urlscan.io logo urlscan.io
SecurityTrails logo

prnt.sc Open in urlscan Pro
104.27.100.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://prntscr.com/mf6fkz
Effective URL: https://prnt.sc/mf6fkz
Submission: On February 01 via manual from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 93 HTTP transactions. The main IP is 104.27.100.99, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 26th 2019. Valid for: 6 months.
This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 104.20.13.105 13335 (CLOUDFLAR...)
2 104.27.100.99 13335 (CLOUDFLAR...)
3 104.20.14.105 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
11 151.139.242.3 33438 (HIGHWINDS2)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f02... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
5 192.207.255.146 62821 (AS-MNX)
1 199.16.156.120 13414 (TWITTER)
9 2a00:1450:400... 15169 (GOOGLE)
3 74.214.194.134 59940 (PULSEPOIN...)
1 2a00:1450:400... 15169 (GOOGLE)
6 172.217.22.66 15169 (GOOGLE)
2 5 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 192.207.255.147 62821 (AS-MNX)
2 88.214.194.130 46636 (NATCOWEB)
1 204.62.12.59 46636 (NATCOWEB)
3 6 151.101.0.166 54113 (FASTLY)
4 4 216.58.207.66 15169 (GOOGLE)
93 22
19    104.20.13.105 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
prntscr.com
st.prntscr.com
api.prntscr.com
2    104.27.100.99 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
prnt.sc
3    104.20.14.105 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
image.prntscr.com
api.prntscr.com
st.prntscr.com
2    2a00:1450:4001:815::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
11    151.139.242.3 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
cdn.ad4game.com
1    2a00:1450:400c:c08::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
7    2a00:1450:4001:819::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
4    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
5    192.207.255.146 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy1.ad4game.com
ads.ad4game.com
1    199.16.156.120 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
9    2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.com
pagead2.googlesyndication.com
3    74.214.194.134 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
bid.contextweb.com
1    2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
6    172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net
securepubads.g.doubleclick.net
5    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2a00:1450:4001:806::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
4    192.207.255.147 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com
ads.ad4game.com
2    88.214.194.130 (United Kingdom)

ASN46636 (NATCOWEB - NatCoWeb Corp., US)
endpoint8.dspbox.io
1    204.62.12.59 (Clifton, United States)

ASN46636 (NATCOWEB - NatCoWeb Corp., US)
s5e.decenterads.com
6    151.101.0.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
4    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
cm.g.doubleclick.net
Domain Requested by
17 st.prntscr.com prnt.sc
www.google-analytics.com
st.prntscr.com
11 cdn.ad4game.com prnt.sc
ads.ad4game.com
9 ads.ad4game.com cdn.ad4game.com
prnt.sc
7 www.google.com 1 redirects
6 bh.contextweb.com 3 redirects
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
prnt.sc
5 www.facebook.com 2 redirects connect.facebook.net
5 www.googletagservices.com ads.ad4game.com
securepubads.g.doubleclick.net
4 cm.g.doubleclick.net 4 redirects
4 platform.twitter.com prnt.sc
platform.twitter.com
3 pagead2.googlesyndication.com prnt.sc
3 bid.contextweb.com cdn.ad4game.com
2 endpoint8.dspbox.io
2 staticxx.facebook.com connect.facebook.net
2 api.prntscr.com st.prntscr.com
prnt.sc
2 connect.facebook.net prnt.sc
connect.facebook.net
2 www.google-analytics.com 1 redirects prnt.sc
2 prnt.sc prnt.sc
st.prntscr.com
2 prntscr.com 2 redirects
1 s5e.decenterads.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 syndication.twitter.com prnt.sc
1 www.google.de prnt.sc
1 stats.g.doubleclick.net 1 redirects
1 image.prntscr.com prnt.sc
93 27

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com
Subject Issuer Validity Valid
ssl387277.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-26 -
2019-08-04		 6 months crt.sh
ssl366238.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-17 -
2019-06-25		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.ad4game.com
Go Daddy Secure Certificate Authority - G2		 2017-11-23 -
2020-01-16		 2 years crt.sh
www.google.de
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-01-21 -
2019-04-21		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
ads.ad4game.com
Go Daddy Secure Certificate Authority - G2		 2016-03-28 -
2019-04-26		 3 years crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2016-06-29 -
2019-09-16		 3 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://prnt.sc/mf6fkz
Frame ID: 2117C61ED9CAA2BB580FD2837580321E
Requests: 51 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.219ae0a24a0fde13418c38af0499134b.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 9F2DF1DD4EF54760ECC77B693458DAB0
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Frame ID: 22E5251F0896ACAC0884743253BCA36A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.219ae0a24a0fde13418c38af0499134b.en.html
Frame ID: 3FADC80C949231845F82B4F1376C2A7D
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Frame ID: D3DC1678044DAA6D2A2AFF88060759A0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df224332a0c15264%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: 2E5230E416BFDD1D2461242244E93861
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&locale=en_US&migrated=1&sdk=joey&xid=mf6fkz
Frame ID: 6C3098079E9CC44784D10CA9F7BDB23B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df1dd2123acc9d9c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: DB4718C3AD96F72C8497FB862AAFFC4C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: FD79F25E2A7FB2C79A7C9553EEA86D3C
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: C6BBD054986621333C1FFDBE15696618
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: BB6A3F9FDA768B3E14EFE951ED7ECFEB
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://prntscr.com/mf6fkz HTTP 301
    https://prntscr.com/mf6fkz HTTP 301
    https://prnt.sc/mf6fkz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
  • env /pbjs/i
  • env /PREBID_TIMEOUT/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

