prnt.sc Open in urlscan Pro
172.67.72.27  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

• https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e20f7e2a6f5a%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&locale=en_US&migrated=1&sdk=joey&width=NaN&xid=2bou20f HTTP 302
• https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e20f7e2a6f5a%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&locale=en_US&migrated=1&sdk=joey&width=NaN&xid=2bou20f

Request Chain 52

• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&dcc=t

Request Chain 65

• https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
• https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=13cda7cf-50e7-40d8-9a4c-771990348fa1

Request Chain 66

• https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=4450900DE1C740AEA4EA10485789EEE6&ex=simpli.fi&status=ok

Request Chain 67

• https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
• https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
• https://sync.outbrain.com/sync-external?uid=mcvQ2Ku_hr4wUZ1oX28q&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLNMN3FCMSLOVPWQ4RUO5KVUMLPLAZDQ4I HTTP 302
• https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLNMN3FCMSLOVPWQ4RUO5KVUMLPLAZDQ4I%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3Dq_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH%26uid%3D HTTP 302
• https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLNMN3FCMSLOVPWQ4RUO5KVUMLPLAZDQ4I%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3Dq_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH%26uid%3D HTTP 302
• https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLNMN3FCMSLOVPWQ4RUO5KVUMLPLAZDQ4I&p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=q_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH&uid=2848f734-9b16-4d2f-8093-baf853d9543e HTTP 302
• https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLNMN3FCMSLOVPWQ4RUO5KVUMLPLAZDQ4I&p=15268&obUid=q_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s HTTP 302
• https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LN52RZ9H-1U-2CO8&obUid=q_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH&initiator=s2s&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA

Request Chain 68

• https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 71

• https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Hc2dBY2poRTJ1SXNXM1NtTTBSWEdweVJYT0FyNngxSX5B

Request Chain 72

• https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
• https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4fdbcacad02204b0&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABqlnzjxESOQMalZZUAAAAAAA&expiration=1696106834&is_secure=true

Request Chain 74

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRc30kivLYQSPUthl-iJUAAADaMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZRc30kivLYQSPUthl-iJUAAADaMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL2mXhUffGCFnAP0-nfRzZU&google_cver=1

Request Chain 75

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRc30kivLYQSPUthl.iJUAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFx9P8wrFRlr62-cAetbZOE&google_cver=1&google_hm=2

Request Chain 76

• https://match.adsrvr.org/track/cmf/casale HTTP 302
• https://match.adsrvr.org/track/cmb/casale HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b394d0c5-8a1a-4338-b204-f77c875cd736&expiration=1698612435&gdpr=0&gdpr_consent=

Request Chain 79

• https://ad.turn.com/r/cs?pid=21 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3473910196971058608

Request Chain 80

• https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
• https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=8b987880-65af-4337-ae71-b6372a366d9e

Request Chain 81

• https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd8eeb24-0032-4631-bfac-669bcc15a931&expiration=1727642836

Request Chain 84

• https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LN52RZ9H-1U-2CO8 HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=LN52RZ9H-1U-2CO8&ex=d-rubiconproject.com&status=ok

Request Chain 85

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b394d0c5-8a1a-4338-b204-f77c875cd736&gdpr=0&gdpr_consent=&expires=30

Request Chain 86

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOG8QFeKzQxdmXb_6RE4mI&google_cver=1

Request Chain 87

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/_0Lh89EMZIoKttL5h0CYw8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Wk2P4tBE2oJMa.uYs9aaMxt4IBrntbZKIIKQUA--~A

Request Chain 88

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE41MlJaOUgtMVUtMkNPOA== HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHe5ej2drX4zzl6VirttsFg&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41MlJaOUgtMVUtMkNPOA==&google_push=

Request Chain 89

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxMzk5MTMzZjQ5MWZkYjk5ODgxYjJmYTgyYjZiYjM2MDQwYTM3Mg

Request Chain 90

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tk7RYZj9Sp-m69iYOHm7Iw&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tk7RYZj9Sp-m69iYOHm7Iw

Request Chain 91

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN52RZ9H-1U-2CO8

Request Chain 94

• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
• https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LN52RZ9H-1U-2CO8

Request Chain 95

• https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=41da62e9-3dc5-4f2f-b77a-ba4c7a00ae50&expires=30

Request Chain 96

• https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN52RZ9H-1U-2CO8 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN52RZ9H-1U-2CO8

