465b852bfdaeaaa55585db03a3c3eca36ab1b81cc753a933662b8d1b2e98d72
5ca84097e6f1a7fd6d5c5275add697f61700289ef906556e77506ce167d40c1d
6322138207f18a8cc80773e0d5cfa5ae3f02d9ac8521ed44a9c23f13436288e3
63914cf2944de3393e314a9714c791ac1b6b10cc096eb9d0bde5d46db44e65d3
692e9a00b8006770cd7eec7cd3a1bf47d806d7f1d0637ab2d538513f4d9f7d2d
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a
69f6741d49a832f7284a4007f8a94545e10aae35f8c90e11e8192956e12b0b56
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
82fff1c1026ead64c11065db374d511f7a707851a68517ccedd0af7fd122fcc0
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
9251076990f3881a584eafc43ffe8a85ebee0c82f48c00de4b1f1fa25413e3e7
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
99bbcb8a25a45edcf0c8c233613c34338e6e15ab93262846c145c49133c8ad16
9bf3fa92a53ecd66eacbc93b745d721ca9d03bce4c371e43d7022721e038f0d3
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
a14e3f40b49cf487b9ae2be55728980571ad10674586a528754cf54c40a47830
a6c005053af10df3979edc0861fe99f7caa62fcc44bf3acd3067f724c8bbd0b5
aab2d90682b0f6290477687ec47452f9f83e2d752883e0c0fd2b6afc949af6fb
aae7c3bdad10af4414f4b5997f476b4bd7bf9f44d3f1aed7078741726a93578f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae6993844792c14ede5f276e9dacc868d50f2b7b7e75f1f3d33893a73ad9b4b3
b1d026bbb69655e485a01236e2ae4f098d58816ec4aac59f7c67e7d92f521e47
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b84b7505eba0e0c989311415d0416fc9850d3214741e62d85a51655db1e6a80c
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758
bfe0d4140c7b904c7628f72b80591f70d4bd499b1401df123cc24b7d3617c8fa
c293be00e574e59d67752b3a36f7b86e76d96eb826eaa4182814cb646902f365
c8a6c25927c9c358721f20b08697f62b0339407009a118e1ac39d244ce4ae8ee
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d3603a7f2b57fd6d5740c225cc9b01bc8a2ad6c45681c29f208f4542f4f9f7d2
d6289bae3cb0589114f5a63390257fcc42b4d25a23f52c5a1f468c3bc7872d68
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238
dd2de3ee9231c3511b8b0360375664c7b18d0ad997e37dde494331017f694976
e12d19216fc36b566f02283daf16d6dfca6a358cf28433c3bbbbda7f44cef4a0
e1e866c1cc121b01561c1f1de5f2079fbfd1241054545338cc273173b18c3592
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c1a49e90b2a9abba1d13188840b86b6f95af38ef123dc6cad6c5e35895a195
e844aff92e97338758e29854d0c82afd63b729ad0c99bebfe886e3e73a5dc288
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895
f3c0cb955968a14a5bc1bd8211e8093bb7c20ef28b521ca5bf843737ef0c8726
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729