93
Requests

91 %
HTTPS

43 %
IPv6

15
Domains

27
Subdomains

22
IPs

4
Countries

626 kB
Transfer

1651 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prntscr.com/mf6fkz HTTP 301
    https://prntscr.com/mf6fkz HTTP 301
    https://prnt.sc/mf6fkz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1394341665&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=710488995&gjid=446968520&cid=1625331810.1549022188&tid=UA-12353127-1&_gid=586612771.1549022188&_r=1&z=1727199980 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_gid=586612771.1549022188&gjid=446968520&_v=j73&z=1727199980 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_v=j73&z=1727199980 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_v=j73&z=1727199980&slf_rd=1&random=2312187443
Request Chain 39
  • https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df35c826cb2f6304%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Request Chain 42
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&locale=en_US&migrated=1&sdk=joey&xid=mf6fkz HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&locale=en_US&migrated=1&sdk=joey&xid=mf6fkz
Request Chain 84
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
Request Chain 90
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
Request Chain 92
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mf6fkz
prnt.sc/
Redirect Chain
  • http://prntscr.com/mf6fkz
  • https://prntscr.com/mf6fkz
  • https://prnt.sc/mf6fkz
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.27.100.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5b422b6ec3fc81092b87774f21f33fc2f96f1eadae36efbc840eda2eb5179bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
prnt.sc
:scheme
https
:path
/mf6fkz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 01 Feb 2019 11:56:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc1c558c27084f3884a5131fb0f95dbf81549022187; expires=Sat, 01-Feb-20 11:56:27 GMT; path=/; domain=.prnt.sc; HttpOnly
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4a243c22b981c767-AMS
content-encoding
br

Redirect headers

status
301
date
Fri, 01 Feb 2019 11:56:27 GMT
content-type
text/html
content-length
178
location
https://prnt.sc/mf6fkz
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4a243c216ec7c797-AMS
main.css
st.prntscr.com/2019/02/01/0113/css/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/css/main.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-23d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
cf-ray
4a243c239e09c797-AMS
expires
Fri, 01 Feb 2019 12:21:59 GMT
jquery.1.8.2.min.js
st.prntscr.com/2019/02/01/0113/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/jquery.1.8.2.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-827c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a243c239e0cc797-AMS
expires
Fri, 01 Feb 2019 12:21:59 GMT
script.mix.js
st.prntscr.com/2019/02/01/0113/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/script.mix.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45086739e84ef2f08a71c81711e7d2767a17c5dbaa61e3b4076eaa89d6db6e7

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-5e69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a243c239e0dc797-AMS
expires
Fri, 01 Feb 2019 12:21:59 GMT
2vQWeykeSf_x1GF1JxrKPg.png
image.prntscr.com/image/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.prntscr.com/image/2vQWeykeSf_x1GF1JxrKPg.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Magic
Resource Hash
5080c1cdb7cfbd769ba5b602cf11b015d8892d290966b9776e83158f8abef9b4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

date
Fri, 01 Feb 2019 11:56:29 GMT
cf-cache-status
HIT
x-powered-by
Magic
status
200
x-temperature
Warm
content-disposition
inline; filename="2vQWeykeSf_x1GF1JxrKPg.webp"
content-length
9346
cf-bgj
imgq:100
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-polished
origFmt=png, origSize=15915
accept-ranges
bytes
cf-ray
4a243c2a3bc79c4d-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 29 Jan 2029 11:56:29 GMT
mf6fkz
prnt.sc/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prnt.sc/mf6fkz
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.27.100.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/mf6fkz
pragma
no-cache
cookie
__cfduid=dc1c558c27084f3884a5131fb0f95dbf81549022187
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
prnt.sc
referer
https://prnt.sc/mf6fkz
:scheme
https
:method
GET
Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
200
cf-ray
4a243c238c26c767-AMS
image-helper.js
st.prntscr.com/2019/02/01/0113/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/image-helper.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:06 GMT
server
cloudflare
etag
W/"5c539d9a-a2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a243c241f7ac797-AMS
expires
Fri, 01 Feb 2019 12:22:08 GMT
footer-logo.png
st.prntscr.com/2019/02/01/0113/img/ 		630 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/footer-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1848
status
200
content-disposition
inline; filename="footer-logo.webp"
cf-bgj
imgq:100
content-length
630
last-modified
Mon, 05 Sep 2016 15:49:19 GMT
server
cloudflare
etag
"57cd93ff-738"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c241f82c797-AMS
expires
Fri, 01 Feb 2019 12:22:03 GMT
jquery.smartbanner.css
st.prntscr.com/2019/02/01/0113/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/css/jquery.smartbanner.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:37 GMT
server
cloudflare
etag
W/"5c539db9-ef0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
cf-ray
4a243c239e0bc797-AMS
expires
Fri, 01 Feb 2019 12:21:59 GMT
jquery.smartbanner.js
st.prntscr.com/2019/02/01/0113/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/jquery.smartbanner.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-aec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a243c241f7ec797-AMS
expires
Fri, 01 Feb 2019 12:22:09 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2525
date
Fri, 01 Feb 2019 11:14:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Fri, 01 Feb 2019 13:14:23 GMT
async-ajs.min.js
cdn.ad4game.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1343
referrer-policy
no-referrer
last-modified
Wed, 14 Nov 2018 11:02:32 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
"5bec00c8-b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
page-bg.png
st.prntscr.com/2019/02/01/0113/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/page-bg.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7116
status
200
content-disposition
inline; filename="page-bg.webp"
cf-bgj
imgq:100
content-length
5608
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
"5c539dc0-1a7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c241f8fc797-AMS
expires
Fri, 01 Feb 2019 12:22:09 GMT
header-logo.png
st.prntscr.com/2019/02/01/0113/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/header-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7995
status
200
content-disposition
inline; filename="header-logo.webp"
cf-bgj
imgq:100
content-length
4152
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
"5c539dc0-1e52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c241f91c797-AMS
expires
Fri, 01 Feb 2019 12:22:09 GMT
button-download.png
st.prntscr.com/2019/02/01/0113/img/ 		314 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/button-download.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1404
status
200
content-disposition
inline; filename="button-download.webp"
cf-bgj
imgq:100
content-length
314
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-57c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c241f9cc797-AMS
expires
Fri, 01 Feb 2019 12:22:09 GMT
button-icon-sep.png
st.prntscr.com/2019/02/01/0113/img/ 		40 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/button-icon-sep.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=928
status
200
content-disposition
inline; filename="button-icon-sep.webp"
cf-bgj
imgq:100
content-length
40
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-3a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c243ff7c797-AMS
expires
Fri, 01 Feb 2019 12:22:03 GMT
icon-twitter_gscale.png
st.prntscr.com/2019/02/01/0113/img/ 		374 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-twitter_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1535
status
200
content-disposition
inline; filename="icon-twitter_gscale.webp"
cf-bgj
imgq:100
content-length
374
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-5ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c243ffbc797-AMS
expires
Fri, 01 Feb 2019 12:22:14 GMT
icon-facebook_gscale.png
st.prntscr.com/2019/02/01/0113/img/ 		296 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-facebook_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1325
status
200
content-disposition
inline; filename="icon-facebook_gscale.webp"
cf-bgj
imgq:100
content-length
296
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c243805c797-AMS
expires
Fri, 01 Feb 2019 12:22:09 GMT
icon-edit.png
st.prntscr.com/2019/02/01/0113/img/ 		461 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-edit.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origSize=3153, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
461
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-c51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c2478c3c797-AMS
expires
Fri, 01 Feb 2019 12:22:09 GMT
icon-camera.png
st.prntscr.com/2019/02/01/0113/img/ 		158 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-camera.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1089
status
200
content-disposition
inline; filename="icon-camera.webp"
cf-bgj
imgq:100
content-length
158
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-441"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c2478c6c797-AMS
expires
Fri, 01 Feb 2019 12:22:15 GMT
icon-abuse.png
st.prntscr.com/2019/02/01/0113/img/ 		126 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-abuse.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=327
status
200
content-disposition
inline; filename="icon-abuse.webp"
cf-bgj
imgq:100
content-length
126
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-147"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a243c2478cac797-AMS
expires
Fri, 01 Feb 2019 12:22:09 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1394341665&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_gid=586612771.1549022188&gjid=446968520&_v=j73&z=1727199980
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_v=j73&z=1727199980
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_v=j73&z=1727199980&slf_rd=1&random=2312187443
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_v=j73&z=1727199980&slf_rd=1&random=2312187443
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1625331810.1549022188&jid=710488995&_v=j73&z=1727199980&slf_rd=1&random=2312187443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c10614fd7d06ec10eea70d6fb12ded13aa9e0d26b9fa8b25602dbc936d2b5ad8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
K1/gFkFYHcE1nOxlPawW8g==
status
200
vary
Accept-Encoding
content-length
1745
x-xss-protection
0
x-fb-debug
FTgv4AXwIYLy498Lo6Z8wEjY9trXFJ8HH8jigWdh8KOVVsqLFhg0UQ8nzWjDP+tDoa7nWPqnejxD/LeJui2hXA==
x-fb-content-md5
83dcbe42bd421bad655ecd92fcb6afab
date
Fri, 01 Feb 2019 11:56:28 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
access-control-allow-credentials
true
etag
"c257fd23f351c82b73fd5a2be0ff3ec1"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin
*
expires
Fri, 01 Feb 2019 12:04:36 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40FB) /
Resource Hash
90a01a8b4ae45ad9cf1dea505cc7139c567939e4b9bb28cd9973ba6f72857914