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request lN4pKrL87Oem Show response prnt.sc/	16 KB 5 KB	209ms 161ms	Document text/html	172.67.72.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.27 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f83f8cc9cc7d137d696d4e58aaf067e4729c2e940ad37d88c563773e2efb2447 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80e7147afe0f39f8-YYZ content-encoding br content-type text/html; charset=UTF-8 date Fri, 29 Sep 2023 20:47:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvauhAlmEqEeiYUwwZ2bcYDK3rg5qqc1HwR%2BpRBRLSfMwfz6YeqwxCF3NP7zNGDaRoIDYjuzVaXY1Nmh2vfFBvPGT%2BAVhIs8vzO5utWpwldq75w%2BphaKhF4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN
GET H2	200	main.css st.prntscr.com/2023/07/24/0635/css/	57 KB 9 KB	77ms 33ms	Stylesheet text/css	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st.prntscr.com/2023/07/24/0635/css/main.css Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54b860b5d4930dabf878206983a139233e0782d2e34db562fc9931b8c08aa21b Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jul 2023 06:36:43 GMT server cloudflare age 1798 etag W/"64be1bfb-23a0" vary Accept-Encoding content-type text/css cache-control max-age=1800 cf-ray 80e7147c4f4e39d7-YYZ alt-svc h3=":443"; ma=86400 expires Fri, 29 Sep 2023 20:28:35 GMT
GET H2	200	jquery.1.8.2.min.js Show response st.prntscr.com/2023/07/24/0635/js/	91 KB 34 KB	113ms 69ms	Script application/javascript	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st.prntscr.com/2023/07/24/0635/js/jquery.1.8.2.min.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jul 2023 06:36:43 GMT server cloudflare age 1798 etag W/"64be1bfb-827c" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 cf-ray 80e7147c4f4f39d7-YYZ alt-svc h3=":443"; ma=86400 expires Fri, 29 Sep 2023 20:27:31 GMT
GET H2	200	script.mix.js Show response st.prntscr.com/2023/07/24/0635/js/	69 KB 24 KB	79ms 35ms	Script application/javascript	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st.prntscr.com/2023/07/24/0635/js/script.mix.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3d2ac9e0afbc83f6b4c39cff3db79ecf892df90b8c874bd0e2a43ba1b1c3069 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jul 2023 06:36:43 GMT server cloudflare age 1798 etag W/"64be1bfb-5e8f" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 cf-ray 80e7147c4f5139d7-YYZ alt-svc h3=":443"; ma=86400 expires Fri, 29 Sep 2023 20:17:37 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	241 KB 84 KB	198ms 125ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-STH272KG8X Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash 1e0e5058c16524884a97625c80f4d78d3a4d14e42b6871501aa353c92d7720f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85701 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 29 Sep 2023 20:47:13 GMT
GET H2	200	V_1x9DlfQvqIC2oDePEN9g.jpeg img001.prntscr.com/file/img001/	36 KB 37 KB	103ms 97ms	Image image/jpeg	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img001.prntscr.com/file/img001/V_1x9DlfQvqIC2oDePEN9g.jpeg Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 767a5e2dbab142f12002a2498d1160037c68e792252f2d735e560d2c91fc668e Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT x-bz-file-id 4_z51bcbe33c7b20fe37efb0b11_f106d2b5f3ea33987_d20230925_m122020_c004_v0402018_t0029_u01695644420773 cf-polished origSize=41147 x-bz-content-sha1 52963bf0eb812f8c55d1cc10a6807e0e4d922a15 x-bz-file-name V_1x9DlfQvqIC2oDePEN9g.jpeg alt-svc h3=":443"; ma=86400 content-length 37202 x-bz-upload-timestamp 1695644420773 cf-bgj imgq:100,h2pri last-modified Fri, 29 Sep 2023 16:44:27 GMT server cloudflare vary Accept-Encoding content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 80e7147d08af39d7-YYZ
GET H2	200	lN4pKrL87Oem prnt.sc/	16 KB 16 KB	44ms 42ms	Image text/html	172.67.72.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://prnt.sc/lN4pKrL87Oem Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.27 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/lN4pKrL87Oem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhCkFWYbxijmBUtfJKQJkprWQ%2BhtpLvG%2FaCiy4zFigaiq8KR324JQCet9MGnEPV22dL94xf6uh02zkzdkRufmwJzZnVFHHwirxkJ8JnYUAZOD3nkv0Ajv%2B4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 80e7147cf8d639f8-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	image-helper.js Show response st.prntscr.com/2023/07/24/0635/js/	3 KB 1 KB	33ms 32ms	Script application/javascript	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st.prntscr.com/2023/07/24/0635/js/image-helper.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jul 2023 06:36:32 GMT server cloudflare age 1798 etag W/"64be1bf0-a2f" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 cf-ray 80e7147ca81539d7-YYZ alt-svc h3=":443"; ma=86400 expires Fri, 29 Sep 2023 20:20:18 GMT
GET H3	200	footer-logo.png st.prntscr.com/2023/07/24/0635/img/	588 B 875 B	33ms 32ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/footer-logo.png Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d41d75da99f35cf59d21a7d72e8ae0fed01ddab9cb173e567cbbdbbd29cf84b Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1530 cf-polished origFmt=png, origSize=1848 content-disposition inline; filename="footer-logo.webp" alt-svc h3=":443"; ma=86400 content-length 588 cf-bgj imgq:100,h2pri last-modified Sat, 16 Oct 2021 23:13:24 GMT server cloudflare etag "616b5c94-738" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147cf98b3a0a-YYZ expires Fri, 29 Sep 2023 20:28:22 GMT
GET H3	200	jquery.smartbanner.css st.prntscr.com/2023/07/24/0635/css/	4 KB 1 KB	37ms 37ms	Stylesheet text/css	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st.prntscr.com/2023/07/24/0635/css/jquery.smartbanner.css Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jul 2023 06:36:26 GMT server cloudflare age 1798 etag W/"64be1bea-ef0" vary Accept-Encoding content-type text/css cache-control max-age=1800 cf-ray 80e7147cd95a3a0a-YYZ alt-svc h3=":443"; ma=86400 expires Fri, 29 Sep 2023 20:23:44 GMT
GET H3	200	jquery.smartbanner.js Show response st.prntscr.com/2023/07/24/0635/js/	8 KB 3 KB	36ms 35ms	Script application/javascript	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st.prntscr.com/2023/07/24/0635/js/jquery.smartbanner.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jul 2023 06:36:43 GMT server cloudflare age 1798 etag W/"64be1bfb-aec" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 cf-ray 80e7147cf9873a0a-YYZ alt-svc h3=":443"; ma=86400 expires Fri, 29 Sep 2023 20:40:30 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	108ms 35ms	Script text/javascript	142.251.163.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f100.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 29 Sep 2023 20:30:26 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1007 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 29 Sep 2023 22:30:26 GMT
GET		choice.js quantcast.mgr.consensu.org/choice/n-ZGqfdsg5894/prnt.sc/	0 0
GET H3	200	page-bg.png st.prntscr.com/2023/07/24/0635/img/	5 KB 6 KB	33ms 33ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/page-bg.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51 Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1798 cf-polished origFmt=png, origSize=7116 content-disposition inline; filename="page-bg.webp" alt-svc h3=":443"; ma=86400 content-length 5608 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:43 GMT server cloudflare etag "64be1bfb-1a7b" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d098f3a0a-YYZ expires Fri, 29 Sep 2023 20:18:01 GMT
GET H/1.1	200 OK	async-ajs.min.js Show response cdn.ad4game.com/	3 KB 2 KB	134ms 32ms	Script application/javascript	23.46.150.73 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.ad4game.com/async-ajs.min.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.46.150.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-46-150-73.deploy.static.akamaitechnologies.com Software nginx / Resource Hash dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers X-servername ads.ad4game.com\ 80\ 81 Date Fri, 29 Sep 2023 20:47:13 GMT Content-Encoding gzip Last-Modified Mon, 25 Sep 2023 11:20:40 GMT Server nginx ETag "65116d08-ca8" Vary Accept-Encoding Content-Type application/javascript X-serveraddr 10.100.0.151 X-host cdn.ad4game.com Connection keep-alive Accept-Ranges bytes Alt-Svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 1404
GET H3	200	header-logo.png st.prntscr.com/2023/07/24/0635/img/	4 KB 4 KB	32ms 32ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/header-logo.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40ec0b04019845302a5052b4689b5d3477c9717dca73243e5faf7cf98f3af564 Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1798 cf-polished origFmt=png, origSize=7995 content-disposition inline; filename="header-logo.webp" alt-svc h3=":443"; ma=86400 content-length 4148 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:43 GMT server cloudflare etag "64be1bfb-1e52" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d09933a0a-YYZ expires Fri, 29 Sep 2023 20:25:07 GMT
GET H3	200	button-download.png st.prntscr.com/2023/07/24/0635/img/	314 B 602 B	46ms 46ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/button-download.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8 Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1798 cf-polished origFmt=png, origSize=1404 content-disposition inline; filename="button-download.webp" alt-svc h3=":443"; ma=86400 content-length 314 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:01 GMT server cloudflare etag "64be1bd1-57c" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d099a3a0a-YYZ expires Fri, 29 Sep 2023 20:43:57 GMT
GET H3	200	button-icon-sep.png st.prntscr.com/2023/07/24/0635/img/	40 B 326 B	47ms 46ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/button-icon-sep.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1798 cf-polished origFmt=png, origSize=928 content-disposition inline; filename="button-icon-sep.webp" alt-svc h3=":443"; ma=86400 content-length 40 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:01 GMT server cloudflare etag "64be1bd1-3a0" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d099c3a0a-YYZ expires Fri, 29 Sep 2023 20:31:45 GMT
GET H3	200	icon-twitter_gscale.png st.prntscr.com/2023/07/24/0635/img/	374 B 667 B	47ms 46ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/icon-twitter_gscale.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079 Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1798 cf-polished origFmt=png, origSize=1535 content-disposition inline; filename="icon-twitter_gscale.webp" alt-svc h3=":443"; ma=86400 content-length 374 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:01 GMT server cloudflare etag "64be1bd1-5ff" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d099f3a0a-YYZ expires Fri, 29 Sep 2023 20:35:45 GMT
GET H3	200	icon-facebook_gscale.png st.prntscr.com/2023/07/24/0635/img/	296 B 587 B	47ms 47ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/icon-facebook_gscale.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102 Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1798 cf-polished origFmt=png, origSize=1325 content-disposition inline; filename="icon-facebook_gscale.webp" alt-svc h3=":443"; ma=86400 content-length 296 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:01 GMT server cloudflare etag "64be1bd1-52d" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d09a03a0a-YYZ expires Fri, 29 Sep 2023 20:31:20 GMT
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	104ms 34ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 97479b1acef618a80396f185089706b4e51731bbc8da77af772e9002c67d1dc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 29 Sep 2023 20:47:13 GMT content-md5 FNkkRrBGz8SEg2Fec3qzyA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1688 x-fb-debug Zm0ySnorhqNsE+PsPWs+k0S49OZX8tx1aufcZ90iAgrCrZeD0V3gVR459szNNk5yi6FgoCg/1WYZRkHammftNg== x-fb-content-md5 060cce9e2364f0a37195b82d89730268 cross-origin-opener-policy same-origin-allow-popups etag "8a6c53b27272f8556705339a2e7927cb" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Fri, 29 Sep 2023 20:53:36 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	91 KB 28 KB	138ms 30ms	Script application/javascript	192.229.163.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.229.163.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8149) / Resource Hash 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Fri, 29 Sep 2023 20:47:13 GMT Content-Encoding gzip Age 274 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 27630 Last-Modified Tue, 24 Jan 2023 21:41:51 GMT Server ECS (cha/8149) Etag "9e99725b7a4cd730a934afba2a438bb5+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=1800
GET H3	200	icon-camera.png st.prntscr.com/2023/07/24/0635/img/	158 B 443 B	35ms 34ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/icon-camera.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89 Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 894 cf-polished origFmt=png, origSize=1089 content-disposition inline; filename="icon-camera.webp" alt-svc h3=":443"; ma=86400 content-length 158 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:01 GMT server cloudflare etag "64be1bd1-441" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d29c83a0a-YYZ expires Fri, 29 Sep 2023 20:57:49 GMT
GET H3	200	icon-abuse.png st.prntscr.com/2023/07/24/0635/img/	126 B 410 B	31ms 31ms	Image image/webp	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st.prntscr.com/2023/07/24/0635/img/icon-abuse.png Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359 Request headers accept-language en-CA,en;q=0.9 Referer https://st.prntscr.com/2023/07/24/0635/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT cf-cache-status HIT age 1798 cf-polished origFmt=png, origSize=327 content-disposition inline; filename="icon-abuse.webp" alt-svc h3=":443"; ma=86400 content-length 126 cf-bgj imgq:100,h2pri last-modified Mon, 24 Jul 2023 06:36:01 GMT server cloudflare etag "64be1bd1-147" vary Accept content-type image/webp cache-control max-age=1800 accept-ranges bytes cf-ray 80e7147d29ca3a0a-YYZ expires Fri, 29 Sep 2023 20:36:09 GMT
OPTIONS H2	204	/ api.prntscr.com/v1/ Frame	0 0	86ms 44ms	Preflight text/plain	104.23.140.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.prntscr.com/v1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://prnt.sc Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods POST, OPTIONS access-control-allow-origin https://prnt.sc access-control-max-age 86400 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80e7147d8eee54af-YYZ content-length 0 content-type text/plain charset=UTF-8 date Fri, 29 Sep 2023 20:47:13 GMT server cloudflare
POST H3	200	/ Show response api.prntscr.com/v1/	92 B 266 B	45ms 44ms	XHR application/json	104.23.139.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.prntscr.com/v1/ Requested by Host: st.prntscr.com URL: https://st.prntscr.com/2023/07/24/0635/js/jquery.1.8.2.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://prnt.sc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Content-Type application/json Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare access-control-allow-methods POST, OPTIONS content-type application/json access-control-allow-origin https://prnt.sc access-control-allow-credentials true cf-ray 80e7147ddae93a0a-YYZ access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept alt-svc h3=":443"; ma=86400
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 203 B	44ms 43ms	XHR text/plain	142.251.163.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=29293085&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=109115949&gjid=127874817&cid=515474429.1696020434&tid=UA-12353127-1&_gid=292921739.1696020434&_r=1&_slc=1&z=1582951121 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f100.1e100.net Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://prnt.sc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prnt.sc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	all.js Show response connect.facebook.net/en_US/	300 KB 84 KB	69ms 34ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=de5821165223a77c01a6601eb7b181fb Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash b90b1eacc779adb6c48182b4cf01ba4a081dcb2389c695b173e0edfb453d06f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://prnt.sc/ Origin https://prnt.sc accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 29 Sep 2023 20:47:13 GMT content-md5 BwXRkIIVltBpx211Me3nTQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 86140 x-fb-debug DoyS5A3rthTvNuKDhtgxB9Y2FecF7phn4i2i/KByPhF2tWUYdjauFYrs6Ygd89OSyumTaNp/U6tI86YYlH1iZw== x-fb-content-md5 94a3de0b34056bd7c54d8548a4f6c300 cross-origin-opener-policy same-origin-allow-popups etag "dd32b16329231973da0d83be53f07e12" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * priority u=3,i expires Sat, 28 Sep 2024 18:59:44 GMT
GET H3	200	prebid.js Show response cdn.ad4game.com/	261 KB 83 KB	125ms 42ms	Script application/javascript	23.46.150.73 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.ad4game.com/prebid.js Requested by Host: cdn.ad4game.com URL: https://cdn.ad4game.com/async-ajs.min.js Protocol H3 Security QUIC, , AES_256_GCM Server 23.46.150.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-46-150-73.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 733f44e4d42f00e0a8c267d516e9f6939d36f65ceb3bf851998475b9f6650d3f Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers x-servername ads.ad4game.com\ 80\ 81 date Fri, 29 Sep 2023 20:47:13 GMT content-encoding gzip last-modified Mon, 25 Sep 2023 11:20:40 GMT server nginx etag "65116d08-412ac" vary Accept-Encoding content-type application/javascript x-serveraddr 10.100.0.151 x-host cdn.ad4game.com accept-ranges bytes alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" quic-version 0x00000001
GET H/1.1	200 OK	async-ajs.php Show response ads.ad4game.com/www/delivery/	9 KB 3 KB	150ms 45ms	Script text/javascript	192.207.255.147 AS-MNX
General Check archive.org Show headers Download Go to Full URL https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g6528110&h=0&siteurl=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&c=UTF-8&z=60918,70076,60916&b=7&x=7 Requested by Host: cdn.ad4game.com URL: https://cdn.ad4game.com/async-ajs.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.207.255.147 , United States, ASN62821 (AS-MNX, US), Reverse DNS haproxy2.ad4game.com Software nginx / Resource Hash 05ea86456f6bf566b9c88bfa4e26ac934a40245c955e470020627ceec822b185 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers X-servername ads.ad4game.com\ 80\ 81 Pragma no-cache Date Fri, 29 Sep 2023 20:47:13 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/javascript; charset=UTF-8 P3P CP="CUR ADM OUR NOR STA NID" X-serveraddr 10.100.0.151 Cache-Control no-cache, no-store, must-revalidate X-host ads.ad4game.com Connection close Expires 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 343 B	114ms 43ms	XHR text/plain	142.250.31.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12353127-1&cid=515474429.1696020434&jid=109115949&gjid=127874817&_gid=292921739.1696020434&_u=IEBAAEAAAAAAACAAI~&z=1736657100 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f156.1e100.net Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://prnt.sc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 29 Sep 2023 20:47:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prnt.sc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response platform.twitter.com/widgets/ Frame 3F54	320 KB 104 KB	31ms 31ms	Document text/html	192.229.163.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fprnt.sc Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.229.163.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8169) / Resource Hash 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf Request headers Referer https://prnt.sc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 8208 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 105435 Content-Type text/html; charset=utf-8 Date Fri, 29 Sep 2023 20:47:13 GMT Etag "95e1b50b0c179aefb47b5b211bb347b5+gzip" Last-Modified Tue, 24 Jan 2023 21:41:13 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (cha/8169) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