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:56:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Jan 2019 22:41:47 GMT
Server
ECS (fcn/40FB)
Etag
"c5e6acb59d053277c3389a12cf578f84+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
27963
/
api.prntscr.com/v1/ 		0
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prntscr.com/v1/
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/02/01/0113/js/jquery.1.8.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://prnt.sc
Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
server
cloudflare
access-control-allow-origin
https://prnt.sc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
status
204
access-control-allow-credentials
true
cf-ray
4a243c25285c9c4d-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
async-ajs.php
ads.ad4game.com/www/delivery/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g7107385&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=60918,60917,60916&b=7&x=7
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
422b72757b53200b2981b2d4fdb0f012ba629bf652454fd5c18b9993d6ab56ee

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.137
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
all.js
connect.facebook.net/en_US/ 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=60682ec0e4dc774ccc82c3f0b34a2c89&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0a9839c014d128d2e81cf05b65a2599ef64dbd944b39177cc36351b8645c1f33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
nBYsrylkVib7a55F4S5c+Q==
status
200
vary
Accept-Encoding
content-length
54045
x-xss-protection
0
x-fb-debug
ZUr6Xi12wBtMuRbNXR6x6GHoVQoyT6ffhCA6wI9U41K6kBvCxA5WAoBftNVW3svIkcxHjXGOvk5bVLDBxJzvtg==
x-fb-content-md5
b0adae82e09530b37a2af2fe8bacbb9d
date
Fri, 01 Feb 2019 11:56:28 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
access-control-allow-credentials
true
etag
"9c4e8928d9c6fd5d0f7a1a92bc8db7af"
timing-allow-origin
*
expires
Sat, 01 Feb 2020 10:24:04 GMT
widget_iframe.219ae0a24a0fde13418c38af0499134b.html
platform.twitter.com/widgets/ Frame 9F2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.219ae0a24a0fde13418c38af0499134b.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://prnt.sc/mf6fkz
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Feb 2019 11:56:28 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Wed, 30 Jan 2019 22:40:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40EB)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
button.e96bb6acc0f8bda511c0c46a84ee18e4.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e96bb6acc0f8bda511c0c46a84ee18e4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:56:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Jan 2019 22:40:50 GMT
Server
ECS (fcn/41AE)
Etag
"afc5be16085c49e57e5c7974de717b28+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
2300
GMRn6XEBZ06.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 22E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=60682ec0e4dc774ccc82c3f0b34a2c89&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/mf6fkz
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 31 Jan 2020 21:50:36 GMT
cache-control
public,max-age=31536000,immutable
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
x-fb-debug
ECpaUoGMQ2+TD32oLnG9d6ivkZnLOFbiN7LeMBc5RJUTKH70CZcxQ0ehr4IqW7TMuIG2ab7JoKObcYIaMGAO/w==
content-length
10881
date
Fri, 01 Feb 2019 11:56:28 GMT
tweet_button.219ae0a24a0fde13418c38af0499134b.en.html
platform.twitter.com/widgets/ Frame 3FAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.219ae0a24a0fde13418c38af0499134b.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D2) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://prnt.sc/mf6fkz
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Feb 2019 11:56:28 GMT
Etag
"80c67bc035b2511f80c56b3d6c95220e+gzip"
Last-Modified
Wed, 30 Jan 2019 22:40:55 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40D2)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12222
/
api.prntscr.com/v1/ 		92 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prntscr.com/v1/
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://prnt.sc
access-control-allow-credentials
true
cf-ray
4a243c25ed3fc797-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
jot
syndication.twitter.com/i/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2Fmf6fkz%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1549022188654%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222deec1d%3A1548887070531%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.16.156.120 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
10
pragma
no-cache
last-modified
Fri, 01 Feb 2019 11:56:28 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
730f15995a6b2023f0ccac1d9874d6c7
x-transaction
000dd31000adb63d
expires
Tue, 31 Mar 1981 05:00:00 GMT
prebid.js
cdn.ad4game.com/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g7107385&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
36182
referrer-policy
no-referrer
last-modified
Mon, 21 Jan 2019 02:16:09 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"5c452b69-1845b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
gpt.js
www.googletagservices.com/tag/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g7107385&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9431fad3bf3ad71b704acadaf8bf4c2064f18c69a3ad31daf969a9a68833181c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"69 / 505 of 1000 / last-modified: 1548976576"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
10091
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:28 GMT
ortb
bid.contextweb.com/header/ 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Feb 2019 11:56:28 GMT
Server
nginx
CWDL
22/135
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts03.pulse.prod
CW-Server
ams-bid05
Content-Length
0
bid
ads.ad4game.com/v1/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/v1/bid?if=1&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&size=970x90%3B728x90%3B300x250&id=477e64f5898f3e%3B5a9df5ade19264%3B64b02d72a775b3&zoneId=60918%3B60917%3B60916&
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
17ec48cd1b911009e0bd383d9ecc615a37c724e01b85d7c8b99559d06b0f6a96