POST H3	204	collect www.google-analytics.com/g/	0 17 B	45ms 44ms	Ping text/plain	142.251.163.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-STH272KG8X&gtm=45je39r0&_p=29293085&cid=515474429.1696020434&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696020433&sct=1&seg=0&dl=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&dt=Screenshot%20by%20Lightshot&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-STH272KG8X Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f100.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:13 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prnt.sc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	settings Show response syndication.twitter.com/ Frame 3F54	870 B 658 B	149ms 52ms	Fetch application/json	104.244.42.72 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=f0ae46a5bc0070cd85c565449ec7a8426b5a6ac7 Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fprnt.sc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.72 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash 8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language en-CA,en;q=0.9 Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers x-response-time 7 date Fri, 29 Sep 2023 20:47:13 GMT content-encoding gzip strict-transport-security max-age=631138519 last-modified Fri, 29 Sep 2023 20:47:13 GMT server tsa_b vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com x-transaction-id 314442dbcd5a6fb0 cache-control must-revalidate, max-age=600 access-control-allow-credentials true perf 7626143928 x-connection-hash d6ff7c826fde5d324f9a931e5ceca11f0055976af7598e9cae6aa4a25d0a7804 content-length 338
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	128ms 53ms	Image image/gif	172.253.115.104 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12353127-1&cid=515474429.1696020434&jid=109115949&_u=IEBAAEAAAAAAACAAI~&z=371474924 Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f104.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 408 B	120ms 48ms	Image image/gif	142.250.31.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12353127-1&cid=515474429.1696020434&jid=109115949&_u=IEBAAEAAAAAAACAAI~&z=371474924 Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	status www.facebook.com/x/oauth/	0 0	137ms 66ms	Fetch text/plain	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=154822244543652&input_token&origin=1&redirect_uri=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=de5821165223a77c01a6601eb7b181fb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload date Fri, 29 Sep 2023 20:47:13 GMT x-content-type-options nosniff nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 pragma no-cache x-fb-debug g36nxPrLOY3RARE4AuoKZzlEhEtO8Kvn1bdNm640QQ8JnIXu53/2oPKWJFYS217sRKCjYzCh+zs50nzRo8BRaQ== fb-s unknown report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"} content-type text/plain; charset=UTF-8 access-control-allow-origin https://prnt.sc origin-agent-cluster ?0 access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	prebid.js Show response cdn.ad4game.com/	261 KB 83 KB	43ms 42ms	Script application/javascript	23.46.150.73 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.ad4game.com/prebid.js Requested by Host: ads.ad4game.com URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g6528110&h=0&siteurl=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&c=UTF-8&z=60918,70076,60916&b=7&x=7 Protocol H3 Security QUIC, , AES_256_GCM Server 23.46.150.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-46-150-73.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 733f44e4d42f00e0a8c267d516e9f6939d36f65ceb3bf851998475b9f6650d3f Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers x-servername ads.ad4game.com\ 80\ 81 date Fri, 29 Sep 2023 20:47:13 GMT content-encoding gzip last-modified Mon, 25 Sep 2023 11:20:40 GMT server nginx etag "65116d08-412ac" vary Accept-Encoding content-type application/javascript x-serveraddr 10.100.0.151 x-host cdn.ad4game.com accept-ranges bytes alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" quic-version 0x00000001
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	98 KB 29 KB	132ms 56ms	Script text/javascript	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: ads.ad4game.com URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g6528110&h=0&siteurl=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&c=UTF-8&z=60918,70076,60916&b=7&x=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software cafe / Resource Hash 75c63d3728bd6502c6fa4b214dfd599cfe69e0b83075208512a834e8f87ee099 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:13 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29354 x-xss-protection 0 server cafe etag 770 / 19629 / 31078333 / config-hash: 3736786561931931631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 29 Sep 2023 20:47:13 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	255 KB 63 KB	109ms 39ms	Script application/javascript	18.67.67.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ads.ad4game.com URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g6528110&h=0&siteurl=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&c=UTF-8&z=60918,70076,60916&b=7&x=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.67.228 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-67-228.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 79bc00b1ba3e228fe806d7ddfc0bd9a9b9eb904701a35d6dc435932c0b17c1e3 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:10:19 GMT content-encoding gzip via 1.1 dfbe3a6f5b354f9a5f95a5a6814ce14e.cloudfront.net (CloudFront), 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront) last-modified Thu, 21 Sep 2023 19:18:10 GMT server AmazonS3 x-amz-cf-pop IAD89-P2, IAD89-P1 age 2215 x-amz-server-side-encryption AES256 etag W/"1e9fb8c04a3987274adf2a65103a9f65" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id b4U9oXLjLmpfxkimAgxa0im8DTYwjrhkwWWJvUoQGOv9JOKc2R1Big==
GET H/1.1	200 OK	bid Show response ads.ad4game.com/v1/	200 B 685 B	107ms 44ms	XHR application/json	192.207.255.147 AS-MNX
General Check archive.org Show headers Download Go to Full URL https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&size=970x90%3B970x90%3B300x250&id=2f9917afb84518%3B3eaea2325e2482%3B448b58eb79dbdd&zoneId=60918%3B70076%3B60916 Requested by Host: cdn.ad4game.com URL: https://cdn.ad4game.com/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.207.255.147 , United States, ASN62821 (AS-MNX, US), Reverse DNS haproxy2.ad4game.com Software nginx / Resource Hash 6fb45fd50612ed6bf52b555074ab8d76e2916fcd0a05eed5716aaf66dd164799 Request headers Referer https://prnt.sc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Content-Type text/plain Response headers Date Fri, 29 Sep 2023 20:47:13 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding, User-Agent Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://prnt.sc Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Credentials true Connection close Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type X-Application-Context application:12065
GET H/1.1	200 OK	button.e7f9415a2e000feaab02c86dd5802747.js Show response platform.twitter.com/js/	8 KB 3 KB	30ms 30ms	Script application/javascript	192.229.163.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.229.163.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8149) / Resource Hash ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Fri, 29 Sep 2023 20:47:13 GMT Content-Encoding gzip Age 13772 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 2618 Last-Modified Tue, 24 Jan 2023 21:41:06 GMT Server ECS (cha/8149) Etag "506673dbdb9085e7201e137e893cc152+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=315360000
GET H2	200	852e3ca3-c387-44e4-a5c1-67c46495a8c4 Show response config.aps.amazon-adsystem.com/configs/	537 B 814 B	106ms 34ms	Script application/javascript	18.160.10.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/852e3ca3-c387-44e4-a5c1-67c46495a8c4 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.10.20 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-10-20.iad12.r.cloudfront.net Software CloudFront / Resource Hash 3a34534c84a7aee5334ddcfd28edc05d94ad88c2590ec1e81ed0c3997a097388 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 19:53:09 GMT via 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop IAD12-P3 age 3245 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 537 x-amz-cf-id MiPWj_4jJMXy2xwHLVVBw-LQEqtDOTmPyr2JI-C8p6xn2Bde-N5bog==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 305 B	34ms 34ms	XHR text/plain	18.67.67.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fprnt.sc&pubid=852e3ca3-c387-44e4-a5c1-67c46495a8c4 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.67.228 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-67-228.iad89.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 19:25:36 GMT via 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront) server Server x-amz-cf-pop IAD89-P1 age 4896 x-cache Hit from cloudfront access-control-allow-origin https://prnt.sc cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id AIg8-jqGv7n0Eo1WNUBrrMMmV7qJS9R0hQK5gJvDbzD6CU8lKnw0vQ==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	104ms 35ms	XHR application/javascript	18.67.67.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.67.228 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-67-228.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront) date Fri, 29 Sep 2023 12:04:49 GMT x-amz-cf-pop IAD89-P1 age 31346 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id HaPZW8QNMuZlT796dCiVfXreD7nDaUKAXvfybejgUCIDTszxvDlIgQ==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/	413 KB 131 KB	117ms 34ms	Script text/javascript	142.251.167.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f156.1e100.net Software cafe / Resource Hash 51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 10:36:35 GMT content-encoding br x-content-type-options nosniff age 36639 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 133452 x-xss-protection 0 server cafe etag 5291400228273913750 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 28 Sep 2024 10:36:35 GMT
GET H/1.1	200 OK	tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response platform.twitter.com/widgets/ Frame 5A65	37 KB 14 KB	31ms 31ms	Document text/html	192.229.163.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.229.163.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8149) / Resource Hash a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b Request headers Referer https://prnt.sc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 13770 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 13592 Content-Type text/html; charset=utf-8 Date Fri, 29 Sep 2023 20:47:13 GMT Etag "28919252629e2fa1d4ed52f48cb66ac0+gzip" Last-Modified Tue, 24 Jan 2023 21:41:10 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (cha/8149) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H2	200	embeds syndication.twitter.com/i/jot/	43 B 100 B	53ms 53ms	Image image/gif	104.244.42.72 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1696020433956%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f0ae46a5bc0070cd85c565449ec7a8426b5a6ac7 Requested by Host: prnt.sc URL: https://prnt.sc/lN4pKrL87Oem Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.72 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers x-response-time 7 date Fri, 29 Sep 2023 20:47:13 GMT strict-transport-security max-age=631138519 last-modified Fri, 29 Sep 2023 20:47:13 GMT server tsa_b vary Origin content-type image/gif x-transaction-id 2e37e84713a65754 cache-control must-revalidate, max-age=600 perf 7626143928 x-connection-hash d6ff7c826fde5d324f9a931e5ceca11f0055976af7598e9cae6aa4a25d0a7804 content-length 43
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	155 B 589 B	238ms 138ms	XHR text/javascript	18.160.23.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&pid=OeSQXaX0DhW8Z&cb=0&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1541521046796-0%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F60257202%2C223453672%2F60918%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1587546486819-0%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F60257202%2C223453672%2F70076%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1540305079348-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F60257202%2C223453672%2F60916%22%7D%5D&pubid=852e3ca3-c387-44e4-a5c1-67c46495a8c4&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.23.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-23-201.iad12.r.cloudfront.net Software Server / Resource Hash ead4c73f311bc59207fd494361e66e2f4ad44ac5d10c40a0f55422c1039e149d Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://prnt.sc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront) server Server x-amz-cf-pop IAD12-P4 x-amz-rid H40XMAWW4K5XBB10CCAB vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://prnt.sc access-control-allow-credentials true timing-allow-origin * content-length 155 x-amz-cf-id 1mpEy-r0QT0_3dLRuAWO4lwIdG3j0zpDRVFPw-BcQjUU7A1QpXGgog==
GET DATA	200 OK	truncated / Frame 5A65	822 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame 03F7	49 KB 16 KB	234ms 233ms	Document text/html	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26418ba2e57ad8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=de5821165223a77c01a6601eb7b181fb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software / Resource Hash f0955f9d9a7f326694f07584a11ee8786e39b1f0bc3fc59f16bc59abb5cefdea Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://prnt.sc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 29 Sep 2023 20:47:14 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} origin-agent-cluster ?0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() pragma no-cache report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug ecfS8Z9hAjyoi5kZSn+AKvWytfq/6PZxpQoX4CvlnH8p6RgKmiIEtRDEHYOUBDGkdNsv6EtTBcNq0eBq/YIknA== x-xss-protection 0
GET H3	200	feedback.php www.facebook.com/plugins/ Frame 2204 Redirect Chain https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e20f7e2a6f5a%26domain%3Dprnt.s... https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e20f7e2a6f5a%26domain%3Dprnt.s...	0 0	84ms 83ms	Document text/html	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e20f7e2a6f5a%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&locale=en_US&migrated=1&sdk=joey&width=NaN&xid=2bou20f Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=de5821165223a77c01a6601eb7b181fb Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://prnt.sc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy same-origin date Fri, 29 Sep 2023 20:47:14 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} origin-agent-cluster ?0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() pragma no-cache priority u=0,i report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug 9EjoCDhoYF1vX0HhOMLmlpxGSZRGb+cU2EGYn9k7RLe2pl/qLOrEvbqb9JU59+H9+LBRIufnPkpFznYgYcXnqg== x-frame-options DENY x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=86400 content-length 0 content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups date Fri, 29 Sep 2023 20:47:14 GMT location https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e20f7e2a6f5a%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&locale=en_US&migrated=1&sdk=joey&width=NaN&xid=2bou20f origin-agent-cluster ?0 strict-transport-security max-age=15552000; preload x-fb-debug 2m53dXY6nkGnzmQTGyuBCMxMUCCV3kK/in3HGjEwSbNbkEKWHzWjoPSRS2otf2eMuVWiowecI6doFmCvVGDWbw==
GET H2	200	like_box.php Show response www.facebook.com/plugins/ Frame 9D30	41 KB 15 KB	122ms 122ms	Document text/html	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=de5821165223a77c01a6601eb7b181fb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software / Resource Hash d3fc9b34bf94486a08f6714487f2405418621a69f9550b7d9871d2b3023b4863 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://prnt.sc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 29 Sep 2023 20:47:14 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} origin-agent-cluster ?0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() pragma no-cache report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug 6VmZ8MB6QnSb80EiTwsRoI6PK2sNw5ZYP8GROMCpzafxZNuCWoU/rrv6ZjXumWIRACPr0F24vWuf6dEfwfDGnQ== x-xss-protection 0
GET H/1.1	200 OK	iu3 Show response s.amazon-adsystem.com/ Frame B7F0 Redirect Chain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&dcc=t	325 B 1 KB	58ms 57ms	Document text/html	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash bfe677d823381468298d3507a41a75b99c7834fecad7864d56bec095ea3d9de7 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://prnt.sc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 325 Content-Type text/html;charset=ISO-8859-1 Date Fri, 29 Sep 2023 20:47:14 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid YJ9Q41PNS9SKFSK5CNJM Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Fri, 29 Sep 2023 20:47:14 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid PA9R6ZY62EMAC5HQCK60
GET H2	200	dI4IGAGAFHD.css static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame 9D30	25 KB 7 KB	110ms 35ms	Stylesheet text/css	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/dI4IGAGAFHD.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash ef0e6ec1b39cd62cdefd51775e3660615bfb129f42cd681aaae8a3646e846708 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT content-encoding br x-content-type-options nosniff content-md5 YMfENf1pSCprumuRd10msg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6297 x-fb-debug tIsnOb1B0aAzMAvmY4XQjp/9N+SBIfajUt9DNd6x+pMrsH1IyiIhnoZ2FWHnNstjTrIGM+lmee68zKupiO9zfg== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 28 Sep 2024 17:50:56 GMT
GET H2	200	e_Kj5Xrx7lO.js Show response static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 9D30	316 KB 85 KB	122ms 47ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/e_Kj5Xrx7lO.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 82f6eb070796ef452d2cfb962ae1c94e7e5fe91b2b31ef839872fd9ba9ef64ee Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT content-encoding br x-content-type-options nosniff content-md5 7suckTinbYLqcYhIH7eZVA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 86294 x-fb-debug yxwIrkSKhOGsd5ncTBefewnlcrjSgpIN+hrZhR5FY+ABExOl0r0NyS1BaY9FLowWR4Lj3K5fslDD62TXSsnSdQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Thu, 26 Sep 2024 21:44:04 GMT