Request headers

Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Feb 2019 11:56:29 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://prnt.sc
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12063
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_299.js
securepubads.g.doubleclick.net/gpt/ 		182 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
b2e30d33778ecbaf23590b76c45b87c100276be1a19578b5b00aa2e393bf8acd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 18:48:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
63688
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:28 GMT
GMRn6XEBZ06.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame D3DC
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%2...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=60682ec0e4dc774ccc82c3f0b34a2c89&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/mf6fkz
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 31 Jan 2020 21:50:36 GMT
cache-control
public,max-age=31536000,immutable
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
x-fb-debug
ECpaUoGMQ2+TD32oLnG9d6ivkZnLOFbiN7LeMBc5RJUTKH70CZcxQ0ehr4IqW7TMuIG2ab7JoKObcYIaMGAO/w==
content-length
10881
date
Fri, 01 Feb 2019 11:56:29 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44#cb=f35c826cb2f6304&domain=prnt.sc&origin=https%3A%2F%2Fprnt.sc%2Ffaf8016297644c&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp.php
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
UWm2I+8Uj5fvOStFPiTXpNDVgae4ijmxxcjV8UGzzy07CZgFmE52F2iJeRbC1qOVrCygZtiYzNmxS4C7n4x8XQ==
content-length
0
date
Fri, 01 Feb 2019 11:56:29 GMT
csi
www.google.com/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/csi?v=3&s=gpt&action=global&it=rt_st.impl.10331,rt_fs.impl.10331,rt_dns.impl.0,rt_tcp.impl.0,rt_rtt.impl.45,rt_tft.impl.5,rt_ts.impl.63837,rt_eb.impl.63688,rt_db.impl.186401,rt_duration.impl.49,rt_st.gpt.10278,rt_fs.gpt.10278,rt_dns.gpt.0,rt_tcp.gpt.0,rt_rtt.gpt.41,rt_tft.gpt.0,rt_ts.gpt.10227,rt_eb.gpt.10091,rt_db.gpt.30655,rt_duration.gpt.41&srt=9561&vrg=299&pl_id=5262451558251934&e=v299,n60257202,publisher_ads,sra,fif,page_load,21061506,21061764,21062421,21062577&rt=impl_loaded_instant.843,loader_loaded_instant.857,page_load_time.1119
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/plugins/ Frame 2E52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df224332a0c15264%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=60682ec0e4dc774ccc82c3f0b34a2c89&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df224332a0c15264%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/mf6fkz
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
s/lPKN37/IdImemtivVIgj48X80umN2jUYLF6l74ZhjliIKeCBER1Yj8bTF5ORyxGYBbi9aq1aAaIOa+nxyP8g==
date
Fri, 01 Feb 2019 11:56:29 GMT
feedback.php
www.facebook.com/plugins/ Frame 6C30
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26...
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&locale=en_US&migrated=1&sdk=joey&xid=mf6fkz
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=60682ec0e4dc774ccc82c3f0b34a2c89&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&locale=en_US&migrated=1&sdk=joey&xid=mf6fkz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/mf6fkz
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
/gkydwoKD7CQDEyIEnpJjSlQL76UwuZdLIdSpfrqN4UG5Otu2lhsb5At73FuV0JbmQ65cFxSheSrTdJqQhBxmA==
date
Fri, 01 Feb 2019 11:56:29 GMT

Redirect headers

status
302
strict-transport-security
max-age=15552000; preload
location
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df3316f0abb99278%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmf6fkz&locale=en_US&migrated=1&sdk=joey&xid=mf6fkz
access-control-expose-headers
X-FB-Debug, X-Loader-Length
access-control-allow-credentials
true
vary
Origin
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
x-fb-debug
Zf3L/ghpghDUujlpr4Ek1R78lNDxpefae3N4+2DFgqLuKciQ8WwNd5SO8VBXRxrITlhIjZSBvTgcRsSpH2rBhg==
content-length
0
date
Fri, 01 Feb 2019 11:56:29 GMT
like_box.php
www.facebook.com/plugins/ Frame DB47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df1dd2123acc9d9c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=60682ec0e4dc774ccc82c3f0b34a2c89&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df1dd2123acc9d9c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffaf8016297644c%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/mf6fkz
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
q4Fsqb6x0+vzAECamFY97YBwZqiTmzuMGMKlxHi8/S/QOCZpY8cPMcJEUfQDq1wC5zaTT6dIqJ+XwtjR/Qj4XA==
date
Fri, 01 Feb 2019 11:56:29 GMT
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a45c52bcc577c72fa9d000883bfae7234da9bfbfd4c5d1c9ef1794a24aefde3