GET H2	200	hE7AGUevGQ0.js Show response static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 9D30	7 KB 2 KB	156ms 81ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/hE7AGUevGQ0.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 810ca9b560f154784c1f1ba5851fd7f727c272d55c2522a3e8d1c627d6881b5a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT content-encoding br x-content-type-options nosniff content-md5 TgV2gECEtJtr2Yof5YcksQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2209 x-fb-debug MWBHQpnKstAXOEL0+/1jRVBhg+1/zkkiOXT+kwHCGf9npMv/3s8xsyiEUpxxP3v5wLthFLmS9+79Nzpm0nYd0Q== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 28 Sep 2024 17:05:11 GMT
GET H2	200	gbZcNcIOK-B.js Show response static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 9D30	95 KB 27 KB	122ms 47ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/gbZcNcIOK-B.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 2af7140c4dcfddf465fb46c8d392ea551c1a1f06831bbb82a969cf69e12589b4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT content-encoding br x-content-type-options nosniff content-md5 8wAGELOtlH6He7KbUlEeUA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27730 x-fb-debug GU4C3WdNXFRJnALO4lG/YaDxOQwt8ih+D1U0toOyv7w0J1NXYNF3MOk1hQJieQsjiKm+j7inWkVLT1Qfrv9LAg== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 28 Sep 2024 04:38:41 GMT
GET H2	200	LtldIZDxOfc.js Show response static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/ Frame 9D30	102 KB 30 KB	155ms 81ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/LtldIZDxOfc.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 763b2f1f8546d13171eaa237bbf17bf611c6053d230aee76c6f753e674f84376 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT content-encoding br x-content-type-options nosniff content-md5 atdQE3kdIyKbPLd92L0lmw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 30006 x-fb-debug JeCQZ8k+hIdMc7tbkAIa0BIh1JNURli+jA5vHlcXUbz7jvVO6HrG4xoIEeWYuBEHi0/w524Hid9IMpth4q+G+w== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Fri, 27 Sep 2024 02:56:39 GMT
GET H2	200	p55HfXW__mM.js Show response static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9D30	507 B 485 B	156ms 82ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT content-encoding br x-content-type-options nosniff content-md5 L5E9gSgR735vyjAzTFly4g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 293 x-fb-debug MFu9tucNHEdACm03CAclFHdppPUMFQVToKeH1rlsZRKgqQar21xFPo9iby6K7Dawnu7Ps3/HxBLzLk2ipEx8yQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sun, 15 Sep 2024 10:12:42 GMT
GET H2	200	327348394_1248859505711243_2750035139846531976_n.png scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 9D30	36 KB 36 KB	57ms 18ms	Image image/png	31.13.80.12 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/327348394_1248859505711243_2750035139846531976_n.png?stp=dst-png_p130x130&_nc_cat=1&ccb=1-7&_nc_sid=649c01&_nc_ohc=uwo5WezG5pYAX-55Czn&_nc_ht=scontent-yyz1-1.xx&edm=ANSO7JkEAAAA&oh=00_AfCTOdY_LJ2W6aYjMBhLrKXnkP78UVglQUqbADL6jo7FIQ&oe=651CC7E5 Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-yyz1.fbcdn.net Software / Resource Hash 7f0c0d5e15ee4b3a06964f2256fc37be30934a62b0e0bf61a00eb0aa47969eb6 Request headers accept-language en-CA,en;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET last-modified Wed, 25 Jan 2023 23:06:50 GMT content-type image/png access-control-allow-origin * content-digest adler32=3031024971 thrift_fmhk GBAXRT67C76umRIxZTAnavpLFfDr4Z0EAA== cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 1994070467 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 37042
GET H2	200	327314350_958311831838235_9193609540550948483_n.jpg scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9D30	1 KB 2 KB	56ms 18ms	Image image/jpeg	31.13.80.12 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/327314350_958311831838235_9193609540550948483_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=5fac6f&_nc_ohc=5UFMVktzP1cAX8LcCDX&_nc_ht=scontent-yyz1-1.xx&edm=ANSO7JkEAAAA&oh=00_AfC7nv8Iq-1U2AQywy87gyaM9o6Zc7aNnxXSt2WCvCRjlg&oe=651C7A9A Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1773ede1a146d8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-yyz1.fbcdn.net Software / Resource Hash fe0b009af4d6be99bb24436d2b2c67706fa3698e059d8df3bfa9f9c8857b42ae Request headers accept-language en-CA,en;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET last-modified Wed, 25 Jan 2023 23:06:49 GMT content-type image/jpeg access-control-allow-origin * content-digest adler32=1668121653 thrift_fmhk GBAaruifcEJKA4d6lk76jIgCFfDr4Z0EAA== cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 1162695912 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 1288
GET H2	200	FEppCFCt76d.png static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 03F7	299 B 548 B	34ms 34ms	Image image/png	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26418ba2e57ad8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers x-fb-debug Fz1WWmkBKp08F7aGQvYEWZtqulnNAKbFSY2uPLV5uGgkkuSDnQpddQrp7WTitJfnuZOu2t+x9Wz5HY8RkpxBRw== date Fri, 29 Sep 2023 20:47:14 GMT x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 OIlAxCmR79nrM/Ez4ygGlg== document-policy force-load-at-top content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 299 expires Sat, 28 Sep 2024 10:20:04 GMT
GET H3	200	5du41XTseoJ.js Show response static.xx.fbcdn.net/rsrc.php/v3iEpO4/yU/l/en_US/ Frame 03F7	521 KB 135 KB	35ms 35ms	XHR application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yU/l/en_US/5du41XTseoJ.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26418ba2e57ad8%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff1aab27d0734194%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2FlN4pKrL87Oem&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100 Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 6213817e9046b578814e634f37561b50b865f1907825a9e708a47c7be2db36f4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:14 GMT content-encoding br x-content-type-options nosniff content-md5 aj5Y7hx/m/E/OBEZqRSskw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 137757 x-fb-debug YrI+euA0VL7SgwzUMhsnTIhTS4fQFcGulLOI+nQKBSK8+X5LjaqWfg3Lx22UA94Awub1yVeh2wQnJ5mQyVtsWw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * priority u=1,i expires Fri, 27 Sep 2024 02:24:09 GMT
GET H/1.1	200 OK	pr Show response s.amazon-adsystem.com/v3/ Frame 2EEA	2 KB 2 KB	42ms 42ms	Document text/html	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&dcc=t Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash e86775eaa41f0a2fc213f6f8de9d09b7530ee8e10bc1091618a354645f3a7d58 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&dcc=t Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 1895 Content-Type text/html;charset=ISO-8859-1 Date Fri, 29 Sep 2023 20:47:14 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid 4EMKW14844G61Y55NG70
GET H2	200	UXtr_j2Fwe-.png static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 9D30	573 B 763 B	35ms 34ms	Image image/png	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/dI4IGAGAFHD.css?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/dI4IGAGAFHD.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers x-fb-debug otJfZmy89xdPg++8cKrlahOM9ITLhh67AUZBgnZnVIIoZ5c06aIkL4mrUq9apBszMgoJNePACIJ6JmjIuDkvNw== date Fri, 29 Sep 2023 20:47:14 GMT x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 07aG/2AEtDHVAZ5LUajMDQ== document-policy force-load-at-top content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 573 expires Sat, 28 Sep 2024 07:58:43 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 2EEA Redirect Chain https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=13cda7cf-50e7-40d8-9a4c-771990348fa1	43 B 479 B	42ms 42ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=13cda7cf-50e7-40d8-9a4c-771990348fa1 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Sep 2023 20:47:14 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid JT5EKE53NS576A1EXB4X Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=13cda7cf-50e7-40d8-9a4c-771990348fa1 date Fri, 29 Sep 2023 20:47:14 GMT server _ content-length 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 2EEA Redirect Chain https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D https://s.amazon-adsystem.com/ecm3?id=4450900DE1C740AEA4EA10485789EEE6&ex=simpli.fi&status=ok	43 B 479 B	41ms 41ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=4450900DE1C740AEA4EA10485789EEE6&ex=simpli.fi&status=ok Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Sep 2023 20:47:14 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid GWY8A7WT0DZJQDQR0241 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Fri, 29 Sep 2023 20:47:14 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://s.amazon-adsystem.com/ecm3?id=4450900DE1C740AEA4EA10485789EEE6&ex=simpli.fi&status=ok access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Thu, 28 Sep 2023 20:47:14 GMT
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame 2EEA Redirect Chain https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 https://sync.outbrain.com/sync-external?uid=mcvQ2Ku_hr4wUZ1oX28q&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63... https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252F... https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam... https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG... https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7... https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LN52RZ9H-1U-2CO8&obUid=q_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH&initiator=s2s&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA	0 287 B	32ms 32ms	Image text/plain	64.202.112.127 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LN52RZ9H-1U-2CO8&obUid=q_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH&initiator=s2s&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Fri, 29 Sep 2023 20:47:17 GMT Cache-Control no-cache X-TraceId d76721c844b4cca44dd389c26314b2de Content-Length 0 Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LN52RZ9H-1U-2CO8&obUid=q_yU5LPiSDuRMlWJiwJazCBE4nL85KcB4go8L_BkYzMzuWs1TfEa1fSH6gSrcpLH&initiator=s2s&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 19c1ac3b9706c83a73951eba4d239689 Expires 0