Request headers

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=290662006513873&correlator=387851456690738&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061506%2C21061764%2C21062421%2C21062577&vrg=299&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C60918%2C6091717%2C60916&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D970x90%26hb_pb_a4g%3D0.24%26hb_adid_a4g%3D477e64f5898f3e%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.24%26hb_adid%3D477e64f5898f3e%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.17%26hb_adid_a4g%3D5a9df5ade19264%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.17%26hb_adid%3D5a9df5ade19264%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.22%26hb_adid_a4g%3D64b02d72a775b3%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.22%26hb_adid%3D64b02d72a775b3%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1549022189&dt=1549022189845&dlt=1549022188070&idt=830&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C436%2C315&adys=70%2C595%2C717&adks=1432691387%2C518174652%2C4042975291&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprnt.sc%2Fmf6fkz&dssz=28&icsg=10880&std=0&rumc=5262451558251934&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C728x90%7C300x250&msz=970x-1%7C728x-1%7C300x-1&blev=1&bisch=1&ga_vid=913468696.1549022190&ga_sid=1549022190&ga_hid=1394341665&fws=0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
d8fd5068b3b6b2d3066c3293d1547225a6826fcc7f8d2ae6bb5efd7f0a079e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3117
x-xss-protection
1; mode=block
google-lineitem-id
4728527183,4728527174,4728527180
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138237963443,138237963302,138237963302
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://prnt.sc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_299.js
securepubads.g.doubleclick.net/gpt/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
b633033729ec5192fda264a8a84d7e86b8b2b20099b6e3ea8f088a173e1ffc7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 18:48:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
23132
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
csi
www.google.com/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/csi?v=3&s=gpt&action=ad_events&srt=9561&request_refresh_type=4_2,5_2,6_2&req_len=4_1810&req_s=4_4-5-6&vrg=299&pl_id=5262451558251934&e=v299,n60257202,publisher_ads,sra,fif,page_load,21061506,21061764,21062421,21062577&rt=start_ad_fetch_period.4.1913
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame FD79 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1343
referrer-policy
no-referrer
last-modified
Wed, 14 Nov 2018 11:02:32 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
"5bec00c8-b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame FD79 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20190131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
08f85b0295d6a5c96aceece7240b0f476cf58fd403193c02c0427102bfd53771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 12:19:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28617
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1773dc9aa405f88c112dd6aebfe8ca32bcb2dfb4dfd9095decb289c00b53250f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 12:19:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28116
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame C6BB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1343
referrer-policy
no-referrer
last-modified
Wed, 14 Nov 2018 11:02:32 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
"5bec00c8-b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C6BB 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20190131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
08f85b0295d6a5c96aceece7240b0f476cf58fd403193c02c0427102bfd53771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 12:19:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28617
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame BB6A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1343
referrer-policy
no-referrer
last-modified
Wed, 14 Nov 2018 11:02:32 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
"5bec00c8-b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BB6A 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20190131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
08f85b0295d6a5c96aceece7240b0f476cf58fd403193c02c0427102bfd53771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 12:19:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28617
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FD79 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqXPyxhHC2MpPTRqJfmUK5BufPboSVVHeUxysD61XVIcGDZYnT1UE5SkUSRV6axolgTIAr9stLktbcbEkkFA5fp7J6XMUpNMGHsjj5yOziR93OMNvHCjuChi2b9rnbTY0Gj-p_-Smdx4H3LBbjCTkcBfC_c0t5OCg32hjspdLA8HPvNLCXdLOQWu5GADSXLU2De8rQCtgmTssxLi0oUJCtpmb2gClQVkT1EfjhlbbVx97x&sai=AMfl-YQUqX2zfkxpoBk6m9iczsdHRNB_bCV5yvdnCrkAq-GmDYP3gtl-4kurofAyirZiHaIo3AsTnC-ER9IhtIG0rcDw91KR6zZoDB8zV5ERnQ&sig=Cg0ArKJSzNaIIs3I4BurEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
adbyv1.gif
cdn.ad4game.com/ Frame FD79 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:30 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame FD79 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=542533&campaignid=31238&zoneid=60918&referer=&tag=hb&ver=4.0&tagi=2019-01-16T03-25&cb=bxl2C85axdribnvS&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxOCwiZXhwIjoxNTQ5MDIyMjQ5fQ.t1BxINdWB7s2p5qe_SO8E9E1TqwbUdtKsradUHq6otY&bn=ad4game&bid=0.249&if=1
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12062
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6BB 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIOeU_ImaypaSMXruRdkGpf4MZwsl0qvEWm6hD4wGs1udUaR5yiBfHewcemWTdVaikFKeG4Hm9C5nXCh62ahfOUYNVW7NuqhYrFXPoPN9GIGzM23KC87IkT0K9IOuUrQDYLekF3tATgaV1DKYFmwsW8lDvKwnbZyyXoItH5VOixcpAPsvZKFXg23mGJ47sjqYHG7Vg4HhKpr5WLJmQN9D6I8pfpZt0ymg1F7Js-GE88ZOcKhc&sai=AMfl-YQZpA2N_isMbACX7DtUNLkwXwwUGP7kJDBzJhxbK3tAF8h9gtqpDyAPtIhEZa0MkoLpd9YX-lee9TJEgtfTrsEvMyTFNXHY_zf4pvkkQQ&sig=Cg0ArKJSzDXkeuLqwOnWEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
adbyv1.gif
cdn.ad4game.com/ Frame C6BB 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:30 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame C6BB 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=542532&campaignid=31237&zoneid=60917&referer=&tag=hb&ver=4.0&tagi=2019-01-16T03-25&cb=cRnq6TQX5SbzWAMC&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNywiZXhwIjoxNTQ5MDIyMjQ5fQ.k5kEmBGF0pjS0NczEZDphjW7bcsS14Trfmmkgi9SPco&bn=ad4game&bid=0.173&if=1
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12062
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB6A 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc8Z_LKahRgNCt6VoBcjxhWOgPF1Q0wkEh_PM5OFJ71VKrwB1S_dMkIx6Buut-wAKbeC54DbnZ73dX69GE48XiH43gzbHKg_7VlZbHUEOfngJx7b3YM2VN4fr7Y-oLS0og4mTGk3qnwt4y3Qy8EEgxMHxoHUK0Y-aKAJZ_3Ja4ZSSHLiHX7VCU_bEVCk_lifSP17clb9Sq1gv0_8LCmZfBLt5Qi03T9PmCagFSw4X7MPz0&sai=AMfl-YSj9LnG0kn8skDeijuWaJT_VEkB85tmowFPz1CWIsdO-Q8iLUU6uSGBi4jlz2HfsRv97pYvWMn6VtykfQzlbiT5XeeOE2_8kC7P0uZuPg&sig=Cg0ArKJSzOdYtRKQw83VEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:56:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:56:30 GMT
adbyv1.gif
cdn.ad4game.com/ Frame BB6A 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:31 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame BB6A 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=541977&campaignid=31069&zoneid=60916&referer=&tag=hb&ver=4.0&tagi=2019-01-16T03-25&cb=mvkODw6sClrcUM60&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNiwiZXhwIjoxNTQ5MDIyMjQ5fQ.GuF4atCy5qL4TUE8SWjW5UUikanf0FdeBMRlNxsd2GQ&bn=ad4game&bid=0.22&if=1
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12065
Expires
Thu, 01 Jan 1970 00:00:00 GMT
async-ajs.php
ads.ad4game.com/www/delivery/ Frame FD79 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8206395&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=66613&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
3956e6d3c97947d493337b200b08e5e3c5e35b115bdb6d75f30cb7f49ce71df9

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:30 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.139
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
truncated
/ Frame FD79 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32e1e6aec5fcf9dacb6b8d701e08661b30b269ee8497fc56c878626d6ce2db3d

Request headers

Response headers

Content-Type
image/png
async-ajs.php
ads.ad4game.com/www/delivery/ Frame BB6A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5334348&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=66549&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
01f0f8fc74c08c836acaf7bdcc6f76681bbf859b286eee9c81876662b5707127

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:34 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.138
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
truncated
/ Frame BB6A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2139e2ce4aa36bb28d305d2e3a3f10be3cf14ce0a41f68b95360c1290cd0d3a

Request headers

Response headers

Content-Type
image/png
async-ajs.php
ads.ad4game.com/www/delivery/ Frame C6BB 		0
0
truncated
/ Frame C6BB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e11f93af8f5989923a1b020617868ecd370ce47ea7e1fcf21a6ae8267c198302

Request headers

Response headers

Content-Type
image/png
prebid.js
cdn.ad4game.com/ Frame FD79 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8206395&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=66613&b=1&x=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:31 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
36182
referrer-policy
no-referrer
last-modified
Mon, 21 Jan 2019 02:16:09 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"5c452b69-1845b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
csi
www.google.com/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/csi?v=3&s=gpt&action=global&it=rt_st.ad.4.11468,rt_fs.ad.4.11468,rt_dns.ad.4.0,rt_tcp.ad.4.0,rt_rtt.ad.4.239,rt_tft.ad.4.0,rt_ts.ad.4.3371,rt_eb.ad.4.3117,rt_db.ad.4.9436,rt_duration.ad.4.239&srt=9561&vrg=299&pl_id=5262451558251934&e=v299,n60257202,publisher_ads,sra,fif,page_load,21061506,21061764,21062421,21062577&rt=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
www.google.com/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/csi?v=3&s=gpt&action=ad_events&it=ad_fetch_period.4.239,exr.4.0,exr.5.0,exr.6.0&srt=9561&is_backfill_at_render=4_false,5_false,6_false&qqid=4_CIqJiau9muACFUi8ewod3jQAFA,5_CIuJiau9muACFUi8ewod3jQAFA,6_CIyJiau9muACFUi8ewod3jQAFA&vrg=299&pl_id=5262451558251934&e=v299,n60257202,publisher_ads,sra,fif,page_load,21061506,21061764,21062421,21062577&rt=start_ad_render_period.4.2161,start_ad_render_period.5.2195,start_ad_render_period.6.2201
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ortb
bid.contextweb.com/header/ Frame FD79 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Feb 2019 11:56:31 GMT
Server
nginx
CWDL
22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts03.pulse.prod
CW-Server
ams-bid00
Content-Length
0
/
endpoint8.dspbox.io/ Frame FD79 		35 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://endpoint8.dspbox.io/?t=impr&bwpr=0.085&uniq=f7e0ca33085c5c9f2db1b2bf12496e15
Protocol
HTTP/1.1
Server
88.214.194.130 , United Kingdom, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:56:31 GMT
Cache-Control
no-cache, no-store, max-age=0, private, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
35
Content-Type
image/gif; charset=utf-8
/
s5e.decenterads.com/ Frame FD79 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s5e.decenterads.com/?win=impr&price=0.102&prt=58_e338e67c6fc51cee4fb31b6bb9554fa0&t=banner&uniq=d049a1b0c7f67a847da2a6b2e9783709
Protocol
HTTP/1.1
Server
204.62.12.59 Clifton, United States, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:57:54 GMT
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
lg.php
ads.ad4game.com/www/delivery/ Frame FD79 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=496475&campaignid=25017&zoneid=66613&bn=a4g_dsp&bid=0.085&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjYxMywiYmFubmVyIjo0OTY0NzUsImJpZCI6MC4wODUsImV4cCI6MTU0OTAyMjI1MH0.0GBa004bSBJn-tg-V93y_VQS_idvrsqBZGOhJlYUL1E&tag=asyncjs&ib=0&cb=OTk1YmI3MjlkMmM3&ev=3.3&tagi=2019-01-21T12-12&if=1&sf=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12062
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
endpoint8.dspbox.io/ Frame FD79 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://endpoint8.dspbox.io/?t=nurl&bwpr=0.085&uniq=f7e0ca33085c5c9f2db1b2bf12496e15&notify=http%3A%2F%2Fs5e.decenterads.com%2F%3Fwin%3Dnurl%26sp%3D0.102%26t%3Dbanner%26uniq%3Dd049a1b0c7f67a847da2a6b2e9783709
Protocol
HTTP/1.1
Server
88.214.194.130 , United Kingdom, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 01 Feb 2019 11:56:31 GMT
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FD79 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXMyqr-0OfazeuD1zA8Vw2epVWdXOLEBUwMMo3pn-LGwxYH2mZDmQPloG22yyeSboqckbtVFT-1z5tAwZnXV9plRp93XL5Z_Ty_XY&sig=Cg0ArKJSzB24oDEoqfS_EAE&adk=1432691387&tt=1429&bs=1600%2C1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&p=70,315,160,1285&mcvt=1018&rs=3&ht=0&tfs=474&tls=1492&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1549022190252&rpt=548&isd=0&msd=0&lm=2&oseid=3&ps=1600%2C1200&ss=1600%2C1200&pt=64&deb=1-3-3-6-16-64-48-14&tvt=1463&r=v&id=osdim&uc=16&upc=11&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=970x90&v=20190128
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6BB 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgzd3fyLb2SPN0k2xH06i-RISo4-iDf5CqPHV5LUU5sNO-GDwUXgRO5AnW8EtY935975R1LjMDsIyF-jThwms1Vi5JYBhNaca92Lk&sig=Cg0ArKJSzGa_MtTZBLoTEAE&adk=518174652&tt=1429&bs=1600%2C1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&p=595,436,685,1164&mcvt=1018&rs=3&ht=0&tfs=474&tls=1492&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1549022190266&rpt=549&isd=0&msd=0&lm=2&oseid=3&ps=1600%2C1200&ss=1600%2C1200&pt=64&deb=1-3-3-6-16-64-48-14&tvt=1463&r=v&id=osdim&uc=14&upc=10&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=728x90&v=20190128
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
worker.nude.js
st.prntscr.com/2019/02/01/0113/js/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/worker.nude.js
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/02/01/0113/js/script.mix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