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame 431C Redirect Chain https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1	2 KB 813 B	51ms 50ms	Document text/html	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 109bff89e6900e75e4c2417adb8be677a0be5f095c6b498ac2c8039b25b8c867 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 80e7148469285407-YYZ content-encoding br content-type text/html date Fri, 29 Sep 2023 20:47:14 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATyszSaZreohZlev51Oeye%2FspXyooZBli2PgTeGSgS6I5QZnw%2BVWzqcQtFsFABOUATq07NkIRZ0TGsyEdyceCDBPjtfhkv4AA1Sb1pK%2FFBsxCbE6Vs0gDEmGTiaAW07P6e2a5M0nR6PUfA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 80e7148418c45407-YYZ content-length 0 date Fri, 29 Sep 2023 20:47:14 GMT expires 0 location /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo%2BBozE9GDyYJv8JHoPbh%2BfWfxhlC9Ye4wAnStgq4FAoynCrsxy6Kkce91OXuS%2Bg4Nk3qlvR%2FeMo65gFO%2FUMgTWMwOksDjN4Ax3EtbQmPzHhuaGvGwtv5rr8VhUaDHuJwrQnr1AZO625bg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame EDEE	15 KB 6 KB	110ms 32ms	Document text/html	23.54.68.197 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-54-68-197.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes cache-control max-age=164630 content-encoding gzip content-length 5606 content-type text/html date Fri, 29 Sep 2023 20:47:14 GMT expires Sun, 01 Oct 2023 18:31:04 GMT last-modified Fri, 01 Sep 2023 11:18:33 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 3DAE	281 B 554 B	91ms 29ms	Document text/html	104.76.106.83 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.76.106.83 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-76-106-83.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 29 Sep 2023 20:47:14 GMT ETag "40011-119-6051b805b8000" Last-Modified Mon, 11 Sep 2023 20:52:16 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame 67CC Redirect Chain https://ups.analytics.yahoo.com/ups/58251/sync?redir=true https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Hc2dBY2poRTJ1SXNXM1NtTTBSWEdweVJYT0FyNngxSX5B	43 B 479 B	66ms 49ms	Document image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Hc2dBY2poRTJ1SXNXM1NtTTBSWEdweVJYT0FyNngxSX5B Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Fri, 29 Sep 2023 20:47:14 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid JRD3TN78TTENH570J9JW Redirect headers age 0 content-length 0 date Fri, 29 Sep 2023 20:47:14 GMT location https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Hc2dBY2poRTJ1SXNXM1NtTTBSWEdweVJYT0FyNngxSX5B p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV server ATS/9.1.10.75 strict-transport-security max-age=31536000
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame 1DF2 Redirect Chain https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4fdbcacad02204b0&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABqlnzjxESOQMalZZUAAAAAAA&expiration=1696106834&is_secure=true	43 B 479 B	44ms 43ms	Document image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABqlnzjxESOQMalZZUAAAAAAA&expiration=1696106834&is_secure=true Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Fri, 29 Sep 2023 20:47:14 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid KQT3VM98HWHTF95GSF7H Redirect headers cache-control no-cache, private, max-age=0, no-store content-length 0 date Fri, 29 Sep 2023 20:47:14 GMT expires 0 location https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABqlnzjxESOQMalZZUAAAAAAA&expiration=1696106834&is_secure=true p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" pragma no-cache server nginx
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 3DAE	35 KB 11 KB	31ms 31ms	Script text/html	104.76.106.83 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.76.106.83 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-76-106-83.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 577ed2bc22ea1498673c3775edeca6d75877d9bc05e029ed4e831981e776ad26 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Fri, 29 Sep 2023 20:47:14 GMT Content-Encoding gzip Last-Modified Fri, 29 Sep 2023 14:51:35 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=65057 Connection keep-alive Content-Length 10474 Expires Sat, 30 Sep 2023 14:51:31 GMT
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame 431C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRc30kivLYQSPUthl-iJUAAADaMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZRc30kivLYQSPUthl-iJUAAADaMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL2mXhUffGCFnAP0-nfRzZU&google_cver=1	43 B 768 B	46ms 46ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL2mXhUffGCFnAP0-nfRzZU&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bP46oazUHiZw1dSWSpprBV0yJRnf8E8dWsqVYFXuwJE7W1wMETjbepP7jbMhJn1JNvI005HLVmGHGrqAdaeQ69H6jRmF8TpQGqJhj7Fkl81sZTUORCVsTR7E9hhyK%2BBXR53x2szxFXy%2FXA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80e7148568d736a2-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 29 Sep 2023 20:47:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL2mXhUffGCFnAP0-nfRzZU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 364 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 431C Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRc30kivLYQSPUthl.iJUAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFx9P8wrFRlr62-cAetbZOE&google_cver=1&google_hm=2	43 B 733 B	55ms 54ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFx9P8wrFRlr62-cAetbZOE&google_cver=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GApEdWPKZQ50LDx%2FpSph405wdWo0neMs5onlXsCXG5qALuL5%2B8Au%2BJeyLKPhUzwMGiBh1QG8RBi36sb5lvoGx2lGt4ohc6KX3CuWDvK8SEy715x0FPt8ZkJbGj9b%2BGo6XZR5jEUxiE644g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80e7148568d936a2-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 29 Sep 2023 20:47:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFx9P8wrFRlr62-cAetbZOE&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 330 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 431C Redirect Chain https://match.adsrvr.org/track/cmf/casale https://match.adsrvr.org/track/cmb/casale? https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b394d0c5-8a1a-4338-b204-f77c875cd736&expiration=1698612435&gdpr=0&gdpr_consent=	43 B 731 B	50ms 50ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b394d0c5-8a1a-4338-b204-f77c875cd736&expiration=1698612435&gdpr=0&gdpr_consent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvI94iAWHn5mYy5y38Q4bx9iLowa2OixzABDrGXyctnAk2ENNXzgeCHDenJb4DA8gSG2tDGwxCkmyrgkI%2BQUw9cmkhEh4I962g61OqMIH2W%2FcTlItI3kZHUMYMBvgGXBcBZOWFaw9p2EWg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80e714874bc136a2-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b394d0c5-8a1a-4338-b204-f77c875cd736&expiration=1698612435&gdpr=0&gdpr_consent= date Fri, 29 Sep 2023 20:47:15 GMT server Kestrel content-length 323
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 431C	43 B 855 B	80ms 50ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRc30kivLYQSPUthl-iJUAAADaMAAAIB&gpp=&gpp_sid= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Sep 2023 20:47:14 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid ZZ6JA1W90ZK08XP42P8D Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	113 match.deepintent.com/usersync/ Frame 431C	0 222 B	360ms 35ms	Image image/gif	169.197.150.8 DEEPINTENT
General Check archive.org Show headers Download Go to Show image Full URL https://match.deepintent.com/usersync/113 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US), Reverse DNS g.deepintent.com Software b / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers content-type image/gif date Fri, 29 Sep 2023 20:47:14 GMT server b content-length 0 p3p policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 431C Redirect Chain https://ad.turn.com/r/cs?pid=21 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3473910196971058608	43 B 732 B	55ms 55ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3473910196971058608 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl1ZCxpHrrRlEgoOpwHOZJW3LlDhb8juAyfFwMP98pGI5Antl4%2BvWgsrx%2BgoK8DOSP3aRIAuhVa84ElTOZogivpG8kRYVdajUAl0%2BhqLgTLASfwlxnY5bfxYvJxtIHrKyrHpeSNJE6z84Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80e71485993936a2-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3473910196971058608 pragma no-cache date Fri, 29 Sep 2023 20:47:14 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	crum dsum.casalemedia.com/ Frame 431C Redirect Chain https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=8b987880-65af-4337-ae71-b6372a366d9e	43 B 549 B	53ms 49ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=8b987880-65af-4337-ae71-b6372a366d9e Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol H2 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba1N7xToxEevL1oqPqejaLE66R9zzjF%2BFzZdlEJYO7VNgbEJg9a89wMy6VzThAd2VkXvS8qSev9fl2bRwqBvEMAYbGKqatzF10LAzomSZ%2FkJkRfm%2FX1BLrh0LtcTwqXkwMwW9rZR"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80e7149ac9665407-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers x-servername Track003-iad pragma no-cache date Fri, 29 Sep 2023 20:46:37 GMT strict-transport-security max-age=31536000; content-type text/html; charset=utf-8 location https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=8b987880-65af-4337-ae71-b6372a366d9e cache-control private,no-cache content-length 222 expires -1