date
Fri, 01 Feb 2019 11:56:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:36 GMT
server
cloudflare
status
200
etag
W/"5c539db8-ad9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://prnt.sc
cache-control
max-age=1800
cf-ray
4a243c3d1acf9c4d-AMS
expires
Fri, 01 Feb 2019 12:22:14 GMT
82a2982a-7484-49b2-aa54-53342072e2db
https://prnt.sc/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BB6A 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxi_kWxiBC74dqixE-oHe42YoXAzlrKvuVu0O8DZStEkiARubEPuqdovfBMpQdUQ9D8hj_imiNERNryOGJQaKyxXFkIGK-8nW9vXk&sig=Cg0ArKJSzKgh8Kcz5hbOEAE&adk=4042975291&tt=2037&bs=1600%2C1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&p=717,315,967,615&mcvt=1016&rs=3&ht=0&tfs=1084&tls=2100&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1549022190283&rpt=1123&isd=0&msd=0&lm=2&oseid=3&ps=1600%2C1200&ss=1600%2C1200&pt=64&deb=1-3-3-10-22-64-66-20&tvt=2071&r=v&id=osdim&uc=20&upc=10&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=300x250&v=20190128
Requested by
Host: prnt.sc
URL: https://prnt.sc/mf6fkz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:32 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:56:33 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
49
X-Served-By
cache-hhn1536-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-df6978777-7sqqs
X-Cache-Hits
0

Redirect headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:33 GMT
server
HTTP server (unknown)
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
www.google.com/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/csi?v=3&s=gpt&action=ad_events&it=ad_render_period.4.1192,nres.4.13,tts.4.272&srt=9561&vrg=299&pl_id=5262451558251934&e=v299,n60257202,publisher_ads,sra,fif,page_load,21061506,21061764,21062421,21062577&rt=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
cdn.ad4game.com/ Frame BB6A 		97 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5334348&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=66549&b=1&x=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4

Request headers

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:31 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
36182
referrer-policy
no-referrer
last-modified
Mon, 21 Jan 2019 02:16:09 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"5c452b69-1845b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
ortb
bid.contextweb.com/header/ Frame BB6A 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Feb 2019 11:56:34 GMT
Server
nginx
CWDL
22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts03.pulse.prod
CW-Server
ams-bid06
Content-Length
0
5d6b4ef9764c59dd45fdd58b2e654801.gif
cdn.ad4game.com/ Frame BB6A 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/5d6b4ef9764c59dd45fdd58b2e654801.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
29aab34c608fd77a7c8d30f0d368104efa8e5de79e317563b519018d843c05e1

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Fri, 01 Feb 2019 11:56:34 GMT
referrer-policy
no-referrer
last-modified
Mon, 19 Dec 2016 11:44:43 GMT
server
nginx
x-serveraddr
10.100.0.138
etag
"5857c82b-186aa"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
100010
lg.php
ads.ad4game.com/www/delivery/ Frame BB6A 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=494198&campaignid=24838&zoneid=66549&bn=ad4game&bid=0.010473953228362&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjU0OSwiYmFubmVyIjo0OTQxOTgsImJpZCI6MC4wMTA0NzM5NTMyMjgzNjE2NDUsImV4cCI6MTU0OTAyMjI1NH0.Sc50Ybp2kDAA3VVTQvmls9GGPiGub6TaCYllqNjGMZo&tag=asyncjs&ib=0&cb=MzFhYWZjNjJmNTUz&ev=3.3&tagi=2019-01-21T12-12&if=1&sf=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/mf6fkz
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Fri, 01 Feb 2019 11:56:34 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12065
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame FD79
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:56:34 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
49
X-Served-By
cache-hhn1536-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-df6978777-7sqqs
X-Cache-Hits
0