GET H3	200	crum dsum-sec.casalemedia.com/ Frame 431C Redirect Chain https://beacon.lynx.cognitivlabs.com/ix.gif https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd8eeb24-0032-4631-bfac-669bcc15a931&expiration=1727642836	43 B 730 B	52ms 52ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd8eeb24-0032-4631-bfac-669bcc15a931&expiration=1727642836 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:16 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfnDJb9mivvLtbqxMkvtuADPajDqCTd4YIvtE8qjHZapOCLIzY3fn4KYWSA6Jvvowo8GFaSnJjzB6%2FmXEXFw6tHyUgLIhyuY0vgyD7FumULxArAm5lT4NAM3HtUseAqkHjMVLiWZ061lUA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80e7148dad2e36a2-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dd8eeb24-0032-4631-bfac-669bcc15a931&expiration=1727642836 Date Fri, 29 Sep 2023 20:47:16 GMT Server Kestrel Connection keep-alive Content-Length 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 431C	43 B 479 B	120ms 40ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZRc30kivLYQSPUthl-iJUAAADaMAAAIB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Sep 2023 20:47:14 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 2VMBYGCV2ETMPPBRJERF Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	khaos.json Show response token.rubiconproject.com/ Frame 3DAE	7 B 778 B	116ms 39ms	XHR application/json	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://token.rubiconproject.com/khaos.json? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type application/json; charset=UTF-8 access-control-allow-origin https://eus.rubiconproject.com Cache-Control no-cache,no-store,must-revalidate access-control-allow-credentials true content-length 7 X-RPHost a3627e8efa32d23b7838eace974fecff Expires 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 3DAE Redirect Chain https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LN52RZ9H-1U-2CO8 https://s.amazon-adsystem.com/ecm3?id=LN52RZ9H-1U-2CO8&ex=d-rubiconproject.com&status=ok	43 B 479 B	42ms 41ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=LN52RZ9H-1U-2CO8&ex=d-rubiconproject.com&status=ok Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Sep 2023 20:47:15 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid F079CVZYA0SQ9BF9Q0TS Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://s.amazon-adsystem.com/ecm3?id=LN52RZ9H-1U-2CO8&ex=d-rubiconproject.com&status=ok Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 314e432eb2d967cf733b82bdbbe35231 Expires 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 3DAE Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b394d0c5-8a1a-4338-b204-f77c875cd736&gdpr=0&gdpr_consent=&expires=30	42 B 691 B	141ms 35ms	Image image/gif	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b394d0c5-8a1a-4338-b204-f77c875cd736&gdpr=0&gdpr_consent=&expires=30 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost a3627e8efa32d23b7838eace974fecff P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b394d0c5-8a1a-4338-b204-f77c875cd736&gdpr=0&gdpr_consent=&expires=30 date Fri, 29 Sep 2023 20:47:15 GMT server Kestrel content-length 289
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 3DAE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOG8QFeKzQxdmXb_6RE4mI&google_cver=1	42 B 691 B	169ms 36ms	Image image/gif	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOG8QFeKzQxdmXb_6RE4mI&google_cver=1 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost a3627e8efa32d23b7838eace974fecff P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Fri, 29 Sep 2023 20:47:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOG8QFeKzQxdmXb_6RE4mI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 3DAE Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/_0Lh89EMZIoKttL5h0CYw8n5EUdSAgOZEtemQ7w0kco?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Wk2P4tBE2oJMa.uYs9aaMxt4IBrntbZKIIKQUA--~A	42 B 691 B	35ms 35ms	Image image/gif	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Wk2P4tBE2oJMa.uYs9aaMxt4IBrntbZKIIKQUA--~A Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost a3627e8efa32d23b7838eace974fecff P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Fri, 29 Sep 2023 20:47:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Wk2P4tBE2oJMa.uYs9aaMxt4IBrntbZKIIKQUA--~A content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3DAE Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE41MlJaOUgtMVUtMkNPOA== https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHe5ej2drX4zzl6VirttsFg&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41MlJaOUgtMVUtMkNPOA==&google_push=	170 B 188 B	45ms 45ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41MlJaOUgtMVUtMkNPOA==&google_push= Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol H3 Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE41MlJaOUgtMVUtMkNPOA==&google_push= Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost a3627e8efa32d23b7838eace974fecff Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3DAE Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxMzk5MTMzZjQ5MWZkYjk5ODgxYjJmYTgyYjZiYjM2MDQwYTM3Mg	170 B 188 B	45ms 45ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxMzk5MTMzZjQ5MWZkYjk5ODgxYjJmYTgyYjZiYjM2MDQwYTM3Mg Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol H3 Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Fri, 29 Sep 2023 20:47:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxMzk5MTMzZjQ5MWZkYjk5ODgxYjJmYTgyYjZiYjM2MDQwYTM3Mg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost a3627e8efa32d23b7838eace974fecff P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 3DAE Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tk7RYZj9Sp-m69iYOHm7Iw&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tk7RYZj9Sp-m69iYOHm7Iw	43 B 479 B	42ms 41ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tk7RYZj9Sp-m69iYOHm7Iw Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Sep 2023 20:47:15 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid FX3M7ZNV1TK27YWKQQN5 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tk7RYZj9Sp-m69iYOHm7Iw Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost a3627e8efa32d23b7838eace974fecff P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	setuid px.ads.linkedin.com/ Frame 3DAE Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN52RZ9H-1U-2CO8	0 513 B	131ms 65ms	Image text/plain	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN52RZ9H-1U-2CO8 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:15 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 295F1BF7F1AA41A3814AF1541AEC9AE7 Ref B: YTO01EDGE0416 Ref C: 2023-09-29T20:47:15Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYGhYeZBO30tKxT7O5alA== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN52RZ9H-1U-2CO8 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 6734403d2cb3625dc1fef1bbd4a17cf3 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	dcm aax-eu.amazon-adsystem.com/s/ Frame 3DAE	43 B 855 B	776ms 193ms	Image image/gif	54.239.33.158 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Sep 2023 20:47:16 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 09PYB8TFPV0045BPTFZ1 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	rp match.prod.bidr.io/cookie-sync/ Frame 3DAE	43 B 433 B	1182ms 35ms	Image image/gif	52.44.219.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.44.219.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-44-219-98.compute-1.amazonaws.com Software gunicorn / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache Date Fri, 29 Sep 2023 20:47:16 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn content-type image/gif p3p CP="This is not a P3P policy! See https://beeswax.com/privacy for more info." cache-control no-cache, must-revalidate Connection keep-alive Content-Length 43 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		setuid ib.adnxs.com/prebid/ Frame 3DAE Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LN52RZ9H-1U-2CO8	0 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 3DAE Redirect Chain https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=41da62e9-3dc5-4f2f-b77a-ba4c7a00ae50&expires=30	42 B 691 B	37ms 36ms	Image image/gif	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=41da62e9-3dc5-4f2f-b77a-ba4c7a00ae50&expires=30 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost a3627e8efa32d23b7838eace974fecff P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Location https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=41da62e9-3dc5-4f2f-b77a-ba4c7a00ae50&expires=30 Date Fri, 29 Sep 2023 20:47:16 GMT Connection keep-alive X-CI-RTID 6c36ed35-6097-4c0d-b4e3-744de685adc8 Content-Length 144 Content-Type text/html; charset=utf-8
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame 3DAE Redirect Chain https://token.rubiconproject.com/token?pid=37556&a=1 https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN52RZ9H-1U-2CO8 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN52RZ9H-1U-2CO8	95 B 437 B	55ms 54ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN52RZ9H-1U-2CO8 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-vmg_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:47:16 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Fri, 29 Sep 2023 20:47:16 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN52RZ9H-1U-2CO8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

quantcast.mgr.consensu.org

URL

https://quantcast.mgr.consensu.org/choice/n-ZGqfdsg5894/prnt.sc/choice.js

Domain

ib.adnxs.com

URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LN52RZ9H-1U-2CO8