Redirect headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:34 GMT
server
HTTP server (unknown)
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
www.google.com/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/csi?v=3&s=gpt&action=ad_events&it=ad_render_period.6.3883,nres.6.11,tts.6.263&srt=9561&vrg=299&pl_id=5262451558251934&e=v299,n60257202,publisher_ads,sra,fif,page_load,21061506,21061764,21062421,21062577&rt=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame BB6A
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/mf6fkz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:56:37 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
49
X-Served-By
cache-hhn1536-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-df6978777-7sqqs
X-Cache-Hits
0

Redirect headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:56:37 GMT
server
HTTP server (unknown)
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESECS6QGL8Z-mT8p77q-fXm_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.ad4game.com
URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1208831&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fmf6fkz&c=UTF-8&z=66610&b=1&x=1
Domain
prnt.sc
URL
blob:https://prnt.sc/82a2982a-7484-49b2-aa54-53342072e2db

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| $jscomp object| galleryConfig function| loadTemplate function| fillTemplate object| htmlHelper function| getQueryParam function| mysqlDateTimeToJSDate object| prntscrAPI object| loginConfig object| multiLoginSystem function| prettyDate number| maxId_p number| maxId string| searchQuery object| twittsShown object| PrettyDate function| renamePrntsc function| replaceURLWithHTMLLinks function| replaceMentionsWithHTMLLinks function| replaceHashWithHTMLLinks function| expandShortUrls function| htmlspecialchars_decode function| addTwittsFound function| twitterFill undefined| twitterProcessJSON function| twitter function| Spinner string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| loadImageById function| loadImageByElement function| scanImage function| resultHandler object| nude object| jQuery182006538057595055502 object| FB object| __twttrll object| twttr object| __twttr object| prebidJs object| node object| googletag function| isScriptLoaded number| a4gDReady function| pbjsChunk object| pbjs object| __core-js_shared__ boolean| a4gPrebidLoaded number| PREBID_TIMEOUT number| PREBID_FAILSAFE_TIMEOUT object| slots object| adUnits function| sendAdserverRequest object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming undefined| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

4 Cookies

Domain/Path Name / Value
.prnt.sc/ Name: _gat
Value: 1
.prnt.sc/ Name: _gid
Value: GA1.2.586612771.1549022188
.prnt.sc/ Name: _ga
Value: GA1.2.1625331810.1549022188
.prnt.sc/ Name: __cfduid
Value: dc1c558c27084f3884a5131fb0f95dbf81549022187

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ad4game.com
adservice.google.com
adservice.google.de
api.prntscr.com
bh.contextweb.com
bid.contextweb.com
cdn.ad4game.com
cm.g.doubleclick.net
connect.facebook.net
endpoint8.dspbox.io
image.prntscr.com
pagead2.googlesyndication.com
platform.twitter.com
prnt.sc
prntscr.com
s5e.decenterads.com
securepubads.g.doubleclick.net
st.prntscr.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
ads.ad4game.com
prnt.sc
104.20.13.105
104.20.14.105
104.27.100.99
151.101.0.166
151.139.242.3
172.217.22.66
192.207.255.146
192.207.255.147
199.16.156.120
204.62.12.59
216.58.207.66
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:815::2002
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:819::2004
2a00:1450:400c:c08::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
74.214.194.134
88.214.194.130
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808
01f0f8fc74c08c836acaf7bdcc6f76681bbf859b286eee9c81876662b5707127
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f85b0295d6a5c96aceece7240b0f476cf58fd403193c02c0427102bfd53771
0a9839c014d128d2e81cf05b65a2599ef64dbd944b39177cc36351b8645c1f33
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4
1773dc9aa405f88c112dd6aebfe8ca32bcb2dfb4dfd9095decb289c00b53250f
17ec48cd1b911009e0bd383d9ecc615a37c724e01b85d7c8b99559d06b0f6a96
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359
29aab34c608fd77a7c8d30f0d368104efa8e5de79e317563b519018d843c05e1
2a45c52bcc577c72fa9d000883bfae7234da9bfbfd4c5d1c9ef1794a24aefde3
32e1e6aec5fcf9dacb6b8d701e08661b30b269ee8497fc56c878626d6ce2db3d
3956e6d3c97947d493337b200b08e5e3c5e35b115bdb6d75f30cb7f49ce71df9
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
422b72757b53200b2981b2d4fdb0f012ba629bf652454fd5c18b9993d6ab56ee
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5080c1cdb7cfbd769ba5b602cf11b015d8892d290966b9776e83158f8abef9b4
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89
90a01a8b4ae45ad9cf1dea505cc7139c567939e4b9bb28cd9973ba6f72857914
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
9431fad3bf3ad71b704acadaf8bf4c2064f18c69a3ad31daf969a9a68833181c
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102
a45086739e84ef2f08a71c81711e7d2767a17c5dbaa61e3b4076eaa89d6db6e7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e
b2e30d33778ecbaf23590b76c45b87c100276be1a19578b5b00aa2e393bf8acd
b633033729ec5192fda264a8a84d7e86b8b2b20099b6e3ea8f088a173e1ffc7b
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758
c10614fd7d06ec10eea70d6fb12ded13aa9e0d26b9fa8b25602dbc936d2b5ad8
c5b422b6ec3fc81092b87774f21f33fc2f96f1eadae36efbc840eda2eb5179bb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d8fd5068b3b6b2d3066c3293d1547225a6826fcc7f8d2ae6bb5efd7f0a079e43
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
e11f93af8f5989923a1b020617868ecd370ce47ea7e1fcf21a6ae8267c198302
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2139e2ce4aa36bb28d305d2e3a3f10be3cf14ce0a41f68b95360c1290cd0d3a
